A process for management of Internet-of-Things (IoT) devices includes a management system for identifying, interrogating, and updating devices connected to one or more networks. The management system can include a data store for storing various data related to the devices and the various processes of the management system. The management system can include a controller for executing processes such as interrogation processes, firmware change processes, credential change processes, and other processes. The controller can determine versions of firmware and other configuration properties of a device and generate various profiles for updating the firmware and other configuration properties. The controller can determine upgrade paths for updating the firmware and other configuration properties from a first version to a second version, the upgrade paths including one or more intermediary versions for facilitating the upgrade path. The management system can update devices individually, on a device family basis, or on a system-wide basis.
G06F 8/654 - Updates using techniques specially adapted for alterable solid state memories, e.g. for EEPROM or flash memories
G06F 8/71 - Version control Configuration management
G06F 21/57 - Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
H04L 9/00 - Arrangements for secret or secure communicationsNetwork security protocols
H04L 9/06 - Arrangements for secret or secure communicationsNetwork security protocols the encryption apparatus using shift registers or memories for blockwise coding, e.g. D.E.S. systems
H04L 9/32 - Arrangements for secret or secure communicationsNetwork security protocols including means for verifying the identity or authority of a user of the system
H04L 67/00 - Network arrangements or protocols for supporting network services or applications
2.
HYBRID TECHNIQUES OF DYNAMIC DISCOVERY, THREAT DETECTION, ASSESSMENT, RESPONSE, AND MONITORING OF XIOT DEVICES ON A NETWORK
In some embodiments, a hybrid approach is provided for discovering devices on a network, assessing if the devices are vulnerable to security threats and malicious attacks, remediating the devices that are vulnerable, detecting security threats and malicious attacks on the network, and responding to such threats and attacks. In some implementations, a hybrid site manager for the network passively scans the network, obtains information about a network device, and actively transmits a probe to the network device based on the obtained information. In some embodiments, the hybrid site manager actively sends a probe over the network to a network device, receives a response to the probe, and modifies how it passively scans the network based on the response to the probe.
In some embodiments, a hybrid approach is provided for discovering devices on a network, assessing if the devices are vulnerable to security threats and malicious attacks, remediating the devices that are vulnerable, detecting security threats and malicious attacks on the network, and responding to such threats and attacks. In some implementations, a hybrid site manager for the network passively scans the network, obtains information about a network device, and actively transmits a probe to the network device based on the obtained information. In some embodiments, the hybrid site manager actively sends a probe over the network to a network device, receives a response to the probe, and modifies how it passively scans the network based on the response to the probe.
A method for identifying devices on a network, comprising: determining, by a discovery application, a prioritized discovery plan including a plurality of tiers of requests, each of the tiers specifying one or more probes for targeting specific types of devices. For each of the tiers in the prioritized discovery plan: the method further comprises causing, by the discovery application, one or more of the probes specified for the tier to transmit targeted requests to a set of active addresses on the network. Upon receiving responses from at least a subset of the one or more addresses, the method comprises identifying, by the discovery application, one or more devices connected to the network based on the responses to the targeted requests. The method further comprises removing, by the discovery application, addresses corresponding to the identified one or more devices from the set of active addresses on the network.
A method for identifying devices on a network, comprising: determining, by a discovery application, a prioritized discovery plan including a plurality of tiers of requests, each of the tiers specifying one or more probes for targeting specific types of devices. For each of the tiers in the prioritized discovery plan: the method further comprises causing, by the discovery application, one or more of the probes specified for the tier to transmit targeted requests to a set of active addresses on the network. Upon receiving responses from at least a subset of the one or more addresses, the method comprises identifying, by the discovery application, one or more devices connected to the network based on the responses to the targeted requests. The method further comprises removing, by the discovery application, addresses corresponding to the identified one or more devices from the set of active addresses on the network.
A process for management of Internet-of-Things (IoT) devices includes a management system for identifying, interrogating, and updating devices connected to one or more networks. The management system can include a data store for storing various data related to the devices and the various processes of the management system. The management system can include a controller for executing processes such as interrogation processes, firmware change processes, credential change processes, and other processes. The controller can determine versions of firmware and other configuration properties of a device and generate various profiles for updating the firmware and other configuration properties. The controller can determine upgrade paths for updating the firmware and other configuration properties from a first version to a second version, the upgrade paths including one or more intermediary versions for facilitating the upgrade path. The management system can update devices individually, on a device family basis, or on a system-wide basis.
G06F 8/654 - Updates using techniques specially adapted for alterable solid state memories, e.g. for EEPROM or flash memories
G06F 8/71 - Version control Configuration management
G06F 21/57 - Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
H04L 9/06 - Arrangements for secret or secure communicationsNetwork security protocols the encryption apparatus using shift registers or memories for blockwise coding, e.g. D.E.S. systems
H04L 9/32 - Arrangements for secret or secure communicationsNetwork security protocols including means for verifying the identity or authority of a user of the system
H04L 67/00 - Network arrangements or protocols for supporting network services or applications
H04L 9/00 - Arrangements for secret or secure communicationsNetwork security protocols
7.
Identifying devices on a network with minimal impact to the network
A method for identifying devices on a network, comprising: determining, by a discovery application, a prioritized discovery plan including a plurality of tiers of requests, each of the tiers specifying one or more probes for targeting specific types of devices. For each of the tiers in the prioritized discovery plan: the method further comprises causing, by the discovery application, one or more of the probes specified for the tier to transmit targeted requests to a set of active addresses on the network. Upon receiving responses from at least a subset of the one or more addresses, the method comprises identifying, by the discovery application, one or more devices connected to the network based on the responses to the targeted requests. The method further comprises removing, by the discovery application, addresses corresponding to the identified one or more devices from the set of active addresses on the network.
A process for management of Internet-of-Things (IoT) devices includes a management system for identifying, interrogating, and updating devices connected to one or more networks. The management system can include a data store for storing various data related to the devices and the various processes of the management system. The management system can include a controller for executing processes such as interrogation processes, firmware change processes, credential change processes, and other processes. The controller can determine versions of firmware and other configuration properties of a device and generate various profiles for updating the firmware and other configuration properties. The controller can determine upgrade paths for updating the firmware and other configuration properties from a first version to a second version, the upgrade paths including one or more intermediary versions for facilitating the upgrade path. The management system can update devices individually, on a device family basis, or on a system-wide basis.
G06F 9/44 - Arrangements for executing specific programs
G06F 8/654 - Updates using techniques specially adapted for alterable solid state memories, e.g. for EEPROM or flash memories
G06F 8/71 - Version control Configuration management
G06F 21/57 - Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
H04L 9/06 - Arrangements for secret or secure communicationsNetwork security protocols the encryption apparatus using shift registers or memories for blockwise coding, e.g. D.E.S. systems
H04L 9/32 - Arrangements for secret or secure communicationsNetwork security protocols including means for verifying the identity or authority of a user of the system
H04L 67/00 - Network arrangements or protocols for supporting network services or applications
H04L 9/00 - Arrangements for secret or secure communicationsNetwork security protocols
A process for management of Internet-of-Things (IoT) devices includes a management system for identifying, interrogating, and updating devices connected to one or more networks. The management system can include a data store for storing various data related to the devices and the various processes of the management system. The management system can include a controller for executing processes such as interrogation processes, firmware change processes, credential change processes, and other processes. The controller can determine versions of firmware and other configuration properties of a device and generate various profiles for updating the firmware and other configuration properties. The controller can determine upgrade paths for updating the firmware and other configuration properties from a first version to a second version, the upgrade paths including one or more intermediary versions for facilitating the upgrade path. The management system can update devices individually, on a device family basis, or on a system-wide basis.
H04L 9/06 - Arrangements for secret or secure communicationsNetwork security protocols the encryption apparatus using shift registers or memories for blockwise coding, e.g. D.E.S. systems
H04L 67/00 - Network arrangements or protocols for supporting network services or applications
H04L 9/32 - Arrangements for secret or secure communicationsNetwork security protocols including means for verifying the identity or authority of a user of the system
G06F 21/57 - Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
G06F 8/71 - Version control Configuration management
H04L 9/00 - Arrangements for secret or secure communicationsNetwork security protocols
09 - Scientific and electric apparatus and instruments
42 - Scientific, technological and industrial services, research and design
Goods & Services
(1) Downloadable software featuring cybersecurity software; downloadable software, namely, software for assessing organization risk within a business relating to cybersecurity threats; downloadable software, namely, software for detecting, assessing, and remediating vulnerabilities' to preventInternet of Things (IoT) devices from launch network attacksand cybersecurity threats; downloadable software, namely, software for use in detecting expired firmware and software,and managing password and access credentials; cybersecurityservices, namely, developing, implementing, and monitoring information technology and computer security protocols to mitigate organizational risk and to prevent unauthorized accessto business networks and information technology infrastructure. (1) Software as a Service (SaaS) services featuring cybersecuritysoftware; Software as a Service (SaaS) services, namely, software for assessing organization risk within a business relating to cybersecurity threats; Software as a Service (SaaS)services, namely, software for detecting, assessing, and remediating vulnerabilities' to prevent Internet of Things (IoT)devices from launch network attacks and cybersecurity threats;Software as a Service (SaaS) services, namely, software for use in detecting expired firmware and software, and managingpassword and access credentials; cybersecurity services, namely, developing, implementing, and monitoring information technology and computer security protocols to mitigate organizational risk and to prevent unauthorized accessto business networks and information technology infrastructure.
09 - Scientific and electric apparatus and instruments
42 - Scientific, technological and industrial services, research and design
Goods & Services
Downloadable software featuring cybersecurity software; downloadable software, namely, software for assessing organization risk within a business relating to cybersecurity threats; downloadable software, namely, software for detecting, assessing, and remediating vulnerabilities' to prevent internet of things (iot) devices from launch network attacks and cybersecurity threats; downloadable software, namely, software for use in detecting expired firmware and software, and managing password and access credentials; none of the aforementioned goods being intended for devices using the Internet of Things (IoT) for quality control; none of the above products using artificial intelligence algorithms. Software as a service (saas) services featuring cybersecurity software; software as a service (saas) services, namely, software for assessing organization risk within a business relating to cybersecurity threats; software as a service (saas) services, namely, software for detecting, assessing, and remediating vulnerabilities' to prevent internet of things (iot) devices from launch network attacks and cybersecurity threats; software as a service (saas) services, namely, software for use in detecting expired firmware and software, and managing password and access credentials; cybersecurity services, namely, developing, implementing, and monitoring information technology and computer security protocols to mitigate organizational risk and to prevent unauthorized access to business networks and information technology infrastructure; none of the aforementioned services being offered in relation to the Internet of Things (IoT) for quality control; all the above services excluding any implementation, design and development of artificial intelligence algorithms.
09 - Scientific and electric apparatus and instruments
42 - Scientific, technological and industrial services, research and design
Goods & Services
Downloadable software featuring cybersecurity software; downloadable software, namely, software for assessing organization risk within a business relating to cybersecurity threats; downloadable software, namely, software for detecting, assessing, and remediating vulnerabilities' to prevent internet of things (iot) devices from launch network attacks and cybersecurity threats; downloadable software, namely, software for use in detecting expired firmware and software, and managing password and access credentials. Software as a service (saas) services featuring cybersecurity software; software as a service (saas) services, namely, software for assessing organization risk within a business relating to cybersecurity threats; software as a service (saas) services, namely, software for detecting, assessing, and remediating vulnerabilities' to prevent internet of things (iot) devices from launch network attacks and cybersecurity threats; software as a service (saas) services, namely, software for use in detecting expired firmware and software, and managing password and access credentials; cybersecurity services, namely, developing, implementing, and monitoring information technology and computer security protocols to mitigate organizational risk and to prevent unauthorized access to business networks and information technology infrastructure.
42 - Scientific, technological and industrial services, research and design
Goods & Services
Software as a Service (SaaS) services featuring cybersecurity software; Software as a Service (SaaS) services featuring software for assessing organization risk within a business relating to cybersecurity threats; Software as a Service (SaaS) services featuring software for detecting, assessing, and remediating vulnerabilities' to prevent Internet of Things (IoT) devices from launch network attacks and cybersecurity threats; Software as a Service (SaaS) services featuring software for use in detecting expired firmware and software, and managing password and access credentials; cybersecurity services, namely, developing, implementing, and monitoring information technology and computer security protocols to mitigate organizational risk and to prevent unauthorized access to business networks and information technology infrastructure; none of the aforementioned services being offered in relation to the Internet of Things (IoT) for quality control; all the above services excluding any implementation, design and development of artificial intelligence algorithms
09 - Scientific and electric apparatus and instruments
42 - Scientific, technological and industrial services, research and design
Goods & Services
Downloadable computer software featuring cybersecurity software; downloadable computer software, namely, software for assessing organization risk within a business relating to cybersecurity threats; downloadable computer software, namely, software for detecting, assessing, and remediating vulnerabilities' to prevent Internet of Things (IoT) devices from launch network attacks and cybersecurity threats; downloadable computer software, namely, software for use in detecting expired firmware and software, and managing password and access credentials; none of the aforementioned goods being intended for devices using the Internet of Things (IoT) for quality control; none of the above products using artificial intelligence algorithms Software as a Service (SaaS) services featuring cybersecurity software; Software as a Service (SaaS) services featuring software for assessing organization risk within a business relating to cybersecurity threats; Software as a Service (SaaS) services featuring software for detecting, assessing, and remediating vulnerabilities' to prevent Internet of Things (IoT) devices from launch network attacks and cybersecurity threats; Software as a Service (SaaS) services featuring software for use in detecting expired firmware and software, and managing password and access credentials; cybersecurity services, namely, developing, implementing, and monitoring information technology and computer security protocols to mitigate organizational risk and to prevent unauthorized access to business networks and information technology infrastructure; none of the aforementioned services being offered in relation to the Internet of Things (IoT) for quality control; all the above services excluding any implementation, design and development of artificial intelligence algorithms
15.
End-point configuration and hardening for IoT devices
A process for management of Internet-of-Things (IoT) devices includes a management system for identifying, interrogating, and updating devices connected to one or more networks. The management system can include a data store for storing various data related to the devices and the various processes of the management system. The management system can include a controller for executing processes such as interrogation processes, firmware change processes, credential change processes, and other processes. The controller can determine versions of firmware and other configuration properties of a device and generate various profiles for updating the firmware and other configuration properties. The controller can determine upgrade paths for updating the firmware and other configuration properties from a first version to a second version, the upgrade paths including one or more intermediary versions for facilitating the upgrade path. The management system can update devices individually, on a device family basis, or on a system-wide basis.
H04L 9/06 - Arrangements for secret or secure communicationsNetwork security protocols the encryption apparatus using shift registers or memories for blockwise coding, e.g. D.E.S. systems
H04L 67/00 - Network arrangements or protocols for supporting network services or applications
H04L 9/32 - Arrangements for secret or secure communicationsNetwork security protocols including means for verifying the identity or authority of a user of the system
G06F 21/57 - Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
G06F 8/71 - Version control Configuration management
H04L 9/00 - Arrangements for secret or secure communicationsNetwork security protocols
A process for management of Internet-of-Things (IoT) devices includes a management system for identifying, interrogating, and updating devices connected to one or more networks. The management system can include a data store for storing various data related to the devices and the various processes of the management system. The management system can include a controller for executing processes such as interrogation processes, firmware change processes, credential change processes, and other processes. The controller can determine versions of firmware and other configuration properties of a device and generate various profiles for updating the firmware and other configuration properties. The controller can determine upgrade paths for updating the firmware and other configuration properties from a first version to a second version, the upgrade paths including one or more intermediary versions for facilitating the upgrade path. The management system can update devices individually, on a device family basis, or on a system-wide basis.
H04L 9/06 - Arrangements for secret or secure communicationsNetwork security protocols the encryption apparatus using shift registers or memories for blockwise coding, e.g. D.E.S. systems
H04L 67/00 - Network arrangements or protocols for supporting network services or applications
H04L 9/32 - Arrangements for secret or secure communicationsNetwork security protocols including means for verifying the identity or authority of a user of the system
G06F 21/57 - Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
G06F 8/71 - Version control Configuration management
A process for management of Internet-of-Things (IoT) devices includes a management system for identifying, interrogating, and updating devices connected to one or more networks. The management system can include a data store for storing various data related to the devices and the various processes of the management system. The management system can include a controller for executing processes such as interrogation processes, firmware change processes, credential change processes, and other processes. The controller can determine versions of firmware and other configuration properties of a device and generate various profiles for updating the firmware and other configuration properties. The controller can determine upgrade paths for updating the firmware and other configuration properties from a first version to a second version, the upgrade paths including one or more intermediary versions for facilitating the upgrade path. The management system can update devices individually, on a device family basis, or on a system-wide basis.
H04L 9/06 - Arrangements for secret or secure communicationsNetwork security protocols the encryption apparatus using shift registers or memories for blockwise coding, e.g. D.E.S. systems
H04L 67/00 - Network arrangements or protocols for supporting network services or applications
H04L 9/32 - Arrangements for secret or secure communicationsNetwork security protocols including means for verifying the identity or authority of a user of the system
G06F 21/57 - Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
G06F 8/71 - Version control Configuration management
A process for management of Internet-of-Things (IoT) devices includes a management system for identifying, interrogating, and updating devices connected to one or more networks. The management system can include a data store for storing various data related to the devices and the various processes of the management system. The management system can include a controller for executing processes such as interrogation processes, firmware change processes, credential change processes, and other processes. The controller can determine versions of firmware and other configuration properties of a device and generate various profiles for updating the firmware and other configuration properties. The controller can determine upgrade paths for updating the firmware and other configuration properties from a first version to a second version, the upgrade paths including one or more intermediary versions for facilitating the upgrade path. The management system can update devices individually, on a device family basis, or on a system-wide basis.
H04L 9/06 - Arrangements for secret or secure communicationsNetwork security protocols the encryption apparatus using shift registers or memories for blockwise coding, e.g. D.E.S. systems
H04L 67/00 - Network arrangements or protocols for supporting network services or applications
H04L 9/32 - Arrangements for secret or secure communicationsNetwork security protocols including means for verifying the identity or authority of a user of the system
G06F 21/57 - Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
G06F 8/71 - Version control Configuration management
H04L 9/00 - Arrangements for secret or secure communicationsNetwork security protocols
A process for management of Internet-of-Things (IoT) devices includes a management system for identifying, interrogating, and updating devices connected to one or more networks. The management system can include a data store for storing various data related to the devices and the various processes of the management system. The management system can include a controller for executing processes such as interrogation processes, firmware change processes, credential change processes, and other processes. The controller can determine versions of firmware and other configuration properties of a device and generate various profiles for updating the firmware and other configuration properties. The controller can determine upgrade paths for updating the firmware and other configuration properties from a first version to a second version, the upgrade paths including one or more intermediary versions for facilitating the upgrade path. The management system can update devices individually, on a device family basis, or on a system-wide basis.
