公开(公告)号：US10050997B2

公开(公告)日：2018-08-14

申请号：US15854571

申请日：2017-12-26

Applicant: Intuit Inc.

Inventor： M. Shannon Lietz ,  Luis Felipe Cabrera ,  Thomas Bishop ,  Brett Weaver ,  Capen Brinkley

IPC: H04L29/06 ,  G06F21/60 ,  G06F21/57

Abstract: A method and system for protecting and repairing a current virtual asset from damage by potential security threats, according to one embodiment. The method and system include monitoring a current a current virtual asset for potential security threats, with a virtual asset agent, according to one embodiment. The method and system include determining a severity of the potential security threats that are identified by the virtual asset agent, according to one embodiment. The method and system include creating a new virtual asset with the virtual asset agent and decommissioning the current virtual asset, according to one embodiment. The system and method receiving, with the new virtual asset, secrets that are associated with the current virtual asset to enable the new virtual asset to continue operations of the current virtual asset, according to one embodiment.

公开(公告)号：US09384362B2

公开(公告)日：2016-07-05

申请号：US14053488

申请日：2013-10-14

Applicant: Intuit Inc.

Inventor： Luis Felipe Cabrera ,  M. Shannon Lietz ,  James Armitage ,  Oleg Gryb ,  Elangovan Shanmugam ,  Sabu Kuruvila Philip ,  Brett Weaver ,  Thomas Bishop ,  Troy Otillio ,  Jinglei Whitehouse ,  Jeffrey M. Wolfe ,  Ankur Jain

IPC: G06F17/00 ,  H04L29/06 ,  G06F21/62 ,  G06F21/33

CPC classification number: G06F21/6218 ,  G06F21/33 ,  G06F21/335 ,  H04L9/321 ,  H04L9/3226 ,  H04L63/062 ,  H04L63/0884 ,  H04W12/04

Abstract: Secrets data representing one or more secrets required to access associated resources is provided along with secrets distribution policy data representing one or more secrets distribution factors used to control the distribution of the secrets. When a requesting virtual asset submits secrets request data, virtual asset profile data associated with the requesting virtual asset is obtained. The requesting virtual asset profile data is then analyzed using at least one of the secrets distribution factors to authenticate the requesting virtual asset. The requesting virtual asset profile data is then analyzed using one or more of secrets distribution factors to determine what secrets the requesting virtual asset legitimately needs. Authorized secrets data for the requesting virtual asset representing one or more authorized secrets is then generated. The requesting virtual asset is then provided access to the authorized secrets data.

Abstract translation: 提供表示访问相关资源所需的一个或多个秘密的数据，以及代表用于控制秘密分布的一个或多个秘密分发因子的秘密分发策略数据。 当请求的虚拟资产提交秘密请求数据时，获得与请求的虚拟资产相关联的虚拟资产简档数据。 然后使用至少一个秘密分发因子来分析请求的虚拟资产简档数据，以验证请求的虚拟资产。 然后使用一个或多个秘密分布因子来分析请求的虚拟资产简档数据，以确定请求的虚拟资产合法需要什么秘密。 然后生成表示一个或多个授权秘密的请求虚拟资产的授权秘密数据。 然后，向请求的虚拟资产提供对授权秘密数据的访问。

公开(公告)号：US09245117B2

公开(公告)日：2016-01-26

申请号：US14231141

申请日：2014-03-31

Applicant: Intuit Inc.

Inventor： Brett Weaver ,  Javier Godinez ,  Capen Brinkley ,  Thomas Bishop ,  M. Shannon Lietz ,  Luis Felipe Cabrera

IPC: G06F21/00 ,  G06F21/55

CPC classification number: G06F11/3608 ,  G06F11/36 ,  G06F11/3612 ,  G06F11/3664 ,  G06F11/3692 ,  G06F21/55

Abstract: An application is implemented in the production environment in which the application will be used. Two or more backend systems are used to implement different versions of the application using the production environment in which the application will actually be used and accessed. Actual user data is received. A first portion of the actual user data is routed and processed in the production environment using a first version of the application and a first backend system of the two or more backend systems. A second portion of the actual user data is also routed and processed in the production environment but using a second version of the application and a second backend system of the two or more backend systems. The results data is then analyzed to evaluate the various versions of the application in the production environment.

公开(公告)号：US20150312274A1

公开(公告)日：2015-10-29

申请号：US14261621

申请日：2014-04-25

Applicant: Intuit Inc.

Inventor： Thomas Bishop ,  Brett Weaver ,  Christian Price ,  Javier Godinez ,  Capen Brinkley ,  M. Shannon Lietz ,  Luis Felipe Cabrera

IPC: H04L29/06

CPC classification number: H04L63/20 ,  H04L41/5009 ,  H04L41/5096

Abstract: Asset security compliance data ensuring defined asset security policies are applied to the creation and/or operation of assets to be used to implement an application and application deployment security compliance data for ensuring compliance with one or more application deployment security policies associated with the deployment of assets used to implement the application is generated. The asset security compliance data is then used to ensure each asset used to implement the application is created and used in compliance with asset security policies and the application deployment security compliance data is used to ensure that each asset used to implement the application is deployed in compliance with the application deployment security policies.

Abstract translation: 确保定义的资产安全策略的资产安全合规性数据应用于用于实施应用程序和应用程序部署安全合规性数据的资产的创建和/或操作，以确保符合与部署资产相关联的一个或多个应用程序部署安全策略 用于实现应用程序生成。 然后使用资产安全合规性数据确保用于实施应用程序的每个资产都是按照资产安全策略创建和使用的，并且应用程序部署安全合规性数据用于确保用于实施应用程序的每个资产都按照规定进行部署 与应用部署安全策略。

公开(公告)号：US20150278523A1

公开(公告)日：2015-10-01

申请号：US14231253

申请日：2014-03-31

Applicant: Intuit Inc.

Inventor： Capen Brinkley ,  Javier Godinez ,  Thomas Bishop ,  Brett Weaver ,  M. Shannon Lietz ,  Luis Felipe Cabrera

IPC: G06F21/57

CPC classification number: G06F11/3664

Abstract: An application is implemented in the production environment in which the application will be used. Two or more backend systems are provided. Actual user data is received. The actual user data is routed and processed in the production environment using a first backend system of the two or more backend systems. Fabricated user data is generated, routed, and also processed in the production environment but using a second backend system of the two or more backend systems. Results data from the processing of the fabricated user data is then analyzed to evaluate the production environment and/or operation of the application in the production environment.

Abstract translation: 在应用程序将在其中使用的生产环境中实现应用程序。 提供两个或更多个后端系统。 收到实际的用户数据。 使用两个或更多个后端系统的第一后端系统在生产环境中路由和处理实际的用户数据。 制造的用户数据在生产环境中生成，路由和处理，但使用两个或更多后端系统的第二后端系统。 然后分析来自处理制造的用户数据的结果数据，以评估生产环境中的生产环境和/或应用的操作。

公开(公告)号：US20150106869A1

公开(公告)日：2015-04-16

申请号：US14053488

申请日：2013-10-14

Applicant: Intuit Inc.

Inventor： Luis Felipe Cabrera ,  M. Shannon Lietz ,  James Armitage ,  Oleg Gryb ,  Elangovan Shanmugam ,  Sabu Kuruvila Philip ,  Brett Weaver ,  Thomas Bishop ,  Troy Otillio ,  Jinglei Whitehouse ,  Jeffrey M. Wolfe ,  Ankur Jain

IPC: G06F21/60 ,  G06F21/30

CPC classification number: G06F21/6218 ,  G06F21/33 ,  G06F21/335 ,  H04L9/321 ,  H04L9/3226 ,  H04L63/062 ,  H04L63/0884 ,  H04W12/04

Abstract: Secrets data representing one or more secrets required to access associated resources is provided along with secrets distribution policy data representing one or more secrets distribution factors used to control the distribution of the secrets. When a requesting virtual asset submits secrets request data, virtual asset profile data associated with the requesting virtual asset is obtained. The requesting virtual asset profile data is then analyzed using at least one of the secrets distribution factors to authenticate the requesting virtual asset. The requesting virtual asset profile data is then analyzed using one or more of secrets distribution factors to determine what secrets the requesting virtual asset legitimately needs. Authorized secrets data for the requesting virtual asset representing one or more authorized secrets is then generated. The requesting virtual asset is then provided access to the authorized secrets data.

Abstract translation: 提供表示访问相关资源所需的一个或多个秘密的数据，以及代表用于控制秘密分布的一个或多个秘密分发因子的秘密分发策略数据。 当请求的虚拟资产提交秘密请求数据时，获得与请求的虚拟资产相关联的虚拟资产简档数据。 然后使用至少一个秘密分发因子来分析请求的虚拟资产简档数据，以验证请求的虚拟资产。 然后使用一个或多个秘密分布因子来分析请求的虚拟资产简档数据，以确定请求的虚拟资产合法需要什么秘密。 然后生成表示一个或多个授权秘密的请求虚拟资产的授权秘密数据。 然后，向请求的虚拟资产提供对授权秘密数据的访问。

公开(公告)号：US11855910B2

公开(公告)日：2023-12-26

申请号：US17544467

申请日：2021-12-07

Applicant: Intuit Inc.

Inventor： Brett Weaver ,  Edward Lee ,  Thomas C. Bishop ,  Jerome M. Kuptz ,  Mukulika Kapas ,  Ameen Radwan ,  Gennadiy Ziskind ,  Grant L. Hoffman

IPC: H04L47/70 ,  H04L41/0813

CPC classification number: H04L47/82 ,  H04L41/0813

Abstract: Systems and methods for synchronizing cloud resources are disclosed. An example method may include receiving a first request to synchronize first target cloud resources to a first specified state defined in a configuration repository, generating one or more first configuration commands corresponding to the first request, the one or more first configuration commands associated with a first cloud provider and a first cloud configuration framework, and executing the one or more first configuration commands to set a state of the first target cloud resources to the first specified state.

公开(公告)号：US11411984B2

公开(公告)日：2022-08-09

申请号：US16936411

申请日：2020-07-22

Applicant: Intuit Inc.

Inventor： M. Shannon Lietz ,  Luis Felipe Cabrera ,  Thomas Bishop ,  Brett Weaver ,  Capen Brinkley

IPC: H04L9/40 ,  G06F21/57 ,  G06F11/36 ,  G06F21/53 ,  G06F8/60 ,  G06F21/60 ,  G06F21/55 ,  G06F21/56

Abstract: Big data analysis methods and machine learning based models are used to provide offer recommendations to consumers that are probabilistically determined to be relevant to a given consumer. Machine learning based matching of user attributes and offer attributes is first performed to identify potentially relevant offers for a given consumer. A de-duplication process is then used to identify and eliminate any offers represented in the offer data that the consumer has already seen, has historically shown no interest in, has already accepted, that are directed to product or service types the user/consumer already owns, for which the user does not qualify, or that are otherwise deemed to be irrelevant to the consumer.

公开(公告)号：US10757133B2

公开(公告)日：2020-08-25

申请号：US15881400

申请日：2018-01-26

Applicant: Intuit Inc.

Inventor： M. Shannon Lietz ,  Luis Felipe Cabrera ,  Thomas Bishop ,  Brett Weaver ,  Capen Brinkley

IPC: H04L29/06 ,  G06F21/60 ,  G06F21/57 ,  G06F21/55 ,  G06F11/36 ,  G06F21/56 ,  G06F21/53 ,  G06F8/60

Abstract: A method and system include identifying a virtual asset creation template associated with virtual assets to be verified. A test virtual asset is generated using the virtual asset creation template and deployed in a testing environment. The test virtual asset is then analyzed in the testing environment to identify any vulnerabilities. If a vulnerability is identified in the designated test virtual asset, a remedy to the vulnerability is applied to the virtual asset creation template which is used to create a virtual asset in a production environment. The method and system further include monitoring the production environment virtual asset for potential security threats, with a virtual asset agent, and determining a severity of identified security threats. and potentially creating a new virtual asset with the virtual asset agent and decommissioning the current virtual asset as a result.

公开(公告)号：US09866581B2

公开(公告)日：2018-01-09

申请号：US14319286

申请日：2014-06-30

Applicant: Intuit Inc.

Inventor： M. Shannon Lietz ,  Luis Felipe Cabrera ,  Thomas Bishop ,  Brett Weaver ,  Capen Brinkley

IPC: H04L29/06 ,  G06F21/57 ,  G06F21/60

CPC classification number: H04L63/1441 ,  G06F21/55 ,  G06F21/57 ,  G06F21/606 ,  H04L63/107 ,  H04L63/1408

Abstract: A method and system for protecting and repairing a current virtual asset from damage by potential security threats, according to one embodiment. The method and system include monitoring a current a current virtual asset for potential security threats, with a virtual asset agent, according to one embodiment. The method and system include determining a severity of the potential security threats that are identified by the virtual asset agent, according to one embodiment. The method and system include creating a new virtual asset with the virtual asset agent and decommissioning the current virtual asset, according to one embodiment. The system and method receiving, with the new virtual asset, secrets that are associated with the current virtual asset to enable the new virtual asset to continue operations of the current virtual asset, according to one embodiment.