公开(公告)号：US10050997B2

公开(公告)日：2018-08-14

申请号：US15854571

申请日：2017-12-26

Applicant: Intuit Inc.

Inventor： M. Shannon Lietz ,  Luis Felipe Cabrera ,  Thomas Bishop ,  Brett Weaver ,  Capen Brinkley

IPC: H04L29/06 ,  G06F21/60 ,  G06F21/57

Abstract: A method and system for protecting and repairing a current virtual asset from damage by potential security threats, according to one embodiment. The method and system include monitoring a current a current virtual asset for potential security threats, with a virtual asset agent, according to one embodiment. The method and system include determining a severity of the potential security threats that are identified by the virtual asset agent, according to one embodiment. The method and system include creating a new virtual asset with the virtual asset agent and decommissioning the current virtual asset, according to one embodiment. The system and method receiving, with the new virtual asset, secrets that are associated with the current virtual asset to enable the new virtual asset to continue operations of the current virtual asset, according to one embodiment.

公开(公告)号：US09245117B2

公开(公告)日：2016-01-26

申请号：US14231141

申请日：2014-03-31

Applicant: Intuit Inc.

Inventor： Brett Weaver ,  Javier Godinez ,  Capen Brinkley ,  Thomas Bishop ,  M. Shannon Lietz ,  Luis Felipe Cabrera

IPC: G06F21/00 ,  G06F21/55

CPC classification number: G06F11/3608 ,  G06F11/36 ,  G06F11/3612 ,  G06F11/3664 ,  G06F11/3692 ,  G06F21/55

Abstract: An application is implemented in the production environment in which the application will be used. Two or more backend systems are used to implement different versions of the application using the production environment in which the application will actually be used and accessed. Actual user data is received. A first portion of the actual user data is routed and processed in the production environment using a first version of the application and a first backend system of the two or more backend systems. A second portion of the actual user data is also routed and processed in the production environment but using a second version of the application and a second backend system of the two or more backend systems. The results data is then analyzed to evaluate the various versions of the application in the production environment.

公开(公告)号：US20150312274A1

公开(公告)日：2015-10-29

申请号：US14261621

申请日：2014-04-25

Applicant: Intuit Inc.

Inventor： Thomas Bishop ,  Brett Weaver ,  Christian Price ,  Javier Godinez ,  Capen Brinkley ,  M. Shannon Lietz ,  Luis Felipe Cabrera

IPC: H04L29/06

CPC classification number: H04L63/20 ,  H04L41/5009 ,  H04L41/5096

Abstract: Asset security compliance data ensuring defined asset security policies are applied to the creation and/or operation of assets to be used to implement an application and application deployment security compliance data for ensuring compliance with one or more application deployment security policies associated with the deployment of assets used to implement the application is generated. The asset security compliance data is then used to ensure each asset used to implement the application is created and used in compliance with asset security policies and the application deployment security compliance data is used to ensure that each asset used to implement the application is deployed in compliance with the application deployment security policies.

Abstract translation: 确保定义的资产安全策略的资产安全合规性数据应用于用于实施应用程序和应用程序部署安全合规性数据的资产的创建和/或操作，以确保符合与部署资产相关联的一个或多个应用程序部署安全策略 用于实现应用程序生成。 然后使用资产安全合规性数据确保用于实施应用程序的每个资产都是按照资产安全策略创建和使用的，并且应用程序部署安全合规性数据用于确保用于实施应用程序的每个资产都按照规定进行部署 与应用部署安全策略。

公开(公告)号：US20150278523A1

公开(公告)日：2015-10-01

申请号：US14231253

申请日：2014-03-31

Applicant: Intuit Inc.

Inventor： Capen Brinkley ,  Javier Godinez ,  Thomas Bishop ,  Brett Weaver ,  M. Shannon Lietz ,  Luis Felipe Cabrera

IPC: G06F21/57

CPC classification number: G06F11/3664

Abstract: An application is implemented in the production environment in which the application will be used. Two or more backend systems are provided. Actual user data is received. The actual user data is routed and processed in the production environment using a first backend system of the two or more backend systems. Fabricated user data is generated, routed, and also processed in the production environment but using a second backend system of the two or more backend systems. Results data from the processing of the fabricated user data is then analyzed to evaluate the production environment and/or operation of the application in the production environment.

Abstract translation: 在应用程序将在其中使用的生产环境中实现应用程序。 提供两个或更多个后端系统。 收到实际的用户数据。 使用两个或更多个后端系统的第一后端系统在生产环境中路由和处理实际的用户数据。 制造的用户数据在生产环境中生成，路由和处理，但使用两个或更多后端系统的第二后端系统。 然后分析来自处理制造的用户数据的结果数据，以评估生产环境中的生产环境和/或应用的操作。

公开(公告)号：US20180152473A1

公开(公告)日：2018-05-31

申请号：US15881400

申请日：2018-01-26

Applicant: Intuit Inc.

Inventor： M. Shannon Lietz ,  Luis Felipe Cabrera ,  Thomas Bishop ,  Brett Weaver ,  Capen Brinkley

IPC: H04L29/06 ,  G06F21/57 ,  G06F21/60

CPC classification number: H04L63/1441 ,  G06F8/60 ,  G06F11/3664 ,  G06F21/53 ,  G06F21/552 ,  G06F21/564 ,  G06F21/57 ,  G06F21/606 ,  H04L63/107 ,  H04L63/1408 ,  H04L63/1416

Abstract: A method and system include identifying a virtual asset creation template associated with virtual assets to be verified. A test virtual asset is generated using the virtual asset creation template and deployed in a testing environment. The test virtual asset is then analyzed in the testing environment to identify any vulnerabilities. If a vulnerability is identified in the designated test virtual asset, a remedy to the vulnerability is applied to the virtual asset creation template which is used to create a virtual asset in a production environment. The method and system further include monitoring the production environment virtual asset for potential security threats, with a virtual asset agent, and determining a severity of identified security threats. and potentially creating a new virtual asset with the virtual asset agent and decommissioning the current virtual asset as a result.

公开(公告)号：US20180124102A1

公开(公告)日：2018-05-03

申请号：US15854571

申请日：2017-12-26

Applicant: Intuit Inc.

Inventor： M. Shannon Lietz ,  Luis Felipe Cabrera ,  Thomas Bishop ,  Brett Weaver ,  Capen Brinkley

IPC: H04L29/06 ,  G06F21/57 ,  G06F21/60

CPC classification number: H04L63/1441 ,  G06F21/55 ,  G06F21/57 ,  G06F21/606 ,  H04L63/107 ,  H04L63/1408

Abstract: A method and system for protecting and repairing a current virtual asset from damage by potential security threats, according to one embodiment. The method and system include monitoring a current a current virtual asset for potential security threats, with a virtual asset agent, according to one embodiment. The method and system include determining a severity of the potential security threats that are identified by the virtual asset agent, according to one embodiment. The method and system include creating a new virtual asset with the virtual asset agent and decommissioning the current virtual asset, according to one embodiment. The system and method receiving, with the new virtual asset, secrets that are associated with the current virtual asset to enable the new virtual asset to continue operations of the current virtual asset, according to one embodiment.

公开(公告)号：US09459987B2

公开(公告)日：2016-10-04

申请号：US14966333

申请日：2015-12-11

Applicant: Intuit Inc.

Inventor： Brett Weaver ,  Javier Godinez ,  Capen Brinkley ,  Thomas Bishop ,  M. Shannon Lietz ,  Luis Felipe Cabrera

IPC: G06F21/00 ,  G06F11/36 ,  G06F21/55

CPC classification number: G06F11/3608 ,  G06F11/36 ,  G06F11/3612 ,  G06F11/3664 ,  G06F11/3692 ,  G06F21/55

Abstract: An application is implemented in the production environment in which the application will be used. Two or more backend systems are used to implement different versions of the application using the production environment in which the application will actually be used and accessed. Actual user data is received. A first portion of the actual user data is routed and processed in the production environment using a first version of the application and a first backend system of the two or more backend systems. A second portion of the actual user data is also routed and processed in the production environment but using a second version of the application and a second backend system of the two or more backend systems. The results data is then analyzed to evaluate the various versions of the application in the production environment.

Abstract translation: 在应用程序将在其中使用的生产环境中实现应用程序。 使用两个或多个后端系统来实现使用实际使用和访问应用程序的生产环境的应用程序的不同版本。 收到实际的用户数据。 使用应用的第一版本和两个或更多个后端系统的第一后端系统在生产环境中路由和处理实际用户数据的第一部分。 实际用户数据的第二部分也在生产环境中路由和处理，但是使用应用的第二版本和两个或更多个后端系统的第二后端系统。 然后分析结果数据，以评估生产环境中应用程序的各种版本。

公开(公告)号：US20150128130A1

公开(公告)日：2015-05-07

申请号：US14070124

申请日：2013-11-01

Applicant: Intuit Inc.

Inventor： Brett Weaver ,  Capen Brinkley ,  Jeffrey M. Wolfe ,  Ankur Jain ,  M. Shannon Lietz ,  Luis Felipe Cabrera

IPC: G06F9/455

CPC classification number: G06F9/455 ,  G06F9/45558 ,  G06F2009/45562 ,  G06F2009/45587

Abstract: Virtual host creation data used to instantiate a hardened task specific virtual host in a first computing environment is generated including hardening logic for providing enhanced security and trust for the hardened task specific virtual host and internal task specific logic for directing and/or allowing the hardened task specific virtual host to perform a specific function assigned to the hardened task specific virtual host. When task data is received indicating a task to be performed in the first computing environment requires the performance of the specific function assigned to the hardened task specific virtual host, the hardened task specific virtual host is automatically instantiated and/or deployed in the first computing environment.

Abstract translation: 生成用于在第一计算环境中实例化强化的任务特定虚拟主机的虚拟主机创建数据，包括用于为强化的任务特定虚拟主机提供增强的安全性和信任的硬化逻辑以及用于指导和/或允许强化任务的内部任务特定逻辑 特定的虚拟主机来执行分配给强化的任务特定虚拟主机的特定功能。 当接收到指示要在第一计算环境中执行的任务的任务数据需要执行分配给强化任务特定虚拟主机的特定功能时，强化任务特定虚拟主机在第一计算环境中被自动实例化和/或部署 。

公开(公告)号：US11411984B2

公开(公告)日：2022-08-09

申请号：US16936411

申请日：2020-07-22

Applicant: Intuit Inc.

Inventor： M. Shannon Lietz ,  Luis Felipe Cabrera ,  Thomas Bishop ,  Brett Weaver ,  Capen Brinkley

IPC: H04L9/40 ,  G06F21/57 ,  G06F11/36 ,  G06F21/53 ,  G06F8/60 ,  G06F21/60 ,  G06F21/55 ,  G06F21/56

Abstract: Big data analysis methods and machine learning based models are used to provide offer recommendations to consumers that are probabilistically determined to be relevant to a given consumer. Machine learning based matching of user attributes and offer attributes is first performed to identify potentially relevant offers for a given consumer. A de-duplication process is then used to identify and eliminate any offers represented in the offer data that the consumer has already seen, has historically shown no interest in, has already accepted, that are directed to product or service types the user/consumer already owns, for which the user does not qualify, or that are otherwise deemed to be irrelevant to the consumer.

公开(公告)号：US10757133B2

公开(公告)日：2020-08-25

申请号：US15881400

申请日：2018-01-26

Applicant: Intuit Inc.

Inventor： M. Shannon Lietz ,  Luis Felipe Cabrera ,  Thomas Bishop ,  Brett Weaver ,  Capen Brinkley

IPC: H04L29/06 ,  G06F21/60 ,  G06F21/57 ,  G06F21/55 ,  G06F11/36 ,  G06F21/56 ,  G06F21/53 ,  G06F8/60

Abstract: A method and system include identifying a virtual asset creation template associated with virtual assets to be verified. A test virtual asset is generated using the virtual asset creation template and deployed in a testing environment. The test virtual asset is then analyzed in the testing environment to identify any vulnerabilities. If a vulnerability is identified in the designated test virtual asset, a remedy to the vulnerability is applied to the virtual asset creation template which is used to create a virtual asset in a production environment. The method and system further include monitoring the production environment virtual asset for potential security threats, with a virtual asset agent, and determining a severity of identified security threats. and potentially creating a new virtual asset with the virtual asset agent and decommissioning the current virtual asset as a result.