US Pat. No. 9,836,282

SEPARATION OF CONCERNS BETWEEN INFORMATION TECHNOLOGY SERVICES MODELS

EntIT Software LLC, Sunn...

1. A method for exchanging information between information technology (IT) services, the method comprising:
separating models for the IT services into an operation model and a structural model, the operation model and the structural
model being linked by a service model, the service model being configurable to extend the operation model;

configuring the operation model, the configuring of the operation model includes defining messages exchanged between the IT
services; and

configuring the structural model, the configuring of the structural model includes capturing a structure of the IT services,
the service model includes an association with the structural model, the association of the service model with the structural
model enabling substitution in a class, the substitution making the structural model opaque to the operation model.

US Pat. No. 9,946,959

FACILITATING INTERPRETATION OF HIGH-DIMENSIONAL DATA CLUSTERS

ENTIT SOFTWARE LLC, Sunn...

1. A method for facilitating interpretation of clusters of high-dimensional data, comprising:projecting, by a processor, the high-dimensional data to a multi-dimensional space to differentiate clusters of the high-dimensional data;
receiving a user selection of at least two of the clusters;
extracting a plurality of dissimilar dimensions from the at least two selected to clusters;
receiving a user selection of a dissimilar dimension from the plurality of extracted dissimilar dimensions;
in response to receiving the user selection of the dissimilar dimension from the plurality of dissimilar dimensions, determining a plurality of correlated dimensions that are correlated to the dissimilar dimension; and
displaying the plurality of dissimilar dimensions and the plurality of correlated dimensions.

US Pat. No. 9,866,587

IDENTIFYING SUSPICIOUS ACTIVITY IN A LOAD TEST

ENTIT SOFTWARE LLC, Sunn...

12. A non-transitory computer readable medium storing instructions executable by a processing resource to cause a computer
to:
identify a main domain and a number of auxiliary domains of an application under a load test;
establish a maximum amount of domain calls to the main domain and a maximum amount of domain calls to each of the number of
auxiliary domains by a specific user over a period of time;

establish a maximum amount of domain calls to the main domain and a maximum amount of domain calls to each of the number of
auxiliary domains by a plurality of users of a load testing service over the period of time;

decrease the maximum amount of domain calls to a particular auxiliary domain of the number of auxiliary domains by the specific
user based on a tracked amount of domain calls to the main domain by the specific user over the period of time to a tracked
amount of domain calls to the particular auxiliary domain of the number of auxiliary domains by the specific user over the
period of time falling outside of a particular ratio;

identify as suspicious activity a domain call that exceeds at least one of the maximum amount of domain calls to:
the main domain by the specific user,
each of the number of auxiliary domains by the specific user,
the main domain by the plurality of users of the load testing service, and
each of the number of auxiliary domains by the plurality of users of the load testing service; and
block the suspicious activity.

US Pat. No. 9,811,831

SYSTEM FOR STRUCTURED ENCRYPTION OF PAYMENT CARD TRACK DATA

ENTIT SOFTWARE LLC, Sunn...

1. A method for securing data conveyed over a communications network between a point-of-sale system that receives track data
from payment cards and a payment gateway that performs payment card authorization operations, comprising:
with processing circuitry at the point-of-sale system, obtaining track data from a payment card;
with the processing circuitry at the point-of-sale system, removing selected primary account number digits from a primary
account number in the track data;

with the processing circuitry at the point-of sale system, compressing the removed primary account number digits to form compressed
primary account number data;

with the processing circuitry at the point-of sale system, inserting the compressed primary account number data into a field
of the track data to create a modified track data portion; and

inserting information into the primary account number digits in the track data that represents how many of the selected primary
account number digits were removed.

US Pat. No. 9,864,592

SYSTEM AND METHOD FOR DEPLOYING SOFTWARE INTO A COMPUTING ENVIRONMENT

EntIT Software LLC, Sunn...

1. A method of deploying software into a computing environment, the method performed by instructions executed on a processor
coupled to a computer readable memory containing the instructions, the method comprising:
providing a model of the computing environment into which the software is to be deployed;
customizing a plan that includes matching elements of the software to characteristics of the computing environment to deploy
the software into the computing environment; and

deploying the software into the computing environment according to the customized plan
wherein the software is automatically deployed into the computing environment without a software developer collecting information
about the computing environment.

US Pat. No. 9,948,501

PRIORITIZING EVENT NOTICES UTILIZING PAST-PREFERENCE PAIRINGS

ENTIT SOFTWARE LLC, Sunn...

1. A system, comprising:one or more hardware components to:
receive a plurality of event notices, with each notice indicative of degradation of a configuration item;
access configuration item past-preference pairings, with each pairing including a count of operator-exhibited preferences for event notices associated with a first configuration item relative to event notices associated with a second configuration item; and
create a prioritized ordering of the received event notices utilizing the past-preference pairings; and
a display device to display the prioritized ordering of the received event notices utilizing the past-preference pairings.

US Pat. No. 9,870,221

PROVIDING CODE CHANGE JOB SETS OF DIFFERENT SIZES TO VALIDATORS

EntIT Software LLC, Sunn...

1. A method executed by a system comprising a processor, comprising:
placing a plurality of jobs in a queue, each job including at least one code change requested to be committed to shared code;
determining, with a processing resource and based on a job failure probability, a set size distribution based on a number
of the jobs probabilistically expected to be successfully validated as a group by a plurality of validators provided respective
job sets having different respective sizes specified by the set size distribution;

providing the job sets to the validators, respectively, each job set comprising a consecutive group of the jobs in the queue
at a given time and beginning with the job at the front of the queue at the given time;

receiving, from each validator, an indication of whether all of the jobs of the provided job set were successfully validated
as a group by the validator;

identifying, based on the received indications, the largest job set of the job sets respectively validated by the validators;
committing to the shared code each code change of each job of the identified largest job set;
removing from the queue each job of the identified largest job set; and
identifying an earliest invalid job in the queue.

US Pat. No. 9,838,263

IDENTIFYING A POLLING COMMUNICATION PATTERN

ENTIT SOFTWARE LLC, Sunn...

1. A method for identifying a polling communication pattern within a sequence of communication entities, comprising:
grouping the communication entities that share at least one of an identical request method, identical request domain, or identical
number of request key value pairs into a cluster of a plurality of clusters, each of the communication entities being a request
and a corresponding response pair exchanged between a client device and a server device;

removing at least one of the clusters from the plurality of clusters according to at least one of a time pattern analysis,
a cluster size, or a cluster duration;

identifying remaining clusters of the plurality of clusters as having a polling communication pattern within the sequence
of communication entities; and

outputting an indication that the remaining clusters have a polling communication pattern within the sequence of communication
entities.

US Pat. No. 10,007,593

INJECTION OF DATA INTO A SOFTWARE APPLICATION

ENTIT SOFTWARE LLC, Sunn...

1. A non-transitory computer readable storage medium comprising instructions that when executed by a processor cause the processor to:identify controls and labels for the controls in a user interface;
calculate similarities between a name of a data element and each of the labels in the user interface;
rank the similarities between the name of the data element and each of the labels in the user interface;
determine that the name of the data element matches a first label in the user interface in response to a determination that R1>ST and (R1?R2)>DT, wherein R1 is a highest ranked similarity between the name of the data element and the first label, R2 is a second highest ranked similarity between the name of the data element and a second label, DT is a threshold of a gap between the highest ranked similarity R1 and the second highest ranked similarity R2, and ST is a threshold of similarity between the name of the data element and the labels; and
inject the data element into a control corresponding to the first label matching the name of the data element.

US Pat. No. 9,836,513

PAGE FEED FOR EFFICIENT DATAFLOW BETWEEN DISTRIBUTED QUERY ENGINES

EntIT Software LLC, Sunn...

1. A method comprising:
storing a query result relation resulting from a producer query as a local cached page in a query processor buffer pool of
a first query processor, wherein the query result relation comprises a plurality of tuples returned by the producer query,
wherein the plurality of tuples comprise data values from a first column of a first database table, wherein the query processor
buffer pool is to store a plurality of local cached pages, wherein each of the plurality of local cached pages is a fixed-length
binary page identified by a local tag;

sending, using a binary protocol, the local cached page to a distributed caching platform (DCP) to be shared as an external
cached page, wherein the external cached page is visible as a data source of another query, wherein the DCP is distributed
over multiple nodes, wherein the external cached page is identified by an external key that includes different data from the
local tag;

reading, using the binary protocol, the external cached page by a second query processor based on the external key; and
converting the external cached page to the plurality of tuples for use by a consumer query.

US Pat. No. 9,798,760

APPLICATION RETENTION METRICS

ENTIT SOFTWARE LLC, Sunn...

1. A method for generating a coupled application retention metric, the method comprising:
selecting (230) a first reference application identifier and a second reference application identifier;

generating (330) a coupled application retention metric between the first and the second reference application identifiers, comprising:

querying (100) an application database comprising a plurality of application records, each comprising an application identifier, a user
identifier, and retention information;

comparing the retention information in the application database (100) for application identifiers corresponding to the first reference application identifier or the second reference application
identifier and having a common user identifier;

receiving (200) from a remote application an identifier for an application of interest selected by a user of the remote application and
corresponding to the first reference application identifier; and

transmitting (430) to the user the coupled application retention metric between the first and the second reference application identifiers.

US Pat. No. 9,858,318

MANAGING DATA ENTITIES USING COLLABORATIVE FILTERING

EntIT Software LLC, Sunn...

1. A method for managing a plurality of data entities, said method comprising:
collecting data pertaining to transactions by a plurality of users with respect to the data entities, wherein the data entities
are available for use on user devices;

applying, by a processor, a collaborative filtering operation on the data entities to determine similarity levels of the data
entities with respect to each other;

for at least one of the data entities, ranking remaining ones of the data entities according to the determined similarities
while discounting for popularities of the data entities;

presenting identifications of at least another one of the data entities having the highest rankings to the at least one of
the data entities to a first user to recommend the at least another one of the data entities for use by the first user;

determining that a user has deleted a data entity; and
presenting, for display to the first user, an identification of a subset of the remaining ones of the data entities determined
to be similar to the deleted data entity.

US Pat. No. 9,811,447

GENERATING A FINGERPRINT REPRESENTING A RESPONSE OF AN APPLICATION TO A SIMULATION OF A FAULT OF AN EXTERNAL SERVICE

ENTIT SOFTWARE LLC, Sunn...

1. A non-transitory machine-readable storage medium comprising instructions executable by a processing resource to:
instruct an external service virtualization system to simulate a fault of an external service in a simulation of the external
service, wherein the simulation of the external service is accessed by an application during testing of the application;

acquire a plurality of testing metrics representing a response of the application to the simulation of the fault of the external
service during the testing of the application;

generate a testing application fingerprint representing the response of the application to the simulation of the fault of
the external service during the testing of the application, wherein the testing application fingerprint indicates, for each
of the testing metrics, whether the testing metric became abnormal in response to the simulation of the fault; and

associate the testing application fingerprint with the external service and the fault in a repository storing the testing
application fingerprint.

US Pat. No. 9,953,169

MODIFY EXECUTION OF APPLICATION UNDER TEST SO USER IS POWER USER

Entit Software LLC, Sunn...

1. A computing system comprising:a processor; and
a non-transitory machine-readable storage medium storing instructions, the instructions executable by the processor to:
execute a real-time modifier hosting an application under test;
receive, via a network, a page request from a scanner performing a security crawl, wherein the scanner is logged in to the application under test using a non-administrator user credential; and
responsive to the page request, perform a first page crawl and a second page crawl using the non-administrator user credential, wherein the first page crawl is based on non-administrator user privileges, and wherein the second page crawl is based on administrator user privileges;
wherein the page request provides the administrator user privileges, and the real-time modifier is triggered to allow the scanner to perform the second page crawl based on the administrator user privileges.

US Pat. No. 9,870,353

PRE-POPULATING A FORM

EntIT Software LLC, Sunn...

1. A non-transitory machine-readable medium storing instructions for pre-populating a form executable by a machine to cause
the machine to:
receive a first input that describes a problem from a first user;
associate a category with the first input;
select a first form based on the category; and
pre-populate the first form based on a second input provided by a second user to a second form, wherein the second form is
associated with a problem that has been confirmed resolved and the second form belongs to the category.

US Pat. No. 9,866,466

SIMULATING REAL USER ISSUES IN SUPPORT ENVIRONMENTS

ENTIT SOFTWARE LLC, Sunn...

1. A method for simulating a real user issue in a support environment, comprising:
collecting network traffic between a user device and a server device within a live environment;
collecting respective input type identifiers of physical inputs provided by a user via a graphical user interface of the user
device, wherein each respective input type identifier denotes a corresponding physical input of the physical inputs provided
by the user as a particular type of physical input, and wherein each of the physical inputs has a respective identifier of
an element that the input acted upon, comprising:

collecting a first physical input of the physical inputs as input provided by the user via the graphical user interface of
the user device preceding the network traffic;

collecting a second physical input of the physical inputs as input provided by the user via graphical user interface of the
user device after the network traffic;

providing stored data related to the real user issue associated with an application to a support device that is to modify
the application, the stored data including network traffic associated with a user device in the live environment and the collected
respective input type identifiers; and

causing the support device to simulate the real user issue using the stored data, comprising:
matching the first physical input and the second physical input to the captured network traffic;
creating a synthetic network load from the captured network traffic in the support environment in which the user device and
the server device are not present, neither the user device nor the server device having to generate or recreate a network
load; and

displaying information representative of the captured network traffic as matched to the collected physical inputs provided
by the user.

US Pat. No. 9,836,530

DETERMINING PREFERRED COMMUNICATION EXPLANATIONS USING RECORD-RELEVANCY TIERS

ENTIT SOFTWARE LLC, Sunn...

1. A computer program product embodied as instructions stored in a non-transitory computer readable medium that when executed
by a processor cause the processor to:
obtain data indicative of a word or phrase communicated during a meeting including a plurality of participants;
for each participant, identify records electronically accessible to the participant, and associate each record with a tier
from a hierarchy of record-relevancy tiers, wherein each tier is indicative of a relevance to the meeting;

identify a set of explanations for the communication and associated scores, including for each participant, beginning with
a most relevant tier, search the records accessible to the participant tier by tier until an explanation is identified, and
responsive to identification of the explanation assign a score to the explanation according to the tier associated with the
record in which the explanation is found; and

determine a preferred explanation for the communication based upon the scores, and to cause a display of the preferred explanation.

US Pat. No. 9,727,556

SUMMARIZATION OF A DOCUMENT

EntIT Software LLC, Sunn...

1. A method for summarizing an electronic document, comprising:
detecting via a processor, for each sentence in said document, a concept in said sentence;
associating, via the processor, each detected concept with a weight, wherein said weight represents a degree of similarity
between the detected concept and its corresponding reference concept in a concept library available over the internet;

representing, via the processor, each sentence with a vector comprising concept-weight pairs;
according to the detected concepts, computing relevance measures between the sentences, wherein the relevance measures are
based on a respective vector representation of each sentence;

constructing a concept-aware graph, wherein a node in said graph represents each said sentence in the document and an edge
between two nodes represents the relevance measure between two sentences represented by the two nodes;

utilizing the concept-aware graph to rank the sentences in the document;
summarizing the document by selecting representative sentences based on the ranks; and
providing, via the processor, the summarized document to a user to enable the user to make a determination if the electronic
document is to be downloaded from the internet.

US Pat. No. 9,940,469

ENCRYPTED DATA STORE FOR RECORDS

EntIT Software LLC, Sunn...

1. A method performed by a processing system, the method comprising:receiving a patient key from a patient;
accessing a provider identifier corresponding to a first provider;
generating a first provider key based on the patient key and the provider identifier;
determining a first location in a metadata tree of the patient for a first electronic health record;
generating a first record key for the first electronic health record based on the first location and the first provider key corresponding to the first provider;
encrypting the first electronic health record using the first record key to generate a first encrypted record;
providing the first encrypted record to an encrypted data store;
updating the first location in the metadata tree to include a first reference to the first encrypted record in the encrypted data store; and
providing the metadata tree to a metadata store that is accessible by a second provider.

US Pat. No. 9,934,280

JOIN ORDER RESTRICTIONS

ENTIT SOFTWARE LLC, Sunn...

1. A method comprising:analyzing, by a processor of a computing device, a query submitted to a database to determine a join order restriction that is associated with a join between two tables of a plurality of tables of the database that participate in the query, the join order restriction constraining its associated join to be executed prior to another join of the query, wherein analyzing the query to determine the join order restriction comprises:
determining a join order that produces a different result than a result obtained by executing the query according to a join order semantically expressed in the query; and
constructing the join order restriction to exclude the determined join order that produces the different result, from join plans for executing the query;
assigning a ranking of priority to each join between tables that participate in the query based on the join order restriction, including assigning a join associated with the join order restriction a lower priority than other joins in the query, wherein a join that was assigned a higher priority is executed prior to a join that was assigned a lower priority;
generating the join plans for executing the query constrained by the join order restriction, the join plans including different join orders;
selecting a join plan from the join plans for execution of the query; and
executing, by the processor, the query based on the selected join plan.

US Pat. No. 9,727,666

DATA STORE QUERY

ENTIT SOFTWARE LLC, Sunn...

1. A system, comprising:
a receiving engine to receive a query defined by a phrase, wherein the query is in the form of a natural language query that
does not include abbreviations or paths corresponding to data stored in a data store;

an identification engine to:
identify within the data store:
a service component metric associated with the phrase,
a service component log associated with the phrase, and
a service component event associated with the phrase;
identify the service component metric, the service component log, and the service component event do not match the phrase
defining the natural language query;

determine a relationship between the service component metric, the service component log, and the service component event
and a service specified in the phrase by referencing a configuration management database (CMDB) containing a topological mapping
of relationships; and

determine the service component metric, the service component log, and the service component event are nonetheless associated
with the phrase based on the relationship to the service specified in the phrase; and

a display engine to cause display of the identified service component metric, the identified service component log, and the
identified service component event.

US Pat. No. 9,729,505

SECURITY THREAT ANALYSIS

ENTIT SOFTWARE LLC, Sunn...

1. A method for security threat analysis, comprising:
utilizing a processor to execute instructions stored on a non-transitory medium for:
generating, via the processor, a security related task based on security data in a security monitoring server, wherein the
security related task includes an analysis of data and the security data is received via communications links from a plurality
of security monitored participants;

sending, via a communication link, to at least one of the plurality of security monitored participants:
a request to complete the security related task based on the at least one security monitored participant's ability to carry
out the task, and

a set of the security data, wherein the set of security data is from at least two of the plurality of security monitored participants;
sending, via the communication link, the request to a subset of the plurality of security monitored participants, the subset
having a similar pattern in their corresponding security data; and

receiving, via the processor, a response from the at least one security monitored participant with information related to
the security related task.

US Pat. No. 9,864,763

MERGING DATA FROM A SOURCE LOCATION INTO A TARGET LOCATION

EntIT Software LLC, Sunn...

1. A method for merging data from a source location into a target location containing existing data, wherein both the source
location and the target location contain tuples of data, the method comprising:
for each tuple in the source location, during a single operation,
determining, by a processor, whether there is a matched tuple in the target location that satisfies a predetermined condition;
for each matched tuple that satisfies the predetermined condition, updating the matched tuple in the target location with
a count value that is equal to a count of the matched tuple in the source location and the target location, wherein the updating
comprises:

inserting the matched tuple into a delete vector;
marking the matched tuple in the delete vector as removed from the target location, without physically removing the matched
tuple from the target location;

inserting the updated matched tuple into the target location; and
for each tuple that does not have a matched tuple that satisfies the predetermined condition, inserting the unmatched tuple
into the target location;

associating a first indicator with the matched tuple in the target location, the first indicator indicating that the matched
tuple in the target location is an existing tuple; and

associating a second indicator with the unmatched tuple inserted into the target location, the second indicator indicating
that the unmatched tuple is new in the target location.

US Pat. No. 9,792,202

IDENTIFYING A CONFIGURATION ELEMENT VALUE AS A POTENTIAL CAUSE OF A TESTING OPERATION FAILURE

ENTIT SOFTWARE LLC, Sunn...

1. A non-transitory machine-readable storage medium comprising instructions that when executed by a processing resource of
a computing device cause the processing resource to:
cause a testing operation to be performed approximately in parallel on each of a plurality of instances of an application,
each instance executed in a respective one of a plurality of testing environments having different configurations from one
another;

acquire, from each of the testing environments, configuration element values for the testing environment, the values defining
the configuration of the testing environment;

determine that the testing operation has failed at a first one of the testing environments and has passed at a second one
of the testing environments; and

in response to the determination, identify one of the configuration element values acquired from the first testing environment
as a potential cause of the testing operation failure based on differences between the configuration element values acquired
from the first testing environment and the configuration element values acquired from the second testing environment.

US Pat. No. 9,749,211

DETECTING NETWORK-APPLICATION SERVICE FAILURES

ENTIT SOFTWARE LLC, Sunn...

1. A computer-implemented process comprising: trasmiting, by test sites, probes to a network application under test (NAUT);
generating, by said test sites, raw network-application availability monitoring (NAAM) data, said NAAM data including NAAM
datapoints representing probe results of respective ones said probes, each of said NAAM datapoints specifying a network application
under test (NAUT), a respective test site that transmitted the respective probe, a time corresponding to a respective probe,
and an indication whether the respective probe resulted in a success or a failure;

transferring said NAAM datapoints from said test sites to NAAM analyzer;
filtering, by said NAAM analyzer, said NAAM data to remove false-indication NAAM datapoints to yield filtered NAAM data including
some of said NAAM datapoints but not including said false-indication NAAM datapoints, said false-indication NAAM datapoints
including a NAAM data point determined to represent a test-site failure of one of said test sites rather than a failure of
said NAUT; and

detecting at least one service failure of said NAUT using said filtered NAAM data.

US Pat. No. 9,762,602

GENERATING ROW-BASED AND COLUMN-BASED CHUNKS

EntIT Software LLC, Sunn...

1. A computer-implemented method of processing events, wherein an event includes multiple fields, the method comprising:
receiving a set of events;
generating a row-based chunk that includes the set of events and metadata about the set of events, wherein the row-based chunk
is associated with a first retention policy;

generating a column-based chunk that includes metadata about the set of events and, for each event in the set of events, a
value of a first field of the multiple fields, wherein the column-based chunk is associated with a second retention policy
different from the first retention policy, and wherein the metadata about the set of events in the column-based chunk includes
at least one of a minimum value or a maximum value of values of the first field over the events in the set of events;

reclaiming storage used by a file containing the row-based chunk according to the first retention policy; and
reclaiming storage used by a file containing the column-based chunk according to the second retention policy.

US Pat. No. 9,727,322

METHODS, APPARATUS, AND ARTICLES OF MANUFACTURE TO DEPLOY SOFTWARE APPLICATIONS

ENTIT SOFTWARE LLC, Sunn...

1. A non-transitory computer readable medium comprising computer readable instructions that, when executed, cause a computer
to at least:
determine a set of software components for execution on a computer system based on a request from a user, the request indicating
business needs to be provided by the computer system for an expected number of users;

determine an expected operating capacity of the computer system to execute the software components based on the expected number
of users;

configure the computer system to execute the set of software components on the computer system when it is determined that
hardware resources of the computer system available to execute the set of software components are sufficient to meet the expected
operating capacity for the expected number of users;

monitor an operating capacity level of the computer system, the operating capacity level being based on an actual number of
users accessing the set of software components on the computer system;

compare an amount of required hardware resources needed to support the operating capacity level to a threshold amount of available
hardware resources of the computer system; and

if the amount of required hardware resources exceeds the threshold amount of available hardware resources, generate an alert
to indicate the available hardware resources are insufficient to support the operating capacity level and provide instructions
to tune the operating capacity level.

US Pat. No. 9,760,896

ACQUIRING CUSTOMER INSIGHT IN A RETAIL ENVIRONMENT

EntIT Software LLC, Sunn...

1. A computer system that acquires customer insight information in a retail environment, comprising:
a computing device with a processor that is configured to execute computer-readable instructions; and
a memory device that stores instructions modules that are executable by the processor, the instructions modules comprising
a content customization engine configured to:

receive, over a wireless communication network, a product interaction from a mobile device of a given customer, the product
interaction comprising the mobile device scanning a product identifier corresponding to a product located and being sold in
the retail environment, the product identifier comprising a scannable tag on the product;

determine a planned location of the product within the retail environment by looking up the planned location within a store
planogram, electronically stored in a content management system, using the received product identifier;

determine a customer location of the given customer within the retail environment as the determined planned location of the
product; and

initiate a business action based, at least in part, on the product interaction and the customer location, including:
cause a hardware display located within the retail environment near the customer location to display information regarding
the product, wherein the information is provided by the content customization engine and the hardware display is to play media
content, including at least still images, video or audio;

cause an audio system separate from the display and that is used within the retail environment to make announcements to play
further information regarding the product responsive to a plurality of customer-initiated product interactions with the product
performed by a plurality of customers, wherein the information is provided by the content customization engine; and

transmit discount information regarding the product for redemption by the given customer to the mobile device responsive to
having received one or more prior product interactions with the product from the mobile device; and

a tracking and analytics engine configured to store customer insight information corresponding to the product interaction
and the customer location to a data structure.

US Pat. No. 9,753,743

IDENTIFYING A COMMON ACTION FLOW

ENTIT SOFTWARE LLC, Sunn...

1. A memory resource storing instructions that when executed cause a processing resource to implement a system for detecting
a common action flow, the instructions comprising:
a session module executable to:
process session data to identify, for an application, a plurality of action flows, each action flow representing a series
of actions taken by a user navigating the application's user interface; and

filter the plurality of actions flows to include actions in a set of statistically related actions;
a flow module executable to identify a sub-flow of actions repeated in the plurality of action flows, the identified sub-flow
representing a common action flow, the flow module executable to identify the sub-flow of actions by:

identifying a set of candidate sub-flows of non-consecutive actions from the filtered plurality of actions flows; and
filtering the set of candidate sub-flows according to a rule such that the sub-flow of actions representing the common action
flow remains; and

a reporting module executable to communicate data representative of the common action flow.

US Pat. No. 9,753,750

GLOBAL FEATURE LIBRARY USEABLE WITH CONTINUOUS DELIVERY

ENTIT SOFTWARE LLC, Sunn...

1. A processor implemented method to manage a global feature library usable with a continuous delivery environment, the method
comprising:
providing the global feature library with a plurality of features defined therein, the global feature library including feature
switches for respective features of the plurality of features, each feature switch useable with an application code, the global
feature library further including a global value rule;

linking the feature switches to the application code, each feature switch of the feature switches including a feature value
associated therewith, the feature value of a first feature switch of the feature switches to turn on and off a first feature
associated with the first feature switch based on the global value rule;

in response to a request to change the global value rule, transmitting, by a server, an update of the feature value of the
first feature switch to a plurality of client devices that store the feature value of the first feature switch in respective
memories of the plurality of client devices, the update to cause a change of the feature value of the first feature switch
stored in the respective memories of the plurality of client devices; and

transmitting the global value rule to the plurality of client devices that store respective local feature libraries, each
local feature library including the global value rule and a subset of the plurality of features.

US Pat. No. 9,720,685

SOFTWARE DEVELOPMENT ACTIVITY

ENTIT SOFTWARE LLC, Sunn...

1. A system comprising:
a development model repository comprising data pertaining to a software development project;
development rules that govern changes in the development model repository; and
a processor to:
determine whether activity pertaining to the software development project violates at least one development rule whose associated
severity level exceeds a predetermined threshold; and

in response to the activity violating the at least one development rule whose associated severity level exceeds the predetermined
threshold, generate a work item that advises a user to correct the activity,

wherein the work item represents a software development task to perform at least one of fixing a defect or adding a new requirement
or feature;

suggest, via a display, a first adjustment to the severity level indicating a severity of the activity violating the at least
one development rule in response to a first condition being met prior to generation of a software release, the first adjustment
decreasing the severity level below the predetermined threshold; and

suggest, via the display, a second adjustment to the severity level indicating the severity of the activity violating the
at least one development rule in response to a second condition being met after the generation of the software release, the
second adjustment increasing the severity level above the predetermined threshold.

US Pat. No. 9,846,459

SHIELD FOR AN ELECTRONIC DEVICE

EntIT Software LLC, Sunn...

6. A system comprising:
an electronic device comprising memory;
a shield comprising a plurality of traces, wherein each trace comprises a conductive plastic inner portion and a non-conductive
plastic outer portion, the plurality of traces being arranged such that the shield encloses the electronic device, wherein
the shield defines an air channel that supports air flow from external to the shield to an interior of the shield and vice
versa, and the air channel includes multiple directional changes for the air flow; and

a plurality of decoy traces, wherein a first current is caused to flow through the plurality of traces, and a second current
is caused to flow through the plurality of decoy traces.

US Pat. No. 9,832,067

NETWORK TOOL SYNCHRONIZATION

EntIT Software LLC, Sunn...

1. A system for network tool synchronization, comprising:
a processor;
a non-transitory storage medium storing synchronization instructions executable on the processor to:
receive a data methodology of an enterprise architecture tool from the enterprise architecture tool, the data methodology
specifying at least one business function of an entity, a plurality of applications for performing the at least one business
function, and a plurality of hardware components that implement the plurality of applications;

determine, using a catalog of an orchestration tool that deploys and manages applications providing respective services of
a transaction, a functionality of the orchestration tool, the catalog of the orchestration tool separate from the data methodology
of the enterprise architecture tool;

select, based on the determined functionality of the orchestration tool, information of the data methodology received from
the enterprise architecture tool, the selected information relevant to applications and hardware components used by the orchestration
tool to implement the functionality, and the selected information not included in the catalog of the orchestration tool; and

export the elected information to the orchestration tool to cause update of the catalog of the orchestration tool.

US Pat. No. 9,824,107

TRACKING CHANGING STATE DATA TO ASSIST IN COMPUTER NETWORK SECURITY

EntIT Software LLC, Sunn...

1. A method for recording information in a session table, the method comprising:
identifying, by a physical processor implementing machine readable instructions, an event, wherein the event comprises a timestamp
and information about operation of a networked device;

partitioning, by the physical processor implementing the machine readable instructions, the session table into a plurality
of partitions, wherein the plurality of partitions includes an active session partition;

moving, by the physical processor implementing the machine readable instructions, active sessions in the session table from
at least one other partition to the active session partition;

determining, by the physical processor implementing the machine readable instructions, a query key based on information of
the event, wherein the query key comprises a value of a field in a session in the session table;

generating, by the physical processor implementing the machine readable instructions, a hash code based on the query key;
querying, by the physical processor implementing the machine readable instructions, the session table in at least the active
session partition using the hash code to determine whether an active session in the session table corresponds to the hash
code; and

in response to a determination that an active session in the session table corresponds to the hash code, terminating, by the
physical processor implementing the machine readable instructions, the active session and creating a new session in the session
table in the active session partition to record the information of the event.

US Pat. No. 9,734,214

METADATA-BASED TEST DATA GENERATION

ENTIT SOFTWARE LLC, Sunn...

1. A method comprising:
extracting column metadata from a relational database, the column metadata describing a plurality of columns of a data table
included in the relational database, the data table comprising a plurality of data records, wherein the column metadata comprises
at least one of field data types, mandatory fields, or relationships to other columns;

generating a graphical mapping interface comprising an interface form and the plurality of columns of the data table, the
interface form comprising a plurality of input controls;

receiving, in the graphical mapping interface, user inputs defining a plurality of control-column mappings between the plurality
of input controls of the interface form and the plurality of columns of the data table;

in response to a receipt of the user inputs defining the plurality of control-column mappings:
automatically generating, using the plurality of control-column mappings, a plurality of control-metadata mappings between
the plurality of input controls to the column metadata; and

using the plurality of control-metadata mappings, automatically generating, by a processor, new test data values for testing
the plurality of input controls, the new test data values comprising data values that are illegal according to the column
metadata.

US Pat. No. 9,727,663

DATA STORE QUERY PREDICTION

EntIT Software LLC, Sunn...

1. A method, comprising:
receiving a portion of a natural language query of a data store;
generating, based at least in part on the portion of the natural language query, a prediction of a plurality of phrases identifying
a service component metric of an information technology (IT) system, a service component log of the IT system, or a service
component event of the IT system, wherein generating comprises:

identifying an outlier indicator for the service component metric, the service component log, or the service component event,
wherein the outlier indicator indicates irregular behavior specifically by the service component metric, the service component
log, or the service component event that exceeds or falls below a baseline standard; and

including the service component metric, the service component log, or the service component event with the outlier indicator
in at least one of the plurality of phrases;

sorting the predicted plurality of phrases to order the service component metric, the service component log, or the service
component event with the outlier indicator earlier in a sort order than other service component metrics, service component
logs, or service component events without the outlier indicator;

proposing the sorted predicted plurality of phrases for completing the natural language query; and
receiving a selection of a proposed predicted phrase of the proposed predicted plurality of phrases.

US Pat. No. 9,727,350

LOCALIZING COMPUTER PROGRAM CODE

ENTIT SOFTWARE LLC, Sunn...

1. A method of localizing a computer program code comprising, with a manager node:
updating a message catalog, the message catalog comprising a dictionary to translate a first language into a second language;
localizing code at the manager node at run-time, wherein localizing code at the manager node comprises:
searching for a number of tags in an executable in the computer program code;
selecting a native language to apply based on an identification of the tag, a native language, and a unique language identification
associated with the tag, the unique language identification defining a language into which the tags are to be translated;
and

replacing a tag with a corresponding translated text; and
distributing the localized code to a number of client nodes, in which updating the message catalog comprises correcting a
number of errors in the message catalog.

US Pat. No. 9,727,641

GENERATING A SUMMARY BASED ON READABILITY

EntIT Software LLC, Sunn...

1. A method executed by a computer system, comprising:
extracting a set of sentences from a digital document;
scoring each sentence of the set of sentences using a respective informativeness measure;
scoring each sentence of the set of sentences using a readability measure, wherein the readability measure is based at least
in part on one of: a number of words in the sentence, a number of syllables per word, a frequency of a word based on a vocabulary
frequency, a frequency of a word based on context, or if words of the sentence appear on a reading list;

selecting selected sentences in the set of sentences based on the readability measures and informativeness measures, wherein
the selecting comprises:

determining a subset of sentences from the set of sentences, wherein the sentences in the subset of sentences have informativeness
measures greater than a threshold, and

selecting, from the subset of sentences, the selected sentences based on a ranking of the sentences in the subset of sentences
according to readability measures of the sentences in the subset of sentences, wherein the selected sentences are the to ranked
sentences in the subset of sentences;

identifying a low readability, high informativeness sentence from the set of sentences, wherein:
a low readability sentence includes at least one of fewer syllables per word, fewer words on a reading list, or a lower frequency
of words associated with a vocabulary frequency list; and

a high informativeness sentence includes greater similarity to other sentences in the set of sentences and more words having
term frequency-inverse document frequency (tf-idf) values indicating that the words are key words;

generating a concatenated sentence by concatenating at least one contextual sentence with the low readability, high informativeness
sentence, wherein the concatenated sentence has a higher readability than the low readability, high informativeness sentence;
and

generating a readable summary of the digital document, the readable summary including the concatenated sentence and the selected
sentences.

US Pat. No. 9,716,587

CRYPTOGRAPHIC SYSTEM WITH HALTING KEY DERIVATION FUNCTION CAPABILITIES

ENTIT SOFTWARE LLC, Sunn...

1. A method, comprising:
obtaining verification information that is indicative of a final key derivation function state;
with processing circuitry and in a loop, iteratively modifying a state of a key derivation function using a scrambling function;
with the processing circuitry and while in the loop, determining whether the current iteratively modified state of the key
derivation function matches the final key derivation function state;

if there is no match between the current iteratively modified state and the final key derivation function state, continuing
in the loop; and

if there is a match between the current iteratively modified state and the final key derivation function state and with the
processing circuitry and, generating a cryptographic key to perform a cryptographic function at a computer system.

US Pat. No. 9,704,159

PURCHASE TRANSACTION SYSTEM WITH ENCRYPTED TRANSACTION INFORMATION

ENTIT Software LLC, Sunn...

1. A computer-implemented method for using identity-based-encryption (IBE) to secure payment card information associated with
a payment card of a user in a system having point-of-sale equipment, a purchase transaction processor equipment, and an additional
purchase transaction processor equipment that communicate over a communications network, the method comprising:
identifying, by the point-of-sale equipment, a first host address of the purchase transaction processor equipment and a second
host address of the additional purchase transaction processor equipment;

generating, by the point-of-sale equipment, first and second symmetric keys;
generating, by the point-of-sale equipment, a first IBE public key associated with the purchase transaction processor equipment
based on the identified first host address;

generating, by the point-of-sale equipment, a second IBE public key associated with the additional purchase transaction processor
equipment based on the identified second host address;

generating, by an IBE encryption engine on the point-of-sale equipment, a first key transfer block by encrypting the first
symmetric key using the generated first IBE public key and generating a second key transfer block by encrypting the second
symmetric key using the second generated IBE public key;

after passage of a predetermined amount of time, regenerating, by the point-of-sale equipment, the first symmetric key and
generating, by the point-of-sale equipment, a third key transfer block by encrypting the regenerated first symmetric key using
the generated first IBE public key;

after passage of an additional predetermined amount of time, regenerating, by the point-of-sale equipment, the second symmetric
key and generating, by the point-of-sale equipment, a fourth key transfer block by encrypting the regenerated second symmetric
key using the generated second IBE public key;

storing, by storage circuitry on the point-of-sale equipment, the first symmetric key, the second symmetric key, the regenerated
first symmetric key, the regenerated second symmetric key, and the first, second, third, and fourth key transfer blocks;

obtaining, by a card reader on the point-of-sale equipment, the payment card information associated with the payment card
of the user during a purchase transaction;

determining, by the point-of-sale equipment, that the purchase transaction processor equipment is associated with the payment
card of the user based on the payment card information obtained by the card reader;

based on determining that the purchase transaction processor equipment is associated with the payment card of the user generating,
by a symmetric key encryption engine on the point-of-sale equipment, encrypted payment information by encrypting the payment
card information using the regenerated first symmetric key stored at the storage circuitry;

sending, by the point-of-sale equipment, the third key transfer block stored at the storage circuitry from the point-of-sale
equipment to the purchase transaction processor equipment over the communications network;

sending, by the point-of-sale equipment, the encrypted payment card information from the point-of-sale equipment to the purchase
transaction processor equipment over the communications network;

receiving, by the purchase transaction processor equipment, the third key transfer block and the encrypted payment card information
from the point-of-sale equipment;

receiving, by the purchase transaction processor equipment, an IBE private key corresponding to the first IBE public key;
obtaining, by an IBE decryption engine on the purchase transaction processor equipment, the regenerated first symmetric key
by decrypting the third key transfer block using the IBE private key;

decrypting, by a symmetric key decryption engine on the purchase transaction processor equipment, the encrypted payment card
information using the regenerated first symmetric key that was obtained by decrypting the third key transfer block; and

authorizing, by the purchase transaction processor equipment, a payment with the payment card of the user based on the decrypted
payment card information.

US Pat. No. 10,027,683

SHARED SYMMETRIC KEY ENCRYPTION

ENTIT SOFTWARE LLC, Sunn...

1. A method of a system comprising a processor, comprising:encrypting a public key using a shared symmetric key shared with an agent, to form an encrypted public key;
encrypting a private key using a private symmetric key to form an encrypted private key;
sending the encrypted public key to the agent over a network;
receiving, from the agent over the network, a first message encrypted with the shared symmetric key, the first message comprising a request to run an operation at a computing device using the agent;
decrypting the first message using the shared symmetric key; and
sending an encrypted second message to the agent over the network, the encrypted second message encrypted with the private key produced by decrypting the encrypted private key, the encrypted second message authorizing the operation at the computing device.

US Pat. No. 9,853,986

CLUSTERING EVENT DATA BY MULTIPLE TIME DIMENSIONS

EntIT Software LLC, Sunn...

1. A method for processing network activity log data, the method comprising:
receiving, by a server computing device from a networked device communicatively connected to the server computing device over
a network, a plurality of events generated and collected by the networked device;

clustering, by the server computing device, the plurality of events to form a plurality of data chunks, wherein:
each of the plurality of data chunks includes a subset of the plurality of events clustered according to a primary time dimension
field of each event of the plurality of events;

for each data chunk among the plurality of data chunks, determining, by the server computing device, a density level of the
data chunk;

selecting, by the server computing device, a subset of the data chunks for re-clustering based on the determined density level,
including each data chunk for which the determined density level is less than a threshold;

disassembling, by the server computing device, the subset of data chunks into a plurality of events;
re-clustering, by the server computing device, the disassembled plurality of events to form a re-clustered data chunk, wherein
at least one event among the plurality of events is re-clustered in the re-clustered data chunk according to a secondary time
dimension field of the at least one event;

identifying, by the server computing device, network security threats using the re-clustered data chunk; and
performing, by the server computing device, a countermeasure against the identified network security threats.

US Pat. No. 9,830,373

DATA TRANSFER REQUESTS WITH DATA TRANSFER POLICIES

ENTIT SOFTWARE LLC, Sunn...

1. A method comprising:
receiving, by a database management node storing a data partition of a database table that is distributed across a plurality
of database management nodes of a database management system, a data transfer request from a data analytics node of a cluster
of data analytics nodes, the data transfer request requesting loading of data from the database management system to the cluster
of data analytics nodes and including a data transfer policy for splitting the data partition onto the data analytics nodes
of the cluster,

wherein the data transfer request is a database select query including a parameter specifying the data transfer policy, a
parameter identifying a table, and a parameter identifying a column of the table to load to the cluster of data analytics
nodes, and

wherein the data transfer request further identifies a user defined function, and the parameter specifying the data transfer
policy is a parameter of the user defined function;

identifying, according to the data transfer policy of the data transfer request, a data split from the data partition, the
data split being a subset of the data partition and identified in response to the data transfer request to load the data split
to the cluster of data analytics nodes; and

communicating, by the database management node in response to the data transfer request, the data split to the data analytics
node.

US Pat. No. 9,819,569

TRANSPORT SCRIPT GENERATION BASED ON A USER INTERFACE SCRIPT

EntIT Software LLC, Sunn...

1. An apparatus comprising:
a processor;
a memory comprising machine-readable instructions which, when executed by the processor, cause the processor to perform operations
comprising:

automatically regenerating a transport script from a previous version, wherein the transport script includes network requests
to simulate network interactions with a server hosting an application, the regeneration comprising:

recording as a new version of the transport script network requests while executing a user interface script, wherein the user
interface script includes actions to simulate user interaction with a user interface of the application;

identifying a difference between the new version of the transport script and the previous version of the transport script,
wherein the difference comprises a script modification applied to the previous version of the transport script; and

modifying the new version of the transport script to obtain an updated transport script by applying the script modification
present in the previous version of the transport script to the new version of the transport script, the applying of the script
modification responsive to a determination that the script modification applied to the previous version of the transport script
is not included in the recorded network requests; and

testing the server by executing the updated transport script.

US Pat. No. 9,792,359

PROVIDING TRAINING INFORMATION FOR TRAINING A CATEGORIZER

ENTIT SOFTWARE LLC, Sunn...

1. A system, comprising:
at least one processor;
a data set comprising a plurality of cases;
a search engine executable on the at least one processor to receive a query relating to at least one category and to identify
cases within the data set that match the query, the identified cases being unlabeled with respect to the category, wherein
the search engine is to identify the cases that match the query without using a categorizer that determines whether or not
the cases belong to the category;

a confirmation module executable on the at least one processor to:
receive a first user indication in a user interface that a first case of the identified cases belongs to the category, and
a second user indication in the user interface that a second case of the identified cases does not belong to the category,

in response to receiving the first and second user indications in the user interface, modify training information for training
the categorizer, the confirmation module modifying the training information by adding the first case to a positive training
set of cases, and adding the second case to a negative training set of cases; and

a training module executable on the at least one processor to modify the categorizer based on the positive and negative training
sets.

US Pat. No. 10,073,761

LEGACY SYSTEM

ENTIT SOFTWARE LLC, Sunn...

1. A method, comprising:encapsulating, by a controller, a plurality of recorded user interface (UI) automation scripts of an existing legacy system with an application programming interface (API) wrapper associated with a mobile application;
in response to a call from the mobile application, utilizing, by the controller, a selected one of the plurality of recorded UI automation scripts encapsulated in the API wrapper to execute at least one action in the legacy system, wherein the selected UI automation script replays functions of the legacy system based on at least one API of the legacy system, and wherein utilizing comprises utilizing the selected UI automation script to replay the functions of the legacy system based on the at least one API of the legacy system;
returning, by the controller, results from the at least one action in the legacy system to the mobile application;
determining, by the controller, that a failure exists in at least one of the plurality of recorded UI automation scripts; and
correcting, by the controller, the at least one of the plurality of recorded UI automation scripts in which a failure is determined to exist without changing any code in the mobile application.

US Pat. No. 10,026,179

UPDATE SET OF CHARACTERISTICS BASED ON REGION

ENTIT SOFTWARE LLC, Sunn...

1. A device, comprising:a trigger unit to trigger an alarm in response to identifying an object in an image based on a set of characteristics, wherein the object is classified as one of a true alarm and a false alarm;
a data unit to form a first data point based on values for the set of characteristics of the object and to add the first data point to a set of data points, wherein each of the data points is along a plurality of dimensions and each of the dimensions corresponds to one of the set of characteristics; and
a parameter unit to determine values for a set of parameters that defines a region of space along the plurality of dimensions,
wherein the region is determined based on a numerical analysis of the set of data points to reduce a number of the true alarms outside the region and to reduce a number of the false alarms inside the region,
wherein each of the data points of the set of data points corresponds to an object classified as one of the true alarm and the false alarm, the numerical analysis changes at least one of the values of the set of parameters to redefine the region if a weight for at least one of a missed alarm and the false alarm is changed, the missed alarm is the true alarm outside the region, and
wherein the trigger unit updates the set of characteristics based on the region.

US Pat. No. 9,990,500

DETERMINING APPLICATION VULNERABILITIES

ENTIT SOFTWARE LLC, Sunn...

1. A system, comprising:a physical processor; and
a non-transitory storage medium storing machine readable instructions executable on the physical processor to:
determine whether a set of instructions executed by an application under testing includes a set of database instructions;
responsive to determining that the set of instructions includes the set of database instructions:
determine whether a first database instruction of the set of database instructions causes information to be entered into a database;
determine whether a second database instruction of the set of database instructions causes the information to be obtained from the database;
responsive to determining that the first database instruction causes the information to be entered in the database and the second database instruction causes the information from the database to be obtained from the database, target, by a scanner, the first and second database instructions of the application in a simulated attack using simulated malicious code, and determine, based on the simulated attack, vulnerable computer code in the application that causes entry of malicious code into the database via execution of the first database instruction and executes the malicious code via execution of the second database instruction; and
filter out other instructions of the application from vulnerability detection by the scanner, by declining to perform a simulated attack using simulated malicious code on the other instructions of the application, in response to determining that the other instructions do not enter information into and obtain information from the database.

US Pat. No. 9,954,942

RESULT AGGREGATION

ENTIT SOFTWARE LLC, Sunn...

1. A method for result aggregation in a crowdsourcing environment, the method comprising:providing a task with a plurality of solution options and a range of confidence values corresponding to the plurality of solution options to multiple workers;
receiving responses for the task from the multiple workers, wherein each of the responses comprises at least a worker's selection of one of the plurality of solution options and a worker response confidence value selected from the range of confidence values corresponding to the selected one of the plurality of solution options, and wherein the worker response confidence value is indicative of confidence of a worker for the one of the plurality of solution options to be correct;
estimating a task answer for the task based on at least the worker response confidence value received from each of the multiple workers; and
computing a performance bonus for each of the multiple workers based on the task answer, the worker response confidence value in the response from each worker, and a Proper Scoring Rule.

US Pat. No. 9,846,781

UNUSED PARAMETERS OF APPLICATION UNDER TEST

EntIT Software LLC, Sunn...

1. A computing system comprising:
a server to host an application under test, wherein the server includes a real-time agent; and
a computing device communicatively coupled to the application under test to in a current crawl session request a web page
of the application under test;

wherein the real-time agent determines one or more parameter fields expected by the web page associated with the request that
were unused by the request in the current crawl session,

wherein the server sends a message to the computing device identifying the one or more parameter fields as unused;
wherein the computing device generates a new request including one or more parameters in the one or more parameter fields;
and
wherein the computing device is to identify the one or more parameter fields as not a backdoor vulnerability responsive to
determining that the one or more parameter fields were used by a prior request in a prior crawl session.

US Pat. No. 9,830,451

DISTRIBUTED PATTERN DISCOVERY

EntIT Software LLC, Sunn...

13. A method for distributed pattern discovery comprising:
receiving, at a node, a plurality of local frequent pattern trees of potential patterns from a plurality of sub-nodes, wherein
each of the respective local frequent pattern trees are based on a plurality of activities, wherein one of the local frequent
pattern trees is associated with a count for a number of times one of the potential patterns has occurred in the activities;

merging the local frequent pattern trees into a global pattern tree for the sub-nodes based, at least in part, on the count;
sending the global pattern tree to the sub-nodes,
wherein the count is below a threshold level,
wherein a second one of the local frequent pattern trees is associated with a second count for a number of times the one potential
pattern has occurred,

wherein the second count is below the threshold level, and
wherein the one potential pattern is included in the global pattern tree if the count and second count combined is at least
at the threshold level; and

using the global pattern tree to perform a security function.

US Pat. No. 9,798,981

DETERMINING MALWARE BASED ON SIGNAL TOKENS

ENTIT SOFTWARE LLC, Sunn...

1. A computing device comprising:
a memory and at least one hardware processor to execute a plurality of modules including:
a static code analysis module to generate a set of tokens from an application under test according to obfuscation tolerant
rules, wherein each token of the set of tokens is generated upon a hit to one of the obfuscation tolerant rules;

a signal generation module to generate a plurality of signal tokens from the set of tokens using a set of grouping rules,
wherein each signal token is generated from a grouping of multiple tokens based on a grouping rule; and

a classification module to perform a Bayes classification to compare the plurality of signal tokens with a signal token database
to determine a likelihood of whether malware is included in the application under test.

US Pat. No. 9,720,803

METHODS AND APPARATUS FOR DEBUGGING OF REMOTE SYSTEMS

ENTIT SOFTWARE LLC, Sunn...

1. A first computer system comprising:
a processor; and
a non-transitory storage medium storing instructions executable on the processor to:
establish a connection between the first computer system and a second computer system;
retrieve values of a set of data elements from the second computer system via the connection;
execute a first software code on the first computer system using the retrieved values of the set of data elements, in response
to closing the connection between the first computer system and the second computer system; and

debug the first software code on the first computer system after the executing of the first software code on the first computer
system.

US Pat. No. 10,027,686

PARAMETER ADJUSTMENT FOR PATTERN DISCOVERY

ENTIT SOFTWARE LLC, Sunn...

1. A method comprising:receiving event data collected by agents from sources over a communication network, the sources comprising network security devices;
providing a set of parameters to a pattern identifier engine, wherein the set of parameters specify conditions for identifying patterns in the event data;
executing, by the pattern identifier engine executed on a hardware processor of a manager system, a pattern discovery comprising identifying, by the pattern identifier engine, the patterns in the event data if the event data satisfies the conditions specified by the set of parameters;
determining whether the pattern discovery failed to complete within a predetermined period of time;
in response to determining that the pattern discovery failed to complete within the predetermined period of time, iteratively performing further pattern discovery until a criterion is satisfied by:
adjusting a parameter of the set of parameters to reduce use of system resources of the manager system for a subsequent pattern discovery run, the adjusting producing a respective adjusted set of parameters;
providing the respective adjusted set of parameters to the pattern identifier engine and executing, by the pattern identifier engine, the subsequent pattern discovery run to identify patterns in the event data if the event data satisfies conditions specified by the respective adjusted set of parameters; and
executing an action in response to the identified patterns produced by the further pattern discovery, the action comprising one or more of mitigating an attack and displaying the event data for analysis by a network administrator.

US Pat. No. 10,019,346

GENERATING SOFTWARE TEST SCRIPT FROM VIDEO

ENTIT SOFTWARE LLC, Sunn...

1. A method of generating a script comprising:scanning, by a processor, a video to find a user action that was performed on a screen during execution of an application and recorded in the video, including analyzing the video, by the processor, frame by frame until a visual indicator is identified in a marked frame of the video, wherein the visual indicator is a graphical item that was superimposed onto the marked frame of the video to mark a location on the screen where the user action was performed, and a graphic of the visual indicator represents a specific type of user action that was performed;
determining, by the processor, the user action captured in the marked frame of the video by mapping the visual indicator identified in the marked frame to the specific type of user action in a lookup table;
generating, by the processor, an action parameter corresponding to the determined user action;
based on the action parameter, generating, by the processor, a test script to execute on software under test; and
executing, by the processor, the test script to recreate the user action captured in the video during execution of the software under test.

US Pat. No. 10,007,686

AUTOMATIC VERTICAL-DATABASE DESIGN

ENTIT SOFTWARE LLC, Sunn...

1. A computer-implemented method comprising:for each of multiple candidate sort orders of a table having rows and columns, determining a cost based on candidate training queries that have execution costs that satisfy an improvement criterion;
based on the respective costs of the candidate sort orders, selecting sort orders at least one of which satisfies all of the candidate training queries;
for each of the selected sort orders, adding, to a design of a database, an included projection, wherein a projection is a subset of the columns of the table sorted according to a same order, the columns of the projection to be physically stored in accordance with the selected sort order; and
each of the multiple candidate sort orders from which the sort orders are selected defining an order with respect to a putative projection comprising a view of one or more columns that are not necessarily identical to the columns of the included projection.

US Pat. No. 9,996,443

USER ACTION DURATION

ENTIT SOFTWARE LLC, Sunn...

1. A system comprising:one or more hardware components to:
determine a number of async operations to be loaded on a user interface;
determine a repeating async operation from the number of async operations that has a pattern of repeating timeouts;
remove the repeating async operation from the number of async operations; and
calculate a total time for the remaining number of async operations based on a total timeout of each of the remaining number of async operations; and
a display device to display the calculated total time for the remaining number of async operations.

US Pat. No. 9,921,948

SOFTWARE COMMIT RISK LEVEL

ENTIT SOFTWARE LLC, Sunn...

1. A method, comprising:
generating, by a processor, a classifier for attributes of previous software commits, wherein the previous software commits
are code that has already been deployed, and wherein generating the classifier includes classifying the attributes of the
previous software commits into three classes: a first class based on a frequency of update of the previous software commits,
a second class based on successful levels of the previous software commits, and a third class based on code complexity of
the previous software commits;

extracting, by the processor, attributes pertaining to a new software commit, wherein the new software commit is code that
has not been deployed; and

running, by the processor, the classifier on the extracted attributes of the new software commit to determine a risk level
for deployment of the new software commit into a production environment to determine whether or not to skip a testing phase,

wherein generating the classifier of the previous software commits includes:
removing one of the previous software commits from the data structure,
calculating a classifier on the previous software commits remaining in the data structure,
running the calculated classifier on the removed software commit, and
comparing a risk level label returned by the calculated classifier to an actual risk level label of the removed software commit.

US Pat. No. 9,824,122

REQUESTS FOR SOURCE CODE TEXT

ENTIT SOFTWARE LLC, Sunn...

1. A system comprising:
a repository to store source code text, the source code text comprising a plurality of sections;
an indexer module which, if executed, instructs at least one processor to associate each section with a descriptor comprising
a natural language description of a respective section,

wherein to associate each section with the descriptor, a source code analyzer which, if executed, instructs the at least one
processor to delineate each section in the source code text, wherein each delineated section of the source code text is substantially
similar to a predefined source code template; and

a searcher module which, if executed, instructs the at least one processor to read a request for a particular type of source
code and to obtain each section of the stored source code text whose descriptor at least partially matches the request, each
obtained section being adaptable for producing at least some of the type of source code requested.

US Pat. No. 9,785,631

IDENTIFICATION AND EXTRACTION OF ACRONYM/DEFINITION PAIRS IN DOCUMENTS

ENTIT SOFTWARE LLC, Sunn...

1. A method comprising:
identifying, by a processor circuit, a string of characters indicative of a candidate acronym within a first portion of a
document comprising at least two portions;

extracting, by the processor circuit, text proximal to the identified string of characters, the text indicative of a definition
for the candidate acronym;

creating, by the processor circuit, a candidate acronym/definition pair comprising the identified string of characters and
the extracted text;

applying, by the processor circuit, a classification system to the candidate acronym/definition pair to create or update an
acronym/definition pair dictionary specific to the document, wherein the classification system comprises a global classification
model and a local classification model stored in a memory;

iteratively training, by the processor circuit, the local classification model based on user feedback regarding an accuracy
of the acronym/definition pair dictionary specific to the document;

applying, by the processor circuit, the trained local classification model to determine valid candidate acronym/definition
pairs created from a second portion of the document; and

updating, by the processor circuit, the acronym/definition pair dictionary to include the valid candidate acronym/definition
pairs determined by the trained local classification model.

US Pat. No. 10,013,242

DISTRIBUTED COMPILATION OF STATICALLY TYPED LANGUAGES

ENTIT SOFTWARE LLC, Sunn...

1. A system for providing distributed compilation of statically typed languages, the system comprising:a processing resource; and
a memory resource comprising instructions that when executed by the processing resource cause the processing resource to:
identify, in source code of a target module, a plurality of first order dependencies of the target module and indirect dependencies of the target module, wherein the plurality of first order dependencies are modules that the target module directly depends upon, and the indirect dependencies are modules that the target module indirectly depends upon via the first order dependencies;
traverse each of the plurality of first order dependencies to remove, from the source code of the target module, code references to the indirect dependencies of the target module;
compile the source code of the removed indirect dependencies to generate a plurality of module stubs, wherein the plurality of module stubs includes references to the first order dependencies without the indirect dependencies; and
compile the source code of the target module using the plurality of module stubs to generate a target program.

US Pat. No. 10,013,318

DISTRIBUTED EVENT CORRELATION SYSTEM

EntIT Software LLC, Sunn...

1. A master node in a distributed event correlation system including cluster nodes in a cluster, the master node comprising:at least one processor to:
divide an event field in events into partitions including ordered contiguous blocks of values for the event field;
assign each partition to a pair of the cluster nodes;
determine a partition map from the partitions, wherein the partition map identifies for each partition, the block of the event field values for the partition, a primary cluster node, and a failover cluster node for the primary cluster node; and
a data storage to store the partition map, wherein the at least one processor is to store the partition map in the data storage.

US Pat. No. 9,992,033

SELECTION OF COMMUNICATION CHANNEL BASED ON CHANNEL SELECTION DATA

ENTIT SOFTWARE LLC, Sunn...

1. A memory resource storing instructions that when executed cause a processing resource to:access channel selection data for a participant in a conversation;
analyze the channel selection data to select a particular secondary communication channel from among a plurality of secondary communication channels associated with the participant;
queue a first message corresponding to the conversation;
communicate the queued first message corresponding to the conversation to the participant via the selected secondary communication channel after a determination that a count of queued messages for the participant exceeds a message count or a velocity of messages in a queue for the participant falls below a threshold velocity;
receive a second message corresponding to the conversation via the selected secondary communication channel; and
update data representing the conversation using at least a portion of the second message.

US Pat. No. 9,992,379

PARTIAL SNAPSHOTS FOR CREATING GENERALIZED SNAPSHOTS

ENTIT SOFTWARE LLC, Sunn...

1. A method for creating a partial snapshot, the method comprising:in response to an event, accessing, by a processor, a user interface screen or view associated with an application, wherein the screen or view includes multiple pixels arranged over an area, wherein a group of the multiple pixels are arranged to form human-readable text;
sampling, by the processor, the multiple pixels by capturing a portion of the multiple pixels included in the screen or view, wherein the sampling includes maintaining a dispersion of the captured pixels over the area of the screen or view to prevent capture of a sufficient number of the group of the multiple pixels to recreate the human-readable text from the sampled multiple pixels and preventing clustering of captured pixels within sub-areas of the area; and
transmitting, by the processor, the captured portion as a partial snapshot to a system, the system being to create a generalized snapshot from the partial snapshot and other partial snapshots received from other clients.

US Pat. No. 9,990,100

PROVIDING AUTOMATION CODE CONTAINING A REPRESENTATION OF ALTERNATIVE INTERPRETATIONS OF A USER ACTION

ENTIT SOFTWARE LLC, Sunn...

1. A method comprising:receiving, by a system having a processor, an indication of a particular user action made in a user interface during a recording session;
identifying, by the system, plural alternative interpretations of the particular user action; producing, by the system, a representation of the plural alternative interpretations of the particular user action;
generating, by the system, automation code that contains the representation, wherein the automation code is executable to replay the particular user action;
marking, in the representation, one of the plural alternative interpretations of the particular user action as an active alternative interpretation, and another of the plural alternative interpretations of the particular user action as an inactive alternative interpretation; and
presenting, in the user interface, the plural alternative interpretations, wherein the active alternative interpretation is indicated as being the active alternative interpretation in the user interface.

US Pat. No. 9,965,611

COMPARING REAL-TIME MOVEMENTS TO PATTERN PROFILE BACKGROUND

ENTIT SOFTWARE LLC, Sunn...

1. A method comprising:receiving, by a processor of a computing system, a data stream indicative of real-time movements of a mobile device;
forming, by the processor, a movement pattern profile for the mobile device based on historical movements of the mobile device and movement information derived from electronic mail and a calendar of scheduled events, prior to occurrence of the scheduled events, for an owner of the mobile device;
comparing, by the processor, the data stream indicative of real-time movements of the mobile device to the movement pattern profile for the mobile device including the movement information for the owner of the mobile device to determine whether an abnormality occurs in the movement of the mobile device; and
in response to a determination that an abnormality in the movement of the mobile device has occurred, triggering, by the processor, an authentication event on the mobile device.

US Pat. No. 9,934,002

TECHNOLOGY RECOMMENDATION FOR SOFTWARE ENVIRONMENT

ENTIT SOFTWARE LLC, Sunn...

1. A method, comprising:receiving, by a computer, input from a client device, the input indicative of a software environment for a software application to be developed by a user;
analyzing, by the computer, the received input against a knowledge base to generate a technology recommendation for the user to use to develop the software application, wherein the knowledge base encodes a query tree that specifies questions to be provided to the user to solicit the input indicative of the software application environment, wherein the query tree includes a plurality of leaf nodes, the leaf nodes associated with questions to solicit the input from the user related to a software platform, a server role, and a type of device on which the software application is to be executed;
analyzing, by the computer, a path in the query tree by obtaining a first leaf node in a first level of the query tree, the first leaf node corresponding to a first question to provide to the client device; and
providing, by the computer, the technology recommendation to the client device.

US Pat. No. 9,928,237

AUTOMATED CONTEXTUAL-BASED SOFTWARE LOCALIZATION

ENTIT SOFTWARE LLC, Sunn...

1. A system for automated contextual-based software localization, the system comprising:a processor; and
a memory storing instructions that when executed by the processor cause the processor to:
detect multiple portions of source code related to a software product that cause multiple screen states to be generated, respectively, wherein each of multiple language-specific elements in the source code has been replaced with one property key of multiple property keys that function as placeholders for the language-specific elements in the source code;
for each particular screen state of the multiple screen states:
determine, for the particular screen state, a subset of the multiple property keys associated with the particular screen state, wherein a number of property keys in the subset is less than a total number of the multiple property keys;
generate, for the particular screen state, a properties data file that includes the subset of property keys and associated property key values related to a first language;
generate, for the particular screen state, a screen shot that is uniquely related to the particular screen state corresponding to a portion of the source code that causes the particular screen state to be generated; and
create, for the particular screen state, a translation package that includes the screen shot and the properties data file associated with the particular screen state;
send the translation package of each of the multiple screen states to a translation computing device that revises the property key values in the properties data file of the translation package and creates a revised properties data file for each of the multiple screen states;
receive, from the translation computing device, the revised properties data file for each of the multiple screen states, which form a group of revised properties data files related to the multiple screen states; and
create a single properties data file for the first language based on the group of revised properties data files, wherein the single properties data file and the source code are compiled to create an executable version of the software product.

US Pat. No. 9,922,119

NAVIGATIONAL RANKING FOR FOCUSED CRAWLING

ENTIT SOFTWARE LLC, Sunn...

1. A method comprising:
accessing, by a computing device, a plurality of web pages; and
determining, by the computing device, for each web page of the plurality of web pages, a navigational rank to a root node
by,

(a) determining a number of links pointing to the plurality of web pages;
(b) setting an initial navigational rank of the web page to an initial value;
(c) identifying navigational ranks of the web pages to which the web page points;
(d) calculating a navigational rank of the web page based on a weight p(u) assigned to the web page (u) and an average of
the identified navigational ranks of the web pages to which the web page points divided by the determined number of links
pointing to the plurality of web pages;

(e) normalizing the calculated navigational ranks of the web pages so that the calculated navigational ranks average to a
certain numerical value;

(f) determining whether a difference between the normalized navigational rank and the initial navigational rank of the web
page is below a predefined error bound;

(g) in response to the determined difference being less than the predefined error bound, setting the navigational rank of
the web page to be the calculated navigational rank;

(h) in response to the determined difference being below the predefined error bound; and
repeating (c) to (h) for the web page based on the calculated navigational ranks of the web pages until the differences between
the normalized navigational ranks and the initial navigational ranks of the plurality of web pages are each below the predefined
error bound.

US Pat. No. 9,922,133

LIVE TOPOLOGICAL QUERY

EntIT Software LLC, Sunn...

1. A live topological query method performed by a physical computing system, the method comprising:
with a querying application, using a query graph to create a live topological query result from a database storing a full
structure graph while not storing an entirety of said query result in a cache memory;

storing a first query result portion of said query result in said cache memory, and not storing a second query result portion
of said query result in said cache memory, wherein said first query result portion relates to a first node in said query graph,
and said second query result portion relates to a second, different node in said query graph;

in response to detecting a change within said full structure graph, performing a calculation, based on said first query result
portion stored in said cache memory and said second query result portion not stored in said cache memory, to determine whether
said change is relevant to said query result;

notifying said querying application of a relevant change to said query result without relying on a fully cached copy of said
query result; and

sorting nodes of said query graph into an order of said nodes, wherein performing said calculation comprises performing calculations
in an order that corresponds to said order of said nodes, wherein sorting said nodes of said query graph comprises placing
said first node before said second node in said order of said nodes.

US Pat. No. 9,880,086

NON-OVERLAPPING VISUALIZATION OF DATA RECORDS OF A SCATTER PLOT

EntIT Software LLC, Sunn...

1. A method of non-overlapping visualization of data records of a scatter plot, comprising:
providing, by a computer, rows and columns in a visualization screen containing cells representing respective data records,
each of the data records containing a plurality of attributes, wherein the rows correspond to value ranges of a first attribute
of the plurality of attributes, and the columns correspond to value ranges of a second attribute of the plurality of attributes,
wherein each value range of the value ranges of the first attribute includes plural values of the first attribute, and wherein
each value range of the value ranges of the second attribute includes plural values of the second attribute, and wherein blocks
are provided at respective intersections of the rows and columns and are identified by visible boundaries, and each of the
blocks includes a corresponding arrangement of cells, and the blocks in a first of the rows have a different height than the
blocks in a second of the rows;

automatically generating, by the computer, the value ranges for the rows based on values of the first attribute in the data
records;

automatically generating, by the computer, the value ranges for the columns based on values of the second attribute in the
data records; and

assigning, by the computer, different colors to the cells according to different values of a third attribute of the plurality
of attributes.

US Pat. No. 10,042,638

EVALUATING DOCUMENTATION COVERAGE

ENTIT SOFTWARE LLC, Sanf...

1. An automated method for evaluating documentation coverage, comprising:from a testing tool having exercised an application, identifying interface elements of the application's user interface;
filtering the identified interface elements to identify documentable interface objects;
for each identified documentable interface object, determining if documentation exists for that documentable interface object and assigning a value to that documentable interface object that is indicative of the determined existence or non-existence of documentation, wherein determining if the documentation exists includes:
ascertaining whether the existence of documentation can be determined from user interface data that at least partially defines the application's user interface as a collection of interface elements;
if so, processing the user interface data to identify associations between the documentable interface objects and those of the interface elements that are indicative of documentation; and
if not, mimicking a number of documentation access requests and processing responses to determine the existence of documentation for the documentable interface objects; and
reporting documentation coverage data for the application interface, the data being reflective of the values assigned to the documentable interface objects.

US Pat. No. 9,910,992

PRESENTATION OF USER INTERFACE ELEMENTS BASED ON RULES

EntIT Software LLC, Sunn...

1. A system comprising:
a processor; and
a non-transitory computer-readable data storage medium storing instructions executable by the processor to:
load a web application having a complex Document Object Model (DOM);
traverse a structure of the web application based on rules to transform the complex DOM of the web application into a set
of actionable tokens representing a portion of user interface elements of the web application;

present a part of the web application with the portion of the user interface elements highlighted;
permit the user to update the rules to selectively add and remove the user interface elements of the web application that
are represented by the set of actionable tokens to which the complex DOM of the web application is transformed based on the
rules;

discover an application attack surface of the web application used within security vulnerability testing of the web application
by simulating user actions on the user interface elements of the web application that are represented by the set of actionable
tokens to which the complex DOM of the web application is transformed based on the updated rules;

receive selection input to select a user interface element presented on the part, but not part of the highlighted user interface
elements;

flag the user interface element for creating a rule; and
generate and cause storage of a type associated with the user interface element, an access identifier associated with the
user interface element, one or more event handlers associated with the user interface element, and relationship information
within the document object model.

US Pat. No. 10,303,553

PROVIDING DATA BACKUP

ENTIT SOFTWARE LLC, Sunn...

1. A non-transitory machine-readable storage medium comprising instructions for providing data backup, the instructions executable by a processor of a computing device to:determine that a first data set for a first tenant from a multi-tenant application running on a server should be backed up;
determine, independently from determining that the first data set for the first tenant should be backed up, that a second data set for a second tenant from the application should be backed up;
responsive to determining that the first data set should be backed up, perform data back up for the first tenant by:
accessing, via a first adaptor for a first type of data resource, a first portion of the first data set stored at a first data resource of the first type;
accessing, via a second adaptor for a second type of data resource, a second portion of the first data set stored at a second data resource of the second type; and
causing storing of the accessed portions of first data set; and
responsive to determining that the second data set should be backed up, perform data back up for the second tenant by:
accessing, via the first adaptor, a first portion of the second data set stored at the first data resource of the first type;
accessing, via the second adaptor, a second portion of the second data set stored at the second data resource of the second type; and
causing storing of the accessed portions of the second data set.

US Pat. No. 10,050,851

VISUALIZING CONDITIONS OF INFORMATION TECHNOLOGY ENVIRONMENTS

ENTIT SOFTWARE LLC, Sunn...

1. A method for visualizing conditions of information technology environments, comprising:creating a visual with an initial unit set and an interactive section, each unit in said initial unit set depicting at least two types of information about at least one current condition of an entity in said information technology environment; and
changing said visual in response to commands from said interactive section to reveal data about said information technology environment,
wherein said initial unit set is a tree map and at least the two types of information comprises a capacity of the entity, and a usage of the entity, wherein the capacity of the entity is represented by an area and the usage of the entity is represented by a color,
wherein the area is based on the capacity of the entity and color is based on the usage of the entity.

US Pat. No. 9,990,274

TESTING INTEGRATED BUSINESS SYSTEMS

ENTIT SOFTWARE LLC, Sunn...

1. A method, comprising:performing, by a processor of a computing device, a test of a first business system, wherein the first business system is integrated with a second business system;
recording, by the processor, one or more calls from the first business system to the second business system during the test of the first business system, wherein recording the one or more calls from the first business system includes using a non-intrusive network sniffing based communication recorder to record the one or more calls from the first business system; and
after the test of the first business system is concluded, performing, by the processor, a test of the second business system, including recommending the one or more calls from the first business system for the test of the second business system.

US Pat. No. 9,990,420

METHOD OF SEARCHING AND GENERATING A RELEVANT SEARCH STRING

ENTIT SOFTWARE LLC, Sunn...

1. A method performed by a computer, comprising:extracting text and contextual information from a first screen element displayed by an application, the first screen element selected by a user action, and the first screen element being part of a plurality of screen elements that are displayed by the application, wherein the plurality of screen elements correspond to different contextual information and the contextual information extracted from the first screen element includes operating system data indicating a type of screen element from which the text is extracted;
obtaining a plurality of strings of different text data types from the extracted text via a series of analyses;
determining a plurality of search types for the plurality of strings based at least on the contextual information of the first screen element and the series of analyses, wherein the determined search types are selected from a plurality of different search types that are mapped to the different contextual information corresponding to the plurality of screen elements;
automatically appending the determined search types to respective strings from the plurality of strings;
automatically generating a relevant search string by logically combining the determined search types and the respective strings; and
searching a database with the relevant search string.

US Pat. No. 9,928,239

COMPARING PROJECTS

ENTIT SOFTWARE LLC, Sunn...

1. A system comprising:at least one non-transitory computer-readable storage medium to store electronically-represented projects represented by computer-accessible data;
at least one processor;
a project-comparator subsystem executable on the at least one processor, wherein the project-comparator subsystem comprises at least one first level feature comparator and a second level comparator;
a project search engine executable on the at least one processor to:
receive data that represents a first electronically-represented project;
invoke the project-comparator subsystem to compare the received first electronically-represented project to at least one of the stored electronically-represented projects, wherein to compare the received first electronically-represented project to at least one of the stored electronically-represented projects, the project-comparator subsystem is to:
extract features from the first electronically-represented project and the at least one of the stored electronically-represented projects;
determine, by the at least one first-level comparator, a similarity metric for each of the extracted features; and
determine, by the second-level comparator, an overall similarity metric, by applying weights to the similarity metrics for the extracted features, and computationally combing the weighted similarity metrics; and
a learning module executable on the at least one processor to:
receive a feedback regarding similarity between the first electronically-represented project and the at least one of the stored electronically-represented projects; and
compute adjustments to the second-level comparator in response to the received feedback.

US Pat. No. 9,917,741

METHOD AND SYSTEM FOR PROCESSING NETWORK ACTIVITY DATA

EntIT Software LLC, Sunn...

1. A method of processing network activity data corresponding to a computer network, comprising:
receiving network activity data from a network device on the computer network;
generating, by a processor, an event corresponding to the network activity data and user defined network activity conditions,
wherein the user defined network activity conditions cause the network monitor to generate the event;

generating, by the processor, a probability based at least in part on Bayesian statistics, the probability corresponding to
a likelihood that the event was a potential cause of or a potential symptom of another event; and

generating by the processor, an event message corresponding to the event based on the probability.

US Pat. No. 9,916,332

DATASET CHART SCALING

EntIT Software LLC, Sunn...

1. A computer-implemented method of monitoring system components, comprising:
receiving a first dataset and a second dataset;
determining a first log difference between a logarithm of a maximum value of the first dataset and a logarithm of a minimum
value of the first dataset;

determining a second log difference between a logarithm of a maximum value of the second dataset and a logarithm of a minimum
value of the second dataset;

selecting, based at least in part on the first and second log differences, between a linear chart scaling and a logarithmic
chart scaling for the first dataset, wherein selecting between the linear and logarithmic chart scalings for the first dataset
comprises:

comparing the first log difference and the second log difference with a threshold,
determining a first indicator of a distribution of values in the first dataset,
determining a second indicator of a distribution of values in the second dataset, and
selecting between the linear and logarithmic chart scalings based on the comparisons and based on the first and second indicators;
selecting, based at least in part on the first and second log differences, between a linear chart scaling and a logarithmic
chart scaling for the second dataset; and

causing a user interface to display a chart in which the first dataset is plotted using the selected chart scaling for the
first dataset and in which the second dataset is plotted using the selected chart scaling for the second dataset.

US Pat. No. 9,992,256

DISTRIBUTED COMPUTING IN R

ENTIT SOFTWARE LLC, Sunn...

1. A method for distributed computing in R, the method performed by at least one processor and comprising:identifying a distributed multivariate apply (dmapply) operation and an invocation of a distributed computing backend;
determining a function referenced in the dmapply operation;
translating, using a distributed backend driver associated with the invoked distributed computing backend, the determined function to a function native to an R application programming interface (API) of the invoked distributed computing backend; and
providing the translated function to the invoked distributed computing backend to perform the translated function on a distributed data set referenced in the dmapply operation.

US Pat. No. 10,088,969

IMAGE-BASED AUTOMATION SYSTEMS AND METHODS

ENTIT SOFTWARE LLC, Sunn...

1. A non-transitory processor-readable medium storing instructions that when executed by a processor, cause the processor to:access an instruction describing an action on a graphical user interface displayed on a display;
identify, in a first image of the graphical user interface, a graphical object displayed on the graphical user interface relative to which the action is to be performed, the graphical object having a first appearance in the first image;
perform the action relative to the graphical object at the graphical user interface;
identify, in a second image of the graphical user interface, the graphical object, wherein an appearance of the graphical object is changed in response to performance of the action, the graphical object having a second appearance in the second image; and
generate semantic information related to the first appearance and the second appearance of the graphical object, the semantic information semantically describing an appearance of the graphical object both prior to and after performance of the action such that the action performed relative to the graphical object is identifiable from the semantic information.

US Pat. No. 10,089,120

WIDGETS IN DIGITAL DASHBOARDS

ENTIT SOFTWARE LLC, Sunn...

1. A non-transitory computer-readable storage medium comprising instructions that when executed by a processor, cause the processor to:receive dashboard data in a vector format representing a digital dashboard generated by a dashboard editor, the digital dashboard including a first data widget, and a second data widget to display metric data related to a metric, the first data widget associated with a first marker selected in the dashboard editor, and the second data widget associated with a second marker selected in the dashboard editor, the first marker indicating that the first data widget is to be displayed as a static data widget, and the second marker indicating that the second data widget is to be displayed as a dynamic data widget;
responsive to the second marker selected to be associated with the second data widget in the dashboard data, integrate the second data widget with a data channel to receive the metric data from a data source, wherein the second data widget is associated with the data source based on user selection using a dashboard integrator after associating the dashboard data with the first and second markers, the dashboard integrator communicatively coupled to the data channel and the data source; and
in response to the dashboard data in the vector format representing the digital dashboard being loaded by a dashboard viewer for display, send the metric data from the data source through the data channel to the dashboard viewer so that the dashboard viewer is to dynamically display the metric data in the second data widget.

US Pat. No. 10,073,765

METHOD AND SYSTEM OF TESTING SOFTWARE USING REAL TIME REPLICATION

ENTIT SOFTWARE LLC, Sunn...

1. A method of testing a first software program, the method comprising:executing a test duplication software program on a first computer system, including:
responding to a predetermined action by a human tester that caused a predetermined operation to be performed on the first software program that implements an underlying functionality and a first configuration;
recording and sending, in real time, a representation of the predetermined action to a second computer system; and
determining a result of the predetermined operation on the first computer system;
executing the test duplication software program on the second computer system, including:
programmatically applying, in real time, the representation of the predetermined action on a second software program executed on the second computer system, wherein the second software program implements the same underlying functionality and a different second configuration; and
determining a result of the predetermined operation on the second computer system;
programmatically analyzing the result of the predetermined operation on the first computer system against a result of the predetermined operation on the second computer system to create analyzed results;
determining that the analyzed results reveals unexpected results; and
notifying the human tester, in real time, of the unexpected results.

US Pat. No. 10,073,918

CLASSIFYING URLS

ENTIT SOFTWARE LLC, Sunn...

1. A method of classifying Universal Resource Locators (URLs) comprising:monitoring user traffic to a service and determining URLs accessed by a user;
tokenizing each of the URLs into a plurality of tokens, each token corresponding to a portion of the respective URL;
forming a Trie from the tokenized URLs, wherein the Trie includes nodes, and each node of the Trie corresponds to one of the plurality of tokens of each URL;
assigning weights to the nodes in the Trie based at least in part on monitored user traffic to the nodes, wherein assigning weights to the nodes in the Trie comprises assigning a weight to each node in the Trie based on a number of times a URL including the node has been accessed by a user and a number of descriptor nodes in a sub-tree of the node, wherein a descriptor node is a node that corresponds to a final token of a URL;
determining whether a total number of nodes in the Trie exceeds a threshold;
in response to a determination that the total number nodes of the Trie exceeds the threshold, selecting a node having a lowest weight in the Trie and merging child nodes of said selected node; and
outputting a URL classification based on a path in the Trie.

US Pat. No. 10,146,667

GENERALIZED SNAPSHOTS BASED ON MULTIPLE PARTIAL SNAPSHOTS

ENTIT SOFTWARE LLC, Sunn...

1. A method for creating a generalized snapshot, the method comprising:accessing multiple partial snapshots, each from a different client; and
creating a generalized snapshot including multiple target pixels from the multiple partial snapshots,
wherein the generalized snapshot and the multiple partial snapshots each relate to a particular classification, and the particular classification is indicated by associated metadata; and
wherein a color of each of the multiple target pixels is determined using colors of a set of multiple source pixels of a plurality of sets, each set from a different partial snapshot, and by considering each distinct source pixel color as a member of a subgroup and selecting the subgroup with a largest number of source pixels.

US Pat. No. 10,073,766

BUILDING SIGNATURES OF APPLICATION FLOWS

ENTIT SOFTWARE LLC, Sunn...

1. A computing system comprising:a processor; and
a memory storing instructions executable to cause the processor to:
identify at least one screen of a test run of a test for an application;
identify at least one element in the at least one screen of the test run of the test for the application that corresponds to an application flow of the test run of the test for the application while excluding other elements in the at least one screen of the test run of the test for the application that do not correspond to the application flow of the test run of the test for the application, wherein the at least one element in the at least one screen of the test run of the test for the application is selectively identified from among available elements in the at least one screen of the test run of the test for the application;
build a test signature of the test run of the test for the application by incorporating the at least one screen of the test run of the test for the application and the at least one element in the at least one screen of the test run of the test for the application into the test signature of the test run of the test for the application to capture the application flow of the test run of the test for the application;
combine a plurality of test signatures, obtained from a plurality of corresponding test runs of the test for the application, into a combined plurality of test signatures;
compare the test signature of the test run of the test for the application to another test signature of another test run of the test for the application; and
display deviations between the test signature of the test run of the test for the application and the other test signature of the other test run of the test for the application to prompt a user based on the comparison.

US Pat. No. 10,067,855

ERROR DEVELOPER ASSOCIATION

ENTIT SOFTWARE LLC, Sunn...

1. A method comprising:building a mapping of classes and functions of log messages to a source code of an application;
receiving an error log message;
identifying, by a processor, a portion of the source code associated with the error log message based on a class name and a function name of the error log message, including scanning the source code based on the class name and function name of the error log message and identifying a common pattern in the source code responsible for an error in the error log message;
identifying, by the processor, a plurality of developers associated with the portion of the source code associated with the error log message based on a set of developer mapping rules;
identifying, by the processor, one of the plurality of developers associated with the portion of the source code to resolve the error in the error log message;
associating the error log message with a type of error message;
determining that a modification performed by the developers is associated with the type of error message; and
associating the developers with the error log message based on the modification performed by the developers being associated with the type of error message.

US Pat. No. 10,091,311

SMART LOCATION DETERMINATION

EntIT Software LLC, Sunn...

1. A system comprising: a processor; and a memory to store instructions that, when executed by the processor, cause the processor to: access session information that details a session of a user system as the user system connects to a web technology server, wherein the session information comprises data representing a version of software executing on the user system; and compare the accessed session information to a knowledge base that includes known common session information of multiple geographic locations, and based on the comparison determine a geographic location of the user system or verify an alleged geographic location; wherein if the geographic location of the user system is determined based on the comparison, the instructions when executed by the processor, cause the processor to determine a first similarity rating between common session information of the determined geographic location and the accessed session information, and the determined geographical location comprises one of the multiple geographical locations; wherein if the alleged geographic location is verified, the instructions when executed by the processor, cause the processor to determine a second similarity rating between common session information of the alleged geographic location and the accessed session information, and the alleged geographical location comprises one of the multiple geographical locations.

US Pat. No. 10,067,859

CONSTRUCTING TEST-CENTRIC MODEL OF APPLICATION

ENTIT SOFTWARE LLC, Sunn...

1. A method comprising:determining, by a processor of a computing device, a list of resources specified by a test selected from a list of tests, the list of tests including tests to be used to test an application;
for each resource in the list of resources that is not within a test-centric model of the application, adding the respective resource to the test-centric model of the application, including
adding a child node representing the respective resource to a graph representing the test-centric model, wherein the child node includes information regarding the respective resource, and
adding an edge between the child node and a root node representing the application;
constructing, by the processor, a composition of the application using at least the respective resource within the test-centric model; and
after the respective resource is added to the test-centric model, linking the selected test to the respective resource within the test-centric model.

US Pat. No. 10,038,771

EXTENDING FEATURES OF ONE DEVICE TO ANOTHER

ENTIT SOFTWARE LLC, Sunn...

1. A method for extending a feature to a first device, the method comprising:receiving a feature extension request from the first device identifying and requesting a feature not natively available to the first device;
from a pool of registered devices, identifying a second device offering the requested feature;
accessing state data of the second device and type data for the requested feature;
processing the state data against a context rule associated with the type data to determine a preference ranking for the second device; and
based on the preference ranking for the second device, initiating a communication link via which the requested feature can be extended to the first device and facilitating extending the requested feature from the second device to the first device.

US Pat. No. 10,331,799

GENERATING A FEATURE SET

ENTIT SOFTWARE LLC, Sunn...

1. A method executed by a system comprising a processor and a memory, comprising:generating a feature set having a smaller number of features than features of a feature space corresponding to feature vectors representing data objects of a data set, the generating comprising using a plurality of iterations of different samplings of samples from the data set, the plurality of iterations comprising:
in a first iteration:
clustering a first subset of samples from the data set into a first plurality of clusters using a clustering algorithm;
selecting a first plurality of features based on the first plurality of clusters;
adding the first plurality of features to the feature set;
in each subsequent iteration following the first iteration:
clustering an additional plurality of samples from the data set, the additional plurality of samples being in addition to samples sampled from the data set in a previous iteration of the plurality of iterations;
selecting additional features based on resulting clusters from clustering the additional plurality of samples;
adding the additional features to the feature set;
continuing with the plurality of iterations until a convergence threshold is reached; and
clustering the data set using the clustering algorithm and the feature set, the clustering of the data set using the clustering algorithm and the feature set using a number of feature vectors that are simultaneously fit into the memory, the number of feature vectors representing respective data objects of the data set.

US Pat. No. 10,152,552

ANALYZING A STRUCTURE OF A WEB APPLICATION TO PRODUCE ACTIONABLE TOKENS

ENTIT SOFTWARE LLC, Sunn...

1. A system comprising:a processor;
a browser layout engine executable on the processor to load a web application;
a scanner executable on the processor to simulate user actions on user interface elements of the web application, to cause crawling of the web application, the crawling selecting objects of the web application; and
a document analyzer executable on the processor to:
identify, from the simulated user actions, first rules that are relevant to generate actionable tokens, wherein each respective rule of a plurality of rules includes a relevancy predicate, wherein the identifying of the first rules comprises activating the first rules that are relevant to the objects selected by the crawling based on the relevancy predicates of the first rules, and deactivating second rules that are not relevant to objects of the web application based on the relevancy predicates of the second rules,
determine, from the simulated user actions, that a type of framework is present on the web application, the type of framework enabling selective changing of a functionality of the web application by a user code,
enable selectors, that are specific to the type of framework, of the identified first rules, wherein the selectors examine a Document Object Model (DOM) of the web application and return sequences of actionable DOM entities, and
cause traversal of a structure of the web application by the enabled selectors to transform the DOM into the actionable tokens each including a portion of the web application that changes a user interface presented based on the web application.

US Pat. No. 10,310,852

TIMING ESTIMATIONS FOR APPLICATION LIFECYCLE MANAGEMENT WORK ITEMS DETERMINED THROUGH MACHINE LEARNING

ENTIT SOFTWARE LLC, Sunn...

1. A method comprising:through a processor:
accessing data records of completed work items associated with managing a lifecycle of a software application;
extracting feature values from the data records of the completed work items for a selected set of features;
determining timing data of state transitions for the completed work items from the data records;
generating predictors through machine learning using the timing data and the extracted feature values as input samples, wherein the predictors include a particular predictor to specify a transition probability of a particular state transition for a work item with specific feature values;
using the generated predictors to create a transition matrix for the work item with specific feature values, wherein the transition matrix specifies transition probabilities for each state transition that the work item traverses and includes rows and columns,
wherein the transition matrix includes a first value at a first row and a first column and a second value at the first row and a second column, the first value corresponding to a length of time that the work item remained in a first state and the second value corresponding to a number of times that the work item transitioned from the first state to a second state; and
referencing the transition matrix to determine an estimated timing of the particular state transition for an uncompleted work item.

US Pat. No. 10,310,705

MENU DISPLAY CONTROL

ENTIT SOFTWARE LLC, Sunn...

1. A method for controlling a menu display, said method comprising:detecting a position of a pointer, wherein the pointer is positioned over an icon of a plurality of selectable icons;
responsive to a determination that the icon is selected, displaying, adjacent to the plurality of selectable icons, a menu containing a set of sub-icons corresponding to the icon;
determining a first location and a second location of the displayed menu;
determining a first line from the position of the pointer to the first location;
determining a second line from the position of the pointer to the second location;
recording a plurality of points in a movement of the pointer;
determining a third line that crosses the plurality of recorded points;
determining whether the third line is within an area between the first line and the second line; and
in response to a determination that the third line is within the area between the first line and the second line, continuing to display the menu while the pointer passes over another icon of the plurality of selectable icons.

US Pat. No. 10,303,562

USING METADATA EXTRACTED FROM PROXY FILES TO ACCESS DATA STORED IN SECONDARY STORAGE

ENTIT SOFTWARE LLC, Sunn...

1. A method comprising:in response to a recovery request to recover data associated with a virtual machine file, creating a proxy file, wherein the virtual machine file is associated with a virtual machine, and the proxy file has a file format recognized by a hypervisor for the virtual machine;
extracting metadata from the proxy file representing a parameter associated with a secondary storage;
storing the extracted metadata outside of the proxy file;
associating the extracted metadata with an identifier; and
in response to an input/output (I/O) request associated with the recovery request, retrieving the extracted metadata to determine the parameter based on the identifier of the proxy file and processing the I/O request based on the determined parameter.

US Pat. No. 10,255,152

GENERATING TEST DATA

ENTIT SOFTWARE LLC, Sunn...

1. A computer-implemented method for improving generation of test data comprising:generating a schema comprising a plurality of database tables stored in data storage;
presenting a graphical display of the schema including visual representations of the plurality of database tables and relationships between the plurality of database tables;
receiving a selection of a database table of the schema presented in the graphical display from a user;
in response to a receipt of the selection of the database table automatically generating a stored procedure for populating the database table with test data, wherein generating the stored procedure comprises receiving from the user, via a rule interface shown on a display, a rule definition including a function for computing at least a portion of the test data based on a column of the database table; and
executing, by a processor, the stored procedure to populate the database table with the test data, wherein executing the stored procedure comprises generating the test data based on the rule definition, user modifications, and the schema, wherein the database table and the stored procedure are included in a relational database.

US Pat. No. 10,229,147

ASSESSING COMPRESSED-DATABASE RAW SIZE

ENTIT SOFTWARE LLC, Sunn...

1. A computer-implemented process comprising:sampling, by a processor coupled to a storage medium, a subset of cells of a compressed database;
assessing cell raw storage sizes of the sampled cells, wherein the assessing of the cell raw storage sizes comprises;
statistically analyzing the cell raw sizes to determine a value of a statistical parameter collectively describing the sampled cells, the sampling being random; and
determining whether additional cells should be sampled to meet a predetermined confidence level; and
assessing a database raw storage size of the compressed database based on the assessing of the cell raw storage sizes to ensure sufficient storage prior to decompressing the compressed database.

US Pat. No. 10,210,335

APPLICATION SECURITY TESTING

Entit Software LLC, Sunn...

1. A computing system comprising:a server to execute an application under test;
a computing device to perform a security test on the application under test; and
a real-time modifier engine to cause the application under test to take a first execution path at a decision point of the application under test regardless of a decision by the application under test at the decision point to take a second execution path in response to the security test,
wherein the real-time modifier engine modifies an outcome of a function used by the application under test to determine the decision made by the application under test at the decision point, uses an instrument that monitors an Application Programming Interface (API), and chooses the first execution path in response to a part of the API being called.

US Pat. No. 10,187,495

IDENTIFYING PROBLEMATIC MESSAGES

ENTIT SOFTWARE LLC, Sunn...

1. A non-transitory machine-readable storage medium encoded with instructions executable by a hardware processor of a computing device for identifying problematic messages, the machine-readable storage medium comprising instructions to cause the hardware processor to:obtain log messages associated with a server request;
obtain a latency measure of the server request;
cluster each of the obtained log messages into one of a plurality of log clusters based on a measure of similarity between the obtained log message and other log messages included in the log cluster, wherein each of the log clusters includes a problematic counter indicating a total number of problematic messages in the log cluster and a benign counter indicating a total number of non-problematic messages in the log cluster;
compare the latency measure of the server request to a threshold;
increment the problematic counter in each of the log clusters if the latency measure exceeds the threshold or increment the benign counter in each of the log clusters if the latency measure does not exceed the threshold;
determine that one of the obtained log messages is a problematic log message based on a ratio of the problematic counter over the benign counter in the log cluster to which the problematic log message belongs; and
display the problematic log message as a notification of a potential problem.

US Pat. No. 10,177,984

ISOLATION OF PROBLEMS IN A VIRTUAL ENVIRONMENT

ENTIT SOFTWARE LLC, Sunn...

1. A non-transitory machine-readable medium with instructions stored therein for providing enhanced capabilities for problem isolation and analysis in a virtual environment, the instructions upon execution causing a system to:maintain a topology of network devices in the virtual environment;
monitor the virtual environment for network device operation irregularities exceeding a threshold;
identify a network device operation irregularity;
identify a portion of the topology associated with the identified network device operation irregularity;
group topology portions of the topology associated with the network device operation irregularities together to form a snapshot of a problem topology, wherein the grouping comprises grouping the topology portions associated with the network device operation irregularities together responsive to the network device operation irregularities occurring within a predetermined time interval from one another;
display the snapshot of the problem topology; and
perform problem management to remedy a problem represented by the problem topology using the snapshot of the problem topology.

US Pat. No. 10,175,958

ACQUIRING IDENTIFICATION OF AN APPLICATION LIFECYCLE MANAGEMENT ENTITY ASSOCIATED WITH SIMILAR CODE

ENTIT SOFTWARE LLC, Sunn...

1. A non-transitory machine-readable storage medium encoded with instructions executable by a computing device to:identify a target code segment;
acquire, from a code similarity system, identification of a code segment similar to the target code segment, the identification of the similar code segment based on comparing the target code segment to code segments in a code repository; and
acquire, from an application lifecycle management (ALM) system, identification of an ALM entity associated with the similar code segment.

US Pat. No. 10,154,076

IDENTIFYING USERS THROUGH A PROXY

ENTIT SOFTWARE LLC, Sunn...

1. A method comprising:providing, through a proxy executed on a processor, rewritten content of a webpage accessed by a user to a user device, the rewritten content including a script inserted into the webpage, and a reference to a data file, the reference including a checksum computed at the proxy from actual content of the webpage, wherein the actual content of the webpage is based on a markup language of the webpage, and wherein the data file is loaded asynchronously with the actual content of the webpage;
determining, through the proxy, a location of the checksum based on a performance criterion, wherein the performance criterion includes at least one of a browser download rate of the rewritten content, available bandwidth of the user, bandwidth of the proxy, or a size of the actual content of the webpage;
receiving, at the proxy, a file request for the data file from the user device, the file request initiated by the script at the user device and including the checksum and a cookie that identifies the user; and
associating, through the proxy, the identified user with the actual content of the webpage in response to receiving the file request for the data file from the user device.

US Pat. No. 10,136,345

TESTING A MOBILE APPLICATION

ENTIT SOFTWARE LLC, Sunn...

1. A method for testing a mobile application, comprising:routing communication between a cellular provider and a real mobile device to a network simulation engine of a computing device;
simulating a cellular network condition for each of a plurality of locations utilizing the network simulation engine and the routed communication;
sending the simulated cellular network conditions to the real mobile device; and
testing performance of the mobile application on the real mobile device for each of the simulated cellular network conditions.

US Pat. No. 10,114,801

TREEMAP OPTIMIZATION

ENTIT SOFTWARE LLC, Sunn...

1. A method executed by a system comprising a processor, comprising:accessing a plurality of data files in storage;
assigning a size value to each of the plurality of data files, wherein each size value is determined based on a size of a corresponding data file of the plurality of data files;
in ascending order of size value of the size values assigned to the plurality of data files, iteratively merging each of data files of a first subset of the plurality of data files into a merge file until a threshold is reached, the plurality of data files comprising a second subset of data files in addition to the first subset of data files;
displaying the second subset of data files as a plurality of boxes on a treemap on a display screen, wherein the size of each box of the plurality of boxes correlates to the size value of a corresponding data file of the second subset of data files, and displaying the merge file as a merge box on the treemap on the display screen; and
in response to user selection of the merge box in the treemap, presenting information of each individual data file of the first subset of data files merged into the merge file, the presented information enabling user access to the first subset of data files.

US Pat. No. 10,114,621

METHODS AND APPARATUS TO GENERATE A WIZARD APPLICATION

ENTIT SOFTWARE LLC, Sunn...

1. A method to generate a wizard application, the method comprising:storing, by executing a computer readable instruction with a processor, a first definition of a graphical user interface for the wizard application in a file, the first definition identifying a type and a name of an element to be rendered in the graphical user interface, the first definition further identifying a position of the element relative to other user interface elements of the graphical user interface;
transferring, by executing a computer readable instruction with the processor, the file and an engine to a computer, the engine including a first user interface renderer to render the graphical user interface as a first type to present the element from the first definition and a second user interface renderer to render the graphical user interface as a second type to present the element from the first definition, wherein the engine is to render the graphical user interface as the first type to present the element from the first definition when the first user interface renderer is selected by a user input and to, render the graphical user interface as the second type to present the element from the first definition when the second user interface renderer is selected by the user input.

US Pat. No. 10,073,755

TRACING SOURCE CODE FOR END USER MONITORING

ENTIT SOFTWARE LLC, Sunn...

1. A system for tracing source code for end user monitoring, the system comprising:a processor to:
monitor an application to obtain an interaction log, wherein the interaction log tracks application interactions by each of a plurality of synthetic monitors;
monitor an execution of application code that is associated with the application to obtain an instrumentation log;
use the interaction log and the instrumentation log to determine a plurality of relationships between portions of the application code and the plurality of synthetic monitors, wherein to determine the plurality of relationships comprises:
perform synthetic monitoring scripts in a test environment of the application to link the synthetic monitoring scripts to the portions of the application code, wherein the plurality of relationships are determined based on the synthetic monitoring scripts;
determine data entry points of the application in the interaction log, wherein the plurality of synthetic monitors interact with the application at the data entry points;
determine, from the instrumentation log, a corresponding portion of the application code executed for each of the data entry points; and
determine, for each of the data entry points, a synthetic monitor of the plurality of synthetic monitors interacting with the data entry point;
receive a notification of a modification of a portion of the application code from a source management module; and
identify an affected synthetic monitor of the plurality of synthetic monitors that is affected by the modification based on at least one of the data entry points corresponding to the modified portion of the application code.

US Pat. No. 10,313,459

MONITORING APPLICATION FLOW OF APPLICATIONS USING A REGULAR OR EXTENDED MODE

ENTIT SOFTWARE LLC, Sunn...

5. A server computing device comprising:a processor; and
a memory storing instructions that when executed cause the processor to:
in response to receiving a request from a first client device for a monitoring mode to monitor a first application, determine that the first client device is to monitor the application flow of the first application running on the first client device in a regular mode based on a determination that previous application flow information of the first application monitored by the first client device fails to meet a predetermined set of conditions;
send an indication to the first client device to monitor the application flow of the first application in the regular mode;
in response to receiving a request from a second client device for a monitoring mode to monitor the first application, determine that the second client device is to monitor an application flow of the first application running on the second client device in an extended mode based on a determination that previous application flow information of the first application monitored by the second client device meets the predetermined set of conditions; and
send an indication to the second client device to monitor the application flow of the first application in the extended mode,
wherein monitoring the first application in the regular mode comprises obtaining a first set of information related to the application flow of the first application and monitoring the first application in the extended mode comprises obtaining a second set of information related to the application flow of the first application different from the first set of information, the second set of information comprising one or more of: the first set of information and additional information, or more detailed information as compared to the first set of information.

US Pat. No. 10,305,760

IDENTIFYING AN ANALYSIS REPORTING MESSAGE IN NETWORK TRAFFIC

ENTIT SOFTWARE LLC, Sunn...

1. A non-transitory machine-readable storage medium encoded with instructions executable by a processing resource of a computing device to:access, over a network without going through a proxy server, network traffic exchanged between a client system and a web server application;
identify, in the accessed network traffic, an analysis reporting message generated by a client system, wherein the analysis reporting message includes information representing a client system analysis of at least one transaction between the client system and at least one of a web server application implementing a website, and a proxy server associated with the web server application; and
extract, from the analysis reporting message in the accessed network traffic, information representing a client system analysis of at least one prior transaction between the client system and a proxy server associated with the web server application,
wherein the information representing the client system analysis comprises information describing an experience of the client system, including an indication of an amount of time to perform the at least one prior transaction between the client system and the proxy server.

US Pat. No. 10,303,567

MANAGING DATABASE NODES

ENTIT SOFTWARE LLC, Sunn...

1. A method for managing database nodes, the method comprising:determining that a data segment is on a failed node in a segmentation ring, the data segment being referenced by an operation of a query plan;
replacing the failed node in the query plan with a buddy node for the data segment;
selecting a plurality of potential victim nodes that includes each node in the segmentation ring that is operational;
selecting a victim node from the plurality of potential victim nodes based on the buddy node for the data segment and a predetermined selection parameter; and
generating a second query plan such that the victim node performs double duty for operations of a node in the segmentation ring.

US Pat. No. 10,289,838

SCORING FOR THREAT OBSERVABLES

ENTIT SOFTWARE LLC, Sunn...

1. A non-transitory machine-readable storage medium storing instructions that upon execution cause a device to:receive information about a plurality of threat observables from a plurality of providing entities, wherein each respective threat observable of the threat observables includes at least one attribute about a respective threat associated with the respective threat observable;
determine threat scores of the respective threat observables for a plurality of receiving entities that are to be alerted based on the threat scores, the determining of the threat scores comprising calculating a first score of a first threat observable of the threat observables for a first receiving entity using a first algorithm customized for the first receiving entity, and calculating a second score of the first threat observable for a second receiving entity using a different second algorithm customized for the second receiving entity, wherein the first score and the second score are different based on different treatment of the at least one attribute by the first and second algorithms in calculating the first and second scores, respectively; and
send an alert to the first receiving entity based on the first score and a policy rule, and not send the second receiving entity the alert based on the policy rule, wherein the policy rule includes whether a receiving entity has an ability to respond to the first threat observable, and wherein the second receiving entity is not sent the alert based on a determination from the policy rule that the second receiving entity does not have the ability to respond to the first threat observable.

US Pat. No. 10,289,613

ELEMENT IDENTIFIER GENERATION

ENTIT SOFTWARE LLC, Sunn...

1. A system for element identifier generation and performance log generation, the system comprising:a processor;
a non-transitory computer readable medium storing instructions that when executed cause the processor to:
an action engine to:
receive an action associated with an element of a structured document of an application; and
measure a metric associated with the received action;
an element engine to:
determine whether the element comprises a targeted element, including to:
determine whether the element comprises a plurality of child elements; and
determine whether an amount of display space occupied by the element exceeds a threshold amount;
in response to determining that the element comprises the targeted element, generate a unique identifier according to a modified attribute of the element and a log engine to create a log record comprising the unique identifier and the metric associated with the received action.

US Pat. No. 10,289,406

DEPENDENCIES BETWEEN FEATURE FLAGS

ENTIT SOFTWARE LLC, Sunn...

1. A method of handling dependencies between feature flags, comprising:defining, by a processing resource executing instructions, dependencies between a plurality of feature flags in a process executable by the processing resource; and
enforcing, by the processing resource executing instructions, the dependencies during activation of a first feature by a determination of validity of utilization of a feature flag as a switch for a second feature.

US Pat. No. 10,209,984

IDENTIFYING A DEFECT DENSITY

ENTIT SOFTWARE LLC, Sunn...

1. A non-transitory computer-readable storage medium storing instructions that, when executed by a processor, cause the processor to:track changes to a code base;
track defects in the code base and maintain a correlation between the changes and the defects addressed by the changes;
determine how many defects are addressed by changes occurring in a portion of the code base associated with implementation of a property for the code base; and
determine a number of defects in the portion of the code base based on the determination of how many defects are addressed by the changes occurring in the portion of the code base.

US Pat. No. 10,212,050

PROVIDING RECURSIVELY-GENERATED INSTANTIATED COMPUTING RESOURCE IN A MULTI-TENANT ENVIRONMENT

ENTIT SOFTWARE LLC, Sunn...

1. A non-transitory computer-readable medium comprising instructions executable by a processing resource to:instantiate a first instance of a first computing resource deployed by a computing resource provider;
provide the first instance of the first computing resource to a first tenant of a plurality of tenants utilizing a computing system;
register the first instance of the first computing resource as a further computing resource provider;
provide a second computing resource deployed by the further computing resource provider to a second tenant of the plurality of tenants responsive to a request of the second tenant when the second computing resource is available and sharable with the second tenant; and
recursively-generate a second instance of the first computing resource responsive to the request from the second tenant when the second computing resource is not available or the second computing resource is not sharable with the second tenant.

US Pat. No. 10,185,559

DOCUMENTATION NOTIFICATION

ENTIT SOFTWARE LLC, Sunn...

1. A method of tracking documentation comprising:maintaining, by a processor of a computing device, a plurality of records of a plurality of elements of an application in a database, wherein each of the records contains information related to one of the elements and an identifier indicating a status of documentation of the element;
receiving a list of the elements of the application;
analyzing, by the processor, the records of the elements listed in the list to identify a first identifier of a first record having a status that indicates a lack of documentation of a first element;
based on the status that indicates the lack of documentation of the first element, providing, by the processor, a notification to a tracking tool to cause the tracking tool to document the first element and create a bug based on the first element;
changing, by the processor, the status of documentation in the first identifier of the first record;
cause the bug of the tracking tool to be maintained based on the notification, the bug being a tracking tool record associated with a documentation task for the first element associated with the notification;
create a screenshot based on a document object model associated with the first element; and
provide the screenshot to the tracking tool to associate the screenshot with the bug via an attachment functionality of the tracking tool.

US Pat. No. 10,176,079

IDENTIFICATION OF ELEMENTS OF CURRENTLY-EXECUTING COMPONENT SCRIPT

ENTIT SOFTWARE LLC, Sunn...

1. An apparatus, comprising:a processor; and
a non-transitory computer-readable medium having modules comprising instructions to be executed by the processor, the modules comprising:
a test-script generator to:
generate a plurality of test components based on actions performed during navigation of an application under test, where each of the plurality of test components comprises a component script, wherein at least one component script is based on two or more of the actions, wherein each of the test components is self-contained and reusable, wherein the application under test includes one or more subsets of code associated with elements of a graphical user interface;
parameterize the plurality of test components by generating a unique variable to represent each graphical user interface element that accepts data during the navigation of the application under test;
for each unique variable, generate one or more inputs for the variable, wherein the one or more inputs are based on the actions performed during the navigation of the application under test;
generate one or more outputs of the at least one graphical user interface corresponding to the one or more inputs for each variable based on analysis of interface outputs observed during the actions performed during the navigation of the application under test;
store each of the plurality of parameterized test components for use in multiple test scripts;
store the inputs and outputs associated with the parameterized test components; and
generate a first test script comprising a sequence of the plurality of parameterized test components, wherein the first test script is employable to exercise the application using the stored inputs associated with the sequence of parameterized test components; and
selection logic to, contemporaneous with execution of the first test script and contemporaneous with the application being exercised by execution of the first test script using the inputs associated with the sequence of parametrized test components:
detect, based on a comparison of the stored outputs associated with the sequence of parameterized test components to outputs of the graphical user interface of the application observed during execution of the first test script, changes made to the one or more subsets of code associated with elements of the graphical user interface after the first test script is generated; and
identify test components among the plurality of test components within the first test script corresponding to the detected changes.

US Pat. No. 10,152,466

COMPARING USER INTERFACES

ENTIT SOFTWARE LLC, Sunn...

1. A non-transitory computer-readable medium storing a set of instructions executable by a processing resource to:receive an indication of a deviation occurring in a current version of software, wherein the deviation includes a deviation from an intended display of a user interface (UI) or a deviation from an intended functionality of the UI;
receive an indication of a portion of the UI associated with the deviation;
compare information pertaining to the portion of the UI in the current version with information pertaining to a corresponding portion of the UI in a plurality of previous versions of the software, wherein the instructions to compare include instructions executable by the processing resource to:
determine the plurality of previous versions from previous versions of the software that were created in a particular time frame; and
iteratively compare the information pertaining to the portion of the UI in the current version with the information pertaining to the corresponding portion of the UI in the previous versions starting with a most recent version until a code revision, which pertains to the portion of the UI, causing the deviation is identified; and
identify, based on the comparison, the code revision causing the deviation.

US Pat. No. 10,121,268

DISPLAYING INFORMATION TECHNOLOGY CONDITIONS WITH HEAT MAPS

ENTIT SOFTWARE LLC, Sunn...

1. A computer program product for displaying information technology conditions with heat maps, comprising:a tangible computer readable storage medium, said tangible computer readable storage medium comprising computer readable program code embodied therewith, said computer readable program code comprising program instructions that, when executed, causes a processor to:
determine a severity value of current issues for each configuration item of a plurality of configuration items of an information technology system, wherein the current issues are associated with a plurality of different issue types;
generate a graph of said plurality of said configuration items that visually depicts topological relationships between said plurality of configuration items, said graph comprising a heat map overlay;
assign pixel colors for each configuration item in said heat map overlay according to their severity value, wherein a region of said heat map overlay comprises a first pixel color of the pixel colors associated with a relatively higher severity value;
display a second pixel color associated with a relatively lower severity value in said heat map overlay; and
surround the region with the second pixel color to highlight the first pixel color.

US Pat. No. 10,068,365

SPIRAL VISUALIZATION GENERATOR

ENTIT SOFTWARE LLC, Sunn...

1. A method executed by a system comprising a hardware processor, comprising:analyzing dimensions of item indicators corresponding to items of a dataset, the item indicators generated for the items based on a characteristic of the items;
determining starting coordinates for a spiral path for a spiral visualization of the items based on the dimensions of the item indicators and a display area of a display device, the starting coordinates comprising coordinates of the display area;
calculating a convex hull for the spiral path by calculating an outside boundary and an inside boundary for the spiral path based on the dimensions and an order of the item indicators along the spiral path, the spiral path to be located within the convex hull;
calculating the spiral path based on the starting coordinates and the dimensions of the item indicators, wherein calculating the spiral path comprises spiraling the convex hull such that a threshold distance is maintained between the inside boundary and the outside boundary between turns of the spiral visualization; and
generating the spiral visualization to render the item indicators on the spiral path to present a first item indicator of the item indicators corresponding to a first item of the dataset at the starting coordinates and a last item indicator of the item indicators corresponding to a last item of the dataset on the spiral path toward a center of the spiral visualization.

US Pat. No. 10,331,894

STATIC PROGRAM ANALYSIS IN AN OBJECT-RELATIONAL MAPPING FRAMEWORK

ENTIT SOFTWARE LLC, Sunn...

1. An apparatus comprising:a processor; and
a non-transitory storage medium storing machine-readable instructions executable on the processor to:
perform static program analysis on a set of processor executable instructions associated with an object-relational mapping (ORM) framework, wherein the set of processor executable instructions includes an object;
generate a propagation path of the object based on an execution flow of the object, wherein the propagation path includes a first node and a second node, wherein the first node corresponds to a first ORM operation to store the object in a database, wherein the second node corresponds to a second ORM operation to retrieve the object from the database, and wherein the second node is linked in the propagation path to the first node based on the first ORM operation and the second ORM operation being associated with a common attribute of the object, the common attribute comprising an attribute of a relational table of the database; and
in response to a determination that the propagation path includes a sink, output a security risk warning to cause an update of the set of processor executable instructions.

US Pat. No. 10,313,460

CROSS-DOMAIN INFORMATION MANAGEMENT

ENTIT SOFTWARE LLC, Sunn...

1. A method performed by a computing device, comprising:accessing, in response to a first query from a user, content of a first domain;
receiving, in association with rendering the content of the first domain responsive to the first query, a user selection relating to a first type of user interaction information for cross-domain sharing;
generating a cross-domain sharing specification that comprises an identifier of the first domain and the first type of user interaction information that the user has selected for the cross-domain sharing, wherein the first type of user interaction information is selected from a plurality of types of user interaction information related to the first domain;
obtaining, from the first domain, user interaction information corresponding to the first type of user interaction information;
storing the obtained user interaction information in the cross-domain sharing specification;
in response to a second query from the user for content of a second domain different from the first domain, accessing the cross-domain sharing specification to identify a respective user interaction information to send to the second domain;
sending, to the second domain, the respective user interaction information, to cause the second domain to produce a search result for the second query based on the respective user interaction information; and
receiving, from the second domain, the search result based on the respective user interaction information.

US Pat. No. 10,310,962

INFRASTRUCTURE RULE GENERATION

ENTIT SOFTWARE LLC, Sunn...

1. A system comprising:a processor; and
a non-transitory storage medium storing instructions executable on the processor to:
receive information of a probe passed to a function of a set of instructions, the probe having a predetermined value;
identify an infrastructure connection based on an attribute of the probe during a runtime session, the set of instructions to execute during the runtime session, the infrastructure connection comprising a connection from a first program code of the set of instructions to a second program code based on monitoring information from the probe as the probe propagates during the execution of the set of instructions, the information monitored based on an exchange of data between a first set of instructions and a second set of instructions;
generate an infrastructure rule based on the infrastructure connection and the attribute of the probe; and
provide the infrastructure rule to a static analysis tool for use in a static analysis of the set of instructions by the static analysis tool.

US Pat. No. 10,304,224

DYNAMIC GRAPHIC ENTITY DETERMINATION

ENTIT SOFTWARE LLC, Sunn...

1. A system for dynamic graphical entity determination comprising:a processor; and
a memory on which is stored instructions that when executed by the processor, cause the processor to:
access data values, each data value of the accessed data values being associated with a category of a plurality of categories and a subcategory of a plurality of subcategories of the category;
analyze the data values to determine whether an overlap of a proposed graphic representing the subcategory and a proposed graphic representing the category exceeds an overlap tolerance level, wherein the overlap tolerance level is based on a display axis range of the proposed graphic representing the subcategory and the proposed graphic representing the category; and
generate an actual visual representation based on the analysis, wherein the actual visual representation:
displays a single consolidated graphic representing at least the category and the subcategory based on the overlap not exceeding the overlap tolerance level; and
displays the subcategory as a separate graphic from a graphic representing at least a portion of a remainder of the category based on the overlap exceeding the overlap tolerance level.

US Pat. No. 10,303,760

CASCADING STYLE SHEET META LANGUAGE PERFORMANCE

ENTIT SOFTWARE LLC, Sunn...

1. A system, comprising:a processor; and
a non-transitory computer readable medium storing machine readable instructions, wherein the processor executes the machine readable instructions to:
measure a plurality of base performance metrics for a web application based on input cascading style sheet (CSS) meta language files;
remove a redundant CSS selector from the input CSS meta language files;
conduct a static analysis of the input CSS meta language files and identify an inefficient CSS selector within the input CSS meta language files, wherein the static analysis is performed without actual execution of the CSS meta language files;
identify an inefficient function, variable or instruction that is associated with the inefficient CSS selector;
replace the inefficient CSS selector in the input CSS meta language files with an efficient CSS selector, wherein the efficient CSS selector is a simplified CSS selector that results in decreased loading or rendering times and improves performance values above a user-defined threshold;
replace the inefficient function, variable or instruction associated with the inefficient CSS selector with a corresponding efficient function, variable or instruction;
perform performance modifications in the CSS meta language files, wherein the performance modifications include searching for user-defined patterns in the input CSS meta language files, executing the input CSS meta language files in a test environment, and replacing an inefficient instruction of the input CSS meta language files with an efficient instruction, wherein the efficient instruction improves at least one of the performance values; and
measure a plurality of performance metrics for the web application in response to removing the redundant CSS selector, replacing the inefficient CSS selector, replacing the inefficient function, variable or instruction associated with the inefficient CSS selector, and performing the performance modifications.

US Pat. No. 10,257,312

PERFORMANCE MONITOR BASED ON USER ENGAGEMENT

ENTIT SOFTWARE LLC, Sunn...

1. A method for measuring performance of an action item of an application, the method comprising:detecting an activation of the action item of the application;
measuring a degree of user engagement of the application in response to the activation of the action item and based on an amount of data retrieved for the application in response to the activation of the action item, wherein a measurement of the amount of data retrieved for the application in response to the action item being activated and a length of time between the action item being activated and a user activating a subsequent action item of the application are each assigned a weight value in the measuring the degree of user engagement;
adjusting a threshold time for acceptable performance for the action item based on the amount of data retrieved for the application in response to the activation of the action item; and
reporting that the action item achieved the acceptable performance when the length of time satisfies the threshold time and when a time to retrieve the amount of data retrieved for the application in response to the action item being activated satisfies the threshold time.

US Pat. No. 10,255,084

MANAGE ANALYTICS CONTEXTS THROUGH A SERIES OF ANALYTICS INTERACTIONS VIA A GRAPHICAL USER INTERFACE

ENTIT SOFTWARE LLC, Sunn...

1. A system comprising:a memory;
a hardware processor executing instructions from the memory to:
receive a selection of a current analytics interaction from a user during an interactive analytics session;
generate a series of connected icons representing a series of analytics interactions in the interactive analytics session, wherein the series of connected icons includes a current context icon representing the current analytics interaction selected by the user during the interactive analytics session and a plurality of previous context icons representing previous analytics interactions in the interactive analytics session prior to the current analytics interaction, wherein the current context icon includes an analytics context comprising a timestamp of when the current analytics interaction occurs and a result of the current analytics interaction;
select one of the previous context icons to be a reference context icon, the reference-context icon including a reference analytics context;
display on a graphical user interface the series of connected icons representing the series of analytics interactions with the result of the current analytics interaction and the reference analytics context.

US Pat. No. 10,235,095

WEBPAGE REFRESH BASED ON MEMORY CONSUMPTION

ENTIT SOFTWARE LLC, Sunn...

1. A machine implemented method performed by a processor, the method comprising:estimating a memory consumption of a webpage of a browser, the estimating comprising determining a grade corresponding to the memory consumption of the webpage from a heuristics database, the grade generated from an actual memory consumption from a previous instance of accessing the webpage via the browser;
determining a memory consumption threshold for refreshing the webpage in the browser based on characteristics of a device executing the browser; and
refreshing the webpage in the browser responsive to the memory consumption satisfying the memory consumption threshold.

US Pat. No. 10,216,776

VARIANCE BASED TIME SERIES DATASET ALIGNMENT

Entit Software LLC, Sunn...

1. A method comprising:determining a first degree of variance of a first set of values and a second degree of variance of a second set of values, wherein the first set of values is included in a first time-series dataset in which the values are associated with respective time stamps, and the second set of values is included in a second time-series dataset in which the values are associated with respective time stamps;
comparing the determined first degree of variance of the first set of values to a threshold and characterizing the first set of values based on the comparison;
comparing the second degree of variance of the second set of values to the threshold and characterizing the second set of values based on the comparison;
selecting a time alignment process among multiple time alignment processes based on the characterizations of the first set of values and the second set of values; and
processing the first and second time-series datasets according to the selected time alignment process to thereby generate an aligned time-series dataset comprising a set of paired values.

US Pat. No. 10,203,833

RECOMMENDING APPLICATION MODIFICATIONS USING IMAGE AREA COUNTS

ENTIT SOFTWARE LLC, Sunn...

1. A memory resource storing instructions that when executed cause a processing resource to:obtain a set of image frames, taken in sequence over a recording period, of a software application display;
for each frame from the set,
determine a count of image areas that changed as between the frame and an adjacent frame;
record the changed-areas count in correlation with order of recording of the frame relative to other frames of the set;
identify an application-active period during which consecutive frames have changed-areas counts exceeding a changed-areas threshold; and
upon determining that duration of the application-active period exceeds a threshold period, generate a recommendation to modify the application.

US Pat. No. 10,198,158

MAP WITH DIFFERENT DEGREES OF OVERLAPPING GEOCODED PIXELS

ENTIT SOFTWARE LLC, Sunn...

1. A method of generating a map associated with different levels of a pattern of geocoded pixels, the method comprising:in response to a request for a map of a distribution of an attribute in a geographic region, obtaining, by a processor of a computing device, a geographic map of the geographic region;
obtaining, by the processor, data point values of the attribute from a storage, wherein each of the data point values comprises an attribute value and coordinates of a geographic location;
converting, by the processor, the data point values of the attribute into colored pixels, wherein each of the data point values is converted into one of the colored pixels having one of a plurality of colors based on the attribute value of the data point value;
creating, by the processor, a geocoded pixel pattern based on the geographic map of the geographical region by placing each of the colored pixels at a position on the geocoded pixel pattern corresponding to the coordinates of the associated data point value;
rearranging the colored pixels in the geocoded pixel pattern by:
sorting a list of the colored pixels in a descending order based on the attribute values associated with the colored pixels, from a colored pixel having a highest attribute value to a colored pixel having a lowest attribute value,
maintaining the colored pixel having the highest attribute value at its position in the geocoded pixel pattern, and
repositioning the remaining colored pixels in the sorted list, one by one in the descending order, around the colored pixel having the highest attribute value in a concentric fashion such that the colored pixel having the lowest attribute value is farthest away from the colored pixel having the highest attribute value; and
generating the geocoded pixel pattern as a distribution map of the attribute in the geographic region.

US Pat. No. 10,187,492

MAINTENANCE WINDOW SCHEDULING

Entit Software LLC, Sunn...

1. A non-transitory computer-readable storage medium comprising instructions executable by a processor to:monitor for change in an information technology system, the information technology system including a first computing resource, a second computing resource, a first computing service that is to utilize the first computing resource, a second computing service that is to utilize the second computing resource, a first resource policy including a first rule that is to be matched to the first computing resource, and a second resource policy including a second rule that is to be matched to the second computing resource,
wherein a first compliance operation is to be performed on the first computing resource in accordance with the first rule and a second compliance operation is to be performed on the second computing resource in accordance with the second rule;
access a schedule identifying a first maintenance window in which the first compliance operation is to be performed and a second maintenance window in which the second compliance operation is to be performed;
determine a first priority of the first resource policy or of the first computing service and a second priority of the second resource policy or of the second computing service, and
automatically and without user interaction, change the schedule for the first maintenance window, wherein the change of the schedule is based on the monitored change in the information technology system and on the determined first and second priorities,
wherein:
when the first priority is higher than the second priority, the change of the schedule is to cause the first compliance operation to be completed before the second compliance operation, and
when the second priority is higher than the first priority, the change of the schedule is to cause the first compliance operation to be completed after the second compliance operation.

US Pat. No. 10,180,960

QUERY PROCESSING

ENTIT SOFTWARE LLC, Sunn...

1. A method for query processing, the method comprising:receiving a query, the query comprising a structured query language (SQL) query;
determining a query type of the query based on whether the query comprises multiple distinct aggregates (MDAs) or cube, rollup or grouping sets operations;
based on the determined query type, processing the query to generate an output comprising intermediate results;
processing the intermediate results that are generated during the processing of the query, wherein the intermediate results are maintained in a single stream to prevent a distributed deadlock; and
performing, by a processor, a predetermined number of maximum group by operations on the output based on the query type to generate a response to the query.

US Pat. No. 10,178,001

DATA DISPATCH TO VIRTUAL DATA CHANNEL FOR PRESENTATION THROUGH A DASHBOARD

EntIT Software LLC, Sunn...

1. A system comprising:a processor;
a non-transitory machine-readable storage medium to store instructions that, when executed by the processor, cause the processor to:
receive a first data packet from a data source through a first datapath configured by the data source;
identify, from the first datapath, a data dimension of data communicated through the first data packet;
identify a particular dimension value from the first data packet for the data dimension identified from the first datapath;
differentiate the first data packet from a second data packet that also includes the particular dimension value according to a parameter tag specified in the first datapath that is not specified in a second datapath used to communicate the second data packet;
dispatch the data of the first data packet to a first virtual data channel specific to both the particular dimension value and the parameter tag for presentation through a dashboard; and
dispatch data of the second data packet to a second virtual data channel specific to the particular dimension value, but not the parameter tag.

US Pat. No. 10,169,381

DATABASE RECOVERY BY CONTAINER

ENTIT SOFTWARE LLC, Sunn...

1. A method comprising:identifying a buddy database projection that is a copy of a recovering database projection of a database, wherein the recovering database projection is stored on a recovering node of a database system and the buddy database projection is stored on a source node of the database system, the buddy database projection and the recovering database projection each providing a first view of a first database table;
identifying, based on the identified buddy database projection, a source container on the source node of the database system, the source container containing data of the identified buddy database projection; and
in response to a determination that a range of epochs of the identified source container includes an epoch for which data is to be recovered to the recovering database projection from the buddy database projection, direct copying the identified source container on the source node to the recovering node.

US Pat. No. 10,162,696

DEPENDENCY MONITORING

ENTIT SOFTWARE LLC, Sunn...

1. A method comprising:identifying, by a system comprising a processor, an un-expected or an abnormal behavior in a first application and an un-expected or an abnormal behavior in a second application;
creating, by the system, a first event associated with the identified un-expected or abnormal behavior in the first application;
creating, by the system, a second event associated with the identified un-expected or abnormal behavior in the second application;
accessing, by the system, a first description, a second description, and a third description of a plurality of dependencies between a plurality of applications, wherein the first description is created at a design or a development stage of the first application and the second application, the second description is created during a testing stage of the first application, and the third description is created from run-time configuration files that are associated with the first application and the second application;
determining, by the system, whether there is a dependency between the first application and the second application based on a dependencies identified in at least two of the accessed first description, second description, and third description of the plurality of dependencies;
in response to a determination that there is a dependency between the first application and the second application, grouping, by the system, the first event and the second event; and
outputting, by the system, the first event and the second event together as a group according to the grouping.

US Pat. No. 10,162,737

EMULATING A USER PERFORMING SPATIAL GESTURES

ENTIT SOFTWARE LLC, Sunn...

1. A computer-implemented method, comprising:capturing movement of extremities of a skeletal body corresponding to a user, wherein capturing the movement of extremities comprises determining a velocity and a distance of a change in coordinates of the extremities from an original position;
matching the captured movement of extremities to a predefined gesture found in a gesture database;
applying the matched predefined gesture to the captured movement of extremities;
applying an offset to the matched predefined gesture to emulate the captured movement of extremities from the original position, wherein applying the offset includes adding the coordinates of the extremities from the original position to coordinates of the predefined gesture; and
generating a script from the matched predefined gesture that is applied to the captured movement of extremities and that the offset is applied to; and
executing the script to emulate the captured movement of the user for a software application under testing, wherein executing the script comprises modifying the matched predefined gesture to correspond to a playback velocity and a playback distance.

US Pat. No. 10,152,302

CALCULATING NORMALIZED METRICS

ENTIT SOFTWARE LLC, Sunn...

1. A method executed by a computing device, comprising:calculating respective normalized first metric values for each of a plurality of first metric values that are on a time scale and respective normalized second metric values for each of a plurality of second metric values that are on the time scale, wherein the plurality of first metric values are associated with a first metric, and the plurality of second metric values are associated with a second metric;
identifying an extremum of the normalized first metric value and the normalized second metric value at each time of the time scale to determine a plurality of extremum baseline values;
determining a plurality of sleeve values of the plurality of extremum baseline values;
identifying an anomaly in a computing system based on the plurality of extremum baseline values and the plurality of sleeve values; and
in response to the identifying of the anomaly, performing an automated remedial action to address the anomaly in the computing system.

US Pat. No. 10,303,349

IMAGE-BASED APPLICATION AUTOMATION

ENTIT SOFTWARE LLC, Sunn...

1. A non-transitory computer-readable storage medium storing instructions that when executed at a processor cause the processor to:display, on a graphical user interface (GUI), a first element associated with an input event;
identify, in a memory, a first image designated as a target for the input event, wherein the first image is one of a plurality of images stored in the memory that are associated with the input event, and wherein the plurality of images includes a same GUI element having different visual appearances corresponding to different states of the input event;
in response to a determination that the first element displayed on the GUI does not match the GUI element in the first image, select a second image from the plurality of images associated with the input event; and
in response to a determination that the first element displayed on the GUI matches the GUI element in the second image of the plurality of images, designate the second image in the memory as the target for the input event, and perform, independent of user input, the input event at the first element displayed on the GUI.

US Pat. No. 10,296,449

RECORDING AN APPLICATION TEST

ENTIT SOFTWARE LLC, Sunn...

1. A non-transitory machine-readable medium storing instructions for recording an application test executable by a machine to cause the machine to:divide a script into portions;
create a number of recordings corresponding to the portions of the script, wherein the number of recordings define a number of interactions with an application under test (AUT), wherein the number of recordings are created serially;
replay each of the number of recordings, wherein to replay each of the number of recordings comprises replaying a created recording for one of the portions of the script while creating a recording for another one of the portions of the script;
analyze information gathered during the replays of the number of recordings, including accessing an expected performance of the script and determining whether the script performed as expected; and
report an outcome of a test based on the analysis.

US Pat. No. 10,296,402

SCHEDULING JOBS

ENTIT SOFTWARE LLC, Sunn...

1. An apparatus, comprising:a memory comprising instructions;
a processor coupled to the memory, the processor to execute the instructions to:
receive a plurality of job requests from a scheduler service computing system that is separate from the apparatus, wherein the plurality of job requests is from multiple tenants;
generate a schedule and a message in accordance with a definition associated with each one of the plurality of job requests, wherein generation of the schedule and the message for a given job request of the plurality of job requests is based on context data associated with the given job request, and the context data describes how metadata related to the associated job definition should be evaluated; and
send the message to a messaging queue that is to distribute the message to a job executor computing system that is separate from the apparatus to execute at least one of the plurality of job requests in accordance with the schedule.

US Pat. No. 10,248,548

CODE COVERAGE INFORMATION

ENTIT SOFTWARE LLC, Sunn...

1. A method comprising:obtaining code coverage information related to lines of code;
generating a two-way mapping based on the code coverage information, the two-way mapping comprising a first mapping that maps a particular test in the plurality of tests to at least one line in the lines of code that is covered by the particular test and a second mapping that maps a particular line of code in the lines of code to at least one test in the plurality of tests that covers the particular line of code;
receiving, from a client computing device, an indication that a new line has been added to the lines of code in an integrated development environment (IDE) running on the client computing device;
causing the plurality of tests to be executed; and
obtaining the code coverage information related to the new line, wherein the code coverage information related to the new line comprises at least one of: a first indication that the new line passed all of the tests covering the new line, a second indication that the new line failed at least one test covering the new line, or a third indication that the new line is not covered by any of the plurality of tests.

US Pat. No. 10,248,620

DATABASE TABLE COLUMN ANNOTATION

ENTIT SOFTWARE LLC, Sunn...

1. A method for database constraint generation, the method comprising:receiving data related to a table in a database;
analyzing the data to determine a row count for a column of the table;
analyzing the data to determine a number of distinct values for the column of the table;
determining a comparison value by comparing the row count to the number of distinct values;
determining if the comparison value is within a threshold; and
if the comparison value is within the threshold, adding, by a processor, an annotation to the column specifying a soft-unique constraint for the column,
wherein the soft-unique constraint indicates the column is considered unique during a cardinality estimation process involving the table, and further indicates to restrict enforcement of a unique property of the column upon data insertions or updates to the column.

US Pat. No. 10,248,392

REPLICATING A WEB TECHNOLOGY

ENTIT SOFTWARE LLC, Sunn...

1. A method for replicating a web technology, the method comprising:identifying asynchronous scripting code within isolated scripting code of the web technology, the isolated scripting code being part of larger client-side code of the web technology;
executing the asynchronous scripting code to cause a request to be sent to a remote server and recording the request;
listening for return data received from the remote server in response to the request and saving the return data; and
generating mock server-side code based on the request and the return data.

US Pat. No. 10,241,845

APPLICATION EVENT TRACING

ENTIT SOFTWARE LLC, Sunn...

1. A system for application event tracing comprising:a processor; and
a memory storing instructions that when executed cause the processor to:
identify a first event listener associated with a significant event in an application,
insert a dummy action handler to a second event listener associated with the application to cause the second event listener to be called by the application when an action associated with the first event listener is received,
receive the action associated with the first event listener,
in response to receiving the action associated with the first listener, generate a composite event sequence comprising the first and second event listeners associated with the action, and
determine whether the composite event sequence comprises the first event listener associated with the significant event; and
in response to determining that the composite event sequence comprises the first event listener associated with the significant event:
measure a performance metric associated with the action, and
create a log record according to the composite event sequence, the log record comprising the performance metric.

US Pat. No. 10,242,125

REGULAR EXPRESSION MATCHING

ENTIT SOFTWARE LLC, Sunn...

1. A method for matching a regular expression to a string, the method comprising:generating, by a processor of a computing device, a data structure based on a non-deterministic finite automaton (NFA) that represents the regular expression, wherein the data structure includes a set of segments, each segment indicating a segment starting state of the NFA, and each segment representing zero or more consecutive states of the NFA starting at the segment starting state, and wherein different segments of the set of segments are capable of indicating different segment starting states on the NFA, and wherein each segment represents a partial match of the regular expression to the string;
analyzing, by the processor, the string in relation to the NFA; and
modifying, by the processor, the data structure as the string is analyzed, such modification including attempting to expand at least one of the segments in the set to represent additional states of the NFA.

US Pat. No. 10,243,679

VULNERABILITY DETECTION

ENTIT SOFTWARE LLC, Sunn...

1. A non-transitory machine-readable storage medium storing instructions that upon execution cause a system to:receive a response from a web server, the response being responsive to a web request sent to the web server;
execute a script in the response with a web browser;
link a document object model (DOM) method to application code executed during the executing of the script; and
determine a vulnerability based on the DOM method linked during the executing of the script.

US Pat. No. 10,241,978

MEASURING COMPATIBILITY OF VIEWERS BY LEVERAGING USER-PROVIDED ELEMENT DEFINITIONS

ENTIT SOFTWARE LLC, Sunn...

1. A method for measuring compatibility of viewers, the method comprising:accessing a document object model (DOM) generated by an anchor document viewer in response to rendering document code, wherein the DOM includes multiple DOM elements that correspond to graphical elements displayable by the anchor document viewer;
for each of at least one of the multiple DOM elements, allowing a user to provide an element definition that indicates how important it is that the corresponding graphical element displays as it does in the anchor document viewer,
wherein allowing a user to provide an element definition comprises providing a graphical user interface (GUI) that allows the user to activate a menu related to the corresponding graphical element, wherein the menu allows the user to set or select an importance rating and multiple properties for the element definition of the corresponding graphical element;
determining rendering differences, utilizing the importance rating and the multiple properties, between the anchor document viewer and a target document viewer, including comparing rendering of a DOM element in the anchor document viewer and a corresponding DOM element in the target document viewer to determine an element difference rating;
determining a weight value to designate an importance level for the rendering differences; and
calculating a viewer difference rating utilizing the element difference rating to determine how similarly the target document viewer renders in comparison to the anchor document viewer.

US Pat. No. 10,241,808

DETERMINING TEST APPLICATION EFFECTIVENESS

ENTIT SOFTWARE LLC, Sunn...

1. A system for evaluating test application effectiveness, comprising:a display engine, to provide a graphic user interface and cause a display of a plurality of factors to be considered by a user in evaluating a test application via the interface, the test application to test a software program;
an evaluation data engine, to receive via the interface user-assigned ratings for test application evaluation factors including a documentation test quality factor, a product-general test quality factor, a product-specific test quality factor, and a defect severity factor; and
a rating engine to determine, based upon the rating, an overall test effectiveness rating for the test application.

US Pat. No. 10,235,572

DETECTING CHANGES IN 3D SCENES

ENTIT SOFTWARE LLC, Sunn...

1. A method for detecting change in a 3-dimensional (3D) view, the method comprising:determining, by a processor, a first set of sparse local features from a first set of frames of an initial 3D scene, wherein determining the first set of sparse local features comprises:
determining a set of distinctive frames of the initial 3D scene from a full set of frames for the initial 3D scene;
selecting the first set of sparse local features that describe a set of distinctive locations within each frame;
tracking viewpoint of an object within the current 3D scene using the set of distinctive frames and the first set of sparse local features; and
updating a relative camera position for each frame of the set of distinctive frames with respect to preceding frames of the set of distinctive frames based on the tracked viewpoint of the object;
localizing, by the processor, a current frame of a current 3D scene relative to the initial 3D scene, wherein the current 3D scene occurs at a time later than the initial 3D scene; and
determining, by the processor, appearance, disappearance, or movement of the object from the initial 3D scene to the current 3D scene based on the first set of sparse local features.

US Pat. No. 10,235,156

VERSIONED EXTENSION POINTS OF GRAPHICAL USER INTERFACES

ENTIT SOFTWARE LLC, Sunn...

1. A non-transitory computer-readable storage medium comprising instructions that upon execution cause a system to:replace a first application version of a software application with a second application version of the software application;
identify version data in an extension point in the second application version, the extension point comprising code defining an interface between the second application version and a user interface module (UIM) that adds functionality to a graphical user interface (GUI) of the software application, the version data comprising a first indicator to indicate an earliest version of the UIM that is compatible with the extension point, and a second indicator that represents a version of an upgrade for the UIM;
responsive to the first indicator having a first value specifying that a version of the UIM available to integrate with the GUI of the second application version is different from a previous version of the UIM for the first application version, identify the version of the UIM different from the previous version of the UIM as a selected UIM version;
responsive to the first indicator having a second value specifying that the version of the UIM available to integrate with the GUI of the second application version is the same as the previous version of the UIM, prompt a user to select the selected UIM version from among the previous version of the UIM and a version of the UIM indicated by the second indicator; and
integrate the selected UIM with the GUI of the second application version.

US Pat. No. 10,182,068

DETERMINE VULNERABILITY USING RUNTIME AGENT AND NETWORK SNIFFER

ENTIT SOFTWARE LLC, Sunn...

1. A computing system comprising:a runtime agent engine to monitor an application under test (AUT) executing at a server during a security test;
a network sniffer engine,
wherein the runtime agent engine receives a notification from the security test of an identifiable probe value,
wherein the runtime agent engine communicates the identifiable probe value to the network sniffer engine,
wherein the network sniffer engine monitors communication traffic from the AUT,
wherein the network sniffer engine identifies the identifiable probe value,
wherein the network sniffer engine provides an indication to the runtime agent engine that the identifiable probe value was identified, and
wherein the runtime agent engine provides the indication to the security test, and wherein the security test is to determine a potential AUT vulnerability based, at least in part, on the indication.

US Pat. No. 10,169,216

SIMULATING SENSORS

ENTIT SOFTWARE LLC, Sunn...

1. A non-transitory computer-readable medium storing a set of instructions executable by a processing resource to:access sensory data from an application by hooking the application to record the sensory data by the application;
associate the sensory data with an automation instruction;
provide the automation instruction to a support device having an ability to perform a modification on the application, wherein the modification includes modifying a setting or executable code of the application;
automatically cause the support device to perform the modification on the application; and
automatically cause the support device to simulate a sensory input on the modified application using the sensory data by executing the automation instruction to cause the modified application to perform a function based on the simulated sensory input.

US Pat. No. 10,169,223

IDENTIFYING COMMITS ASSOCIATED WITH FAILED TESTS

ENTIT SOFTWARE LLC, Sunn...

1. A method comprising:identifying pairs of commits in a set of builds, wherein at least one of the builds is associated with a failed test;
for each commit in the at least one build associated with the failed test:
for each file in the commit that was previously associated with the failed test, calculating, by a processor, a weighting factor based on a total number of times the file has been associated with the failed test;
for each file in the commit that was not previously associated with the failed test, calculating, by the processor, a weighting factor based on a total number of times the file appears with other files that are associated with the failed test; and
adding, by the processor, the weighting factors to compute a score for the commit, wherein the score is for ranking and ordering the commit; and
for each of the identified pairs of commits, logging files included in the pair of commits, the logging associated with the failed test.

US Pat. No. 10,169,324

UNIVERSAL LEXICAL ANALYZERS

ENTIT SOFTWARE LLC, Sunn...

1. A non-transitory machine readable medium storing machine readable instructions comprising:lexical analyzer instructions that, when executed, form a universal lexical analyzer that is to lexically analyze an input program by evaluating a function that maps an input variable comprising a tuple of lexemes to an output variable comprising a tuple of tokens based on input probability parameters, wherein the universal lexical analyzer is configurable for any programming language by inputting a set of probability parameters for the respective programming language as the input probability parameters of the function; and
training instructions that are to generate a set of probability parameters configured to identify tokens for any programming language by:
receiving training programs that are in the respective programming language, each comprising a tuple of lexemes with associated tokens, wherein the tuple identifies an associated one of the tokens for each of the lexemes, and
determining the set of probability parameters for the respective programming language based on the identified token for each of the lexemes in the tuple in each of the training programs that are in the respective programming language,
wherein the probability parameters include:
q-values, each of which is a probability corresponding to a last token of a token-sequence in view of preceding tokens in the token-sequence; and
e-values, each of which corresponds to a probability for each lexeme in view of an identified token.

US Pat. No. 10,164,986

REALIZED TOPOLOGY SYSTEM MANAGEMENT DATABASE

ENTIT SOFTWARE LLC, Sunn...

1. A system comprising:a non-transitory storage medium to store a realized topology system management (RTSM) database, comprising:
a number of stored realized topologies stored within the RTSM database, wherein the realized topologies within the RTSM database are searchable;
a processor; and
a memory to store machine-readable instructions executable on the processor to:
instantiate a first topology comprising nodes representing computing resources, and branches between the nodes representing relationships between the nodes, the instantiating of the first topology creating an instantiated service by deploying the computing resources to form the instantiated service;
create a first realized topology based on the instantiated service, the first realized topology comprising a model of the first topology with policies associated with the nodes of the first topology;
store the first realized topology in the RTSM database;
detect a failure associated with the instantiated service;
apply a remediation action according to a remediation policy to resolve the failure, the remediation policy included in the policies associated with the nodes of the first topology;
modify the first realized topology based on applying the remediation action, to produce a different version of the first realized topology; and
present, in a user interface, the first realized topology and the different version of the first realized topology, and information indicating why the first realized topology was replaced by the different version of the first realized topology.

US Pat. No. 10,102,105

DETERMINING CODE COMPLEXITY SCORES

ENTIT SOFTWARE LLC, Sunn...

16. A method to determine code complexity scores, comprising:identifying, by a processor of a computing device, a unit of code lines within a software program;
identifying, by the processor, a plurality of entities within the unit of code lines, wherein each entity includes a set of code lines implementing a distinct program requirement or defect fix for the software program;
identifying, by the processor, context changes within the unit of code lines, wherein each context change is an occurrence of a first entity that includes a first code line set implementing a first program requirement or defect fix, adjacent to a second entity that includes a second code line set implementing a second program requirement or defect fix, within a same code scope of the software program;
determining, by the processor, a code complexity score of the unit of code lines based upon a total number of the entities identified and a total number of the context changes identified within the unit of code lines, and upon total numbers of code lines and entities within the software program; and
generating, by the processor, a recommendation to rework the unit of code lines of the software program based on a comparison of the determined code complexity score and a previously determined code complexity score.

US Pat. No. 10,346,443

MANAGING SERVICES INSTANCES

ENTIT SOFTWARE LLC, Sunn...

1. A method executed by at least one processor, comprising:as part of a discovery phase, receiving information of a service instance provisioned or modified by a first system distinct from a management system, wherein the provisioning or modification of the service instance by the first system is initially unknown to the management system;
as part of a binding phase, inferring a model representing the service instance provisioned or modified by the first system, wherein the model comprises nodes representing service components of the service instance, and links between the nodes representing relationships between the service components, and wherein inferring the model comprises accessing information of the service components of the service instance and determining how the service components are related to one another, and
managing, by the management system, a lifecycle of the service instance using the model.

US Pat. No. 10,341,103

DATA ANALYTICS ON ENCRYPTED DATA ELEMENTS

ENTIT SOFTWARE LLC, Sunn...

1. A system comprising:a first data system including a first processor and a first non-transitory machine readable storage medium that comprise instructions executable by the first processor to:
store a first data element identified based on a parameter; and
apply, by a first encryption module, a first encryption protocol with a first private key to the first data element to encrypt the first data element;
a second data system including a second processor and a second non-transitory machine readable storage medium that comprise instructions executable by the second processor to:
store a plurality of second data elements identified based on the parameter; and
apply, by a second encryption module, a plurality of second encryption protocols with a second private key to the plurality of second data elements to encrypt the plurality of second data elements;
the first encryption module and the second encryption module communicatively linked to one another, to:
provide the first encrypted data element to the second encryption module;
provide the plurality of encrypted second data elements to the first encryption module;
apply the first encryption protocol to the plurality of encrypted second data elements by the first encryption module to generate a plurality of modified encrypted second data elements; and
apply the plurality of second encryption protocols to the encrypted first data element by the second encryption to generate a plurality of modified encrypted first data elements; and
a data analytics system to:
map the plurality of modified encrypted second data elements and the plurality of modified encrypted first data elements encrypted data elements to an analytics space;
perform data analytics based on the mapped data elements, wherein to perform data analytics, the data analytics system identifies at least one of trends or correlations based on the parameter, indicative of similarities between the first data element and second data elements in the analytics space; and
distribute, via a computing device, results of the data analytics to an information retrieval system in response to a request from the information retrieval system.

US Pat. No. 10,341,381

INHIBITING ELECTROMAGNETIC FIELD-BASED EAVESDROPPING

ENTIT SOFTWARE LLC, Sunn...

1. A method comprising:for an existing security key corresponding to components associated with a plurality of locations of an electronic device, performing a plurality of instances of reconstructing the security key, wherein performing the plurality of instances of reconstructing the security key comprises, for each instance of the plurality of instances, retrieving the components of the security key from the plurality of locations of the electronic device and reconstructing the security key in each of the instances of the plurality of instances from the retrieved components; and
inhibiting electromagnetic field-based eavesdropping from being used to reveal the security key, wherein the inhibiting comprises:
varying a protocol used to retrieve the components among the instances.

US Pat. No. 10,296,739

EVENT CORRELATION BASED ON CONFIDENCE FACTOR

ENTIT SOFTWARE LLC, Sunn...

1. An event correlation system comprising:a hardware processor; and
a hardware non-transitory machine readable medium storing instructions to:
determine a type of a condition for a rule,
select, from among different confidence factor functions, a confidence factor function to apply based on the type of the condition,
calculate a confidence factor according to the selected confidence factor function, wherein the confidence factor is an approximation of whether an event or a set of events satisfies the condition in the rule, wherein the events or set of events are provided in a log file, and
compare the confidence factor to a threshold to determine whether the condition is satisfied.

US Pat. No. 10,198,289

RELATING USER ACTION FLOWS BY STORING RELATIONSHIPS BETWEEN THREADS AND OBJECTS

ENTIT SOFTWARE LLC, Sunn...

1. A system for relating user action flows comprising:a processor; and
a memory storing instructions that when executed by the processor cause the processor to:
detect a first user action during an operation of an application;
create a first object on a first thread in response to the detection of the first user action;
detect that the first object is running on a second thread, the second thread being different from the first thread;
create, in a data structure, a first mapping between the first user action, the first object, the first thread on which the first object was created, and the second thread on which the first object was running;
update the data structure to include a second mapping in response to (1) a creation of a second object on the second thread during the run of the first object, and (2) a run of the second object on a third thread, wherein the second mapping is to map the second object to the first user action, the second thread, and the third thread; and
in response to an error event associated with the first object, display the first mapping including the first object, the first user action that caused the creation of the first object, the first thread on which the first object was created, and the second thread on which the first object was running.

US Pat. No. 10,198,833

DISPLAYING VISUAL ANALYTICS OF ENTITY DATA

ENTIT SOFTWARE LLC, Sunn...

1. An apparatus comprising:a processor; and
a non-transitory computer readable medium storing instructions that, when executed by the processor, cause the processor to:
plot pixel cells representing a plurality of entities located in different geographic locations on a geographic map, the pixel cells including first pixel cells in a first region of the geographic map and second pixel cells in a second region of the geographic map,
determine whether the first pixel cells in the first region have a higher degree of overlap with each other than the second pixel cells in the second region, and
in response to a determination that the first pixel cells in the first region have a higher degree of overlap with each other than the second pixel cells in the second region, distort the geographic map to enlarge the first region and arrange the first pixel cells in the first region into a non-overlapping arrangement.

US Pat. No. 10,169,853

SCORE WEIGHTS FOR USER INTERFACE (UI) ELEMENTS

ENTIT SOFTWARE LLC, Sunn...

1. A system comprising:an identification engine to identify, based on an image processing analysis of screens of an application under test, User Interface (UI) elements of the application under test;
a clustering engine to cluster the UI elements into at least one cluster based on at least one feature of the UI elements;
a weighting engine to assign score weights to the UI elements according to which of the at least one cluster that a given one of the UI elements is clustered in; and
a testing coverage engine to automatically identify, based on the score weights of which of the UI elements are covered by the test, a testing coverage score of the application under test.

US Pat. No. 10,102,039

CONVERTING A HYBRID FLOW

ENTIT SOFTWARE LLC, Sunn...

1. A method for converting a hybrid flow comprising:identifying a plurality of task nodes of a job flow included in the hybrid flow;
identifying a plurality of operators of a task flow included in the hybrid flow, wherein an operator among the plurality of operators is a composite operator;
generating a single data flow by:
separating the composite operator into a plurality of distinct operators; and
combining each of the plurality of task nodes with the plurality of operators and the separated distinct operators;
mapping the plurality of task nodes and the plurality of operators to a code template of a plurality of code templates, wherein each of the plurality of code templates is a different extract-transfer-load logical model template;
converting the single data flow to a data flow graph using the mapped code template;
inputting the data flow graph to an optimizer to optimize execution of the data flow graph, the optimizer globally optimizing the data flow graph in a pushdown manner to improve operator cohesion of the data flow graph; and
executing the optimized data flow graph on a plurality of execution engines.

US Pat. No. 10,104,109

THREAT SCORES FOR A HIERARCHY OF ENTITIES

ENTIT SOFTWARE LLC, Sunn...

1. A non-transitory machine-readable storage medium storing instructions that when executed cause a device to:receive calculated threat scores from threat management devices that are part of a network system comprising a network, wherein the threat scores are for respective threat entities that are part of the network system and are respectively associated with context information, the context information for a first threat score of the threat scores including information about a first subset of threat entities on which the first threat score is based, the first threat score calculated for a first threat entity that is at a higher level in a hierarchy of threat entities than the first subset of threat entities;
determine a second threat score for a second threat entity based on threat scores calculated for a second subset of threat entities including the first threat entity, and the second threat entity being at a higher level in the hierarchy of threat entities than the second subset of threat entities;
subscribe with a listener of the threat management devices for updated scores calculated for the second subset of threat entities;
receive, in response to the subscribing, update information of the first threat score calculated for the first threat entity from the listener;
update the second threat score based on the update information;
perform a countermeasure that addresses a threat in the network system in response to the updated second threat score, the countermeasure comprising disabling the second threat entity;
receive selection input selecting a first user interface element representing the first threat score;
determine trend information about the first threat score based on a non-updated version of the first threat score and the update information; and
cause presentation of at least two of the calculated threat scores for the first subset of threat entities, a context respectively associated with the at least two calculated threat scores of the first subset of threat entities, and the trend information.

US Pat. No. 10,423,624

EVENT LOG ANALYSIS

ENTIT SOFTWARE LLC, Sunn...

1. A method for analyzing an event log, comprising:accessing an event log element from an electronic event log file;
calculating a similarity index between the event log element and a text element;
calculating a threshold of similarity as a linear function of a length of the event log element;
calculating an adjusted threshold by dividing the threshold of similarity by a square root of a product of a length of the text element times the length of the event log element;
comparing the similarity index to the adjusted threshold; and
if the similarity index is greater than the adjusted threshold, adding the event log element to an electronic file of cluster assignments, the cluster assignments representing a grouping of the event log element into a cluster with the text element.

US Pat. No. 10,380,186

VIRTUAL TOPOLOGICAL QUERIES

ENTIT SOFTWARE LLC, Sunn...

1. A non-transitory computer-readable medium storing computer-executable instructions that when executed by a computer cause the computer to perform a method, the method comprising:executing a first topological query on a stored graph to generate a first result graph;
generating a virtual query result graph as a function of a second topological query, wherein generating the virtual query result graph comprises, in lieu of the computer executing the second topological query on the stored graph, manipulating the first result graph to generate the virtual query result graph, and wherein manipulating the first result graph comprises at least one of executing the second topological query on the first result graph, restricting the first result graph based on the second topological query, performing a union of the first result graph and the second topological query, or performing an intersection of the first result graph and the second topological query; and
providing the virtual query result graph;
wherein execution of the second topological query on the virtual query result graph involves less processing time than execution of the second topological query on the stored graph.

US Pat. No. 10,380,449

ASSOCIATING A SCREENSHOT GROUP WITH A SCREEN

ENTIT SOFTWARE LLC, Sunn...

1. A non-transitory computer-readable storage medium comprising instructions executable by a processor to:determine that a first screenshot taken from a screen and having a first layout element meets a first layout similarity threshold with a second screenshot having a second layout element;
create a first group comprising the first screenshot and the second screenshot in response to the first screenshot meeting the first layout similarity threshold with the second screenshot;
determine that a first feature of the first screenshot from the first group matches a second feature of a third screenshot from a second group; and
associate the second group with the screen in response to the match determination,
wherein the third screenshot has a third layout element and does not meet the first layout similarity threshold with the first screenshot due to a first translation of the third layout element relative to the first layout element.

US Pat. No. 10,365,995

COMPOSING FUTURE APPLICATION TESTS INCLUDING TEST ACTION DATA

ENTIT SOFTWARE LLC, Sunn...

1. A system for composing future tests comprising:a processor;
a machine-readable storage medium on which is stored instruction that, when executed by the processor, cause the processor to:
capture data points during test executions of an application under test, the data points including test action data and application action data;
correlate each of the data points with a particular test execution of the test executions,
each of the data points being correlated based on a sequence of events that occurred during the particular test execution, wherein the instructions to correlate the data points comprise instructions to:
categorize the data points as backbone nodes corresponding to test steps performed during historical executions of the application under test and data nodes corresponding to the test steps;
connect the data points for the data nodes to the data points for the backbone nodes via directed edges in a directed acyclic graph (DAG) based on timestamps;
assign metadata as vertices connected to the backbone nodes; and
assign tags to the directed edges to identify a type of relation between the vertices; and
compose, based on an interaction with a visualization of results of a verification query of the correlated data points, a future test of the application under test.

US Pat. No. 10,338,910

MULTI-TENANT UPGRADING

ENTIT SOFTWARE LLC, Sunn...

1. A system comprising:a processor; and
a non-transitory storage medium storing instructions executable on the processor to:
receive a request to upgrade a first tenant from an original version of an application to a new version of the application, the new version being backwards compatible with the original version;
upgrade the first tenant to the new version in response to the request while data according to the original version is simultaneously being provided to a second tenant, the upgrading of the first tenant to the new version comprising updating a data table by adding entries to the data table that are according to a new schema for the new version, the added entries including data copied from an entry according to the original version in the data table, wherein the new version is installed on a first physical resource while the original version is executing on a second physical resource; and
provide data according to the new version for tenants that have completed the upgrade and provide data according to the original version of the application for tenants that have not upgraded; and
a cloud controller to direct tenant traffic to the second physical resource while the new version of the application is being installed on the first physical resource.

US Pat. No. 10,339,207

IDENTIFYING A FUNCTIONAL FRAGMENT OF A DOCUMENT OBJECT MODEL TREE

ENTIT SOFTWARE LLC, Sunn...

1. A method comprising:identifying, by a system including a processor, a functional fragment of a document object model (DOM) tree, the identifying based on detecting plural handlers associated with corresponding elements of the DOM tree and generating signatures for the elements associated with the plural handlers, each handler of the plural handlers to cause execution of executable code;
determining, by the system, whether the identified functional fragment matches a previously processed functional fragment; and
in response to determining that the identified functional fragment matches the previously processed functional fragment, excluding the identified functional fragment from further processing.

US Pat. No. 10,324,624

DECOMMISSIONING OF SOURCE STORAGES

ENTIT SOFTWARE LLC, Sunn...

1. An apparatus comprising:a processor;
a non-transitory computer readable medium storing machine readable instructions that when executed by the processor cause the processor to:
classify files stored on a source storage into files for deletion and files for migration based on a storage policy and meta-data;
generate aliases to link the files classified for migration to a location on a target storage;
modify the meta-data of the files classified for migration to permit copying of the files classified for migration to the target storage;
copy the files classified for migration from the source storage to the linked location on the target storage;
determine, using a digital key, whether the files copied onto the target storage are identical to the files classified for migration on the source storage;
in response to a determination that the copied files are identical to the files classified for migration, activate the generated aliases that point to the copied files on the target storage;
modify the meta-data of the files on the target storage to prevent copying of the files from the target storage; and
decommission the source storage.

US Pat. No. 10,324,710

INDICATING A TRAIT OF A CONTINUOUS DELIVERY PIPELINE

ENTIT SOFTWARE LLC, Sunn...

14. A method comprising:accessing, for each of a plurality of continuous delivery (CD) pipelines, respective pipeline characteristics including pipeline traits, CD server traits, pipeline performance data, and application traits for the CD pipeline, each previously collected by a CD server, wherein the CD server is a computing device executing the CD pipelines independently or together with other computing devices, and for each of the CD pipelines, the respective application traits indicate aspects of a computer application for which the CD pipeline is defined;
accessing a plurality of target pipeline characteristics for a target CD pipeline;
receiving a query specifying a selection of performance data to be improved by a threshold amount for the target CD pipeline;
in response to the query, identifying a subset of CD pipelines from the plurality of CD pipelines that satisfy the query based on the accessed pipeline characteristics of the plurality of CD pipelines;
comparing the pipeline characteristics of the subset of the CD pipelines to a similarity metric associated with the target pipeline characteristics to identify a pipeline trait common to the subset of the CD pipelines;
generating from the identified pipeline trait of the subset of the CD pipelines, a modification to the target CD pipeline to improve the performance data of the target CD pipeline by the threshold amount; and
outputting a report indicating the modification to the target CD pipeline.

US Pat. No. 10,324,829

APPLICATION TESTING

ENTIT SOFTWARE LLC, Sunn...

1. A machine implemented method for application testing, comprising:extracting an interface structure from source code of an application under test (AUT);
separating the interface structure into subsections;
performing a primary test for the AUT by using test code to execute the subsections;
evaluating an assertion strategy in the test code based on a predefined assertion requirement to obtain a first measurement result of the AUT, wherein the assertion strategy is to assert an execution result of the test code executing the subsections; and
evaluating execution of the subsections to obtain a second measurement result of the AUT based on the primary test, wherein the second measurement result is obtained utilizing a first metric indicating if each statement in an evaluated subsection of the interface structure has been executed and a second metric indicating if each branch of each control structure in the evaluated subsection of the interface structure has been executed.