&#xfeff;<html>
  <head>
    <META http-equiv="Content-Type" content="text/html; charset=utf-8">
<link rel="stylesheet" type="text/css" href="html_style_eog.css"/>
<script type="text/javascript">
			function printpage()
			{
			window.print()
			}
			</script>
<script type="text/javascript" src="https://components.uspto.gov/js/ais/40-patentsgazette.js"></script></head>
  <body bgcolor='#FFFFFF' onload='javascript: if ((navigator.appName.indexOf("Netscape")!=-1) && parent.leftFrame!=null) parent.leftFrame.location.reload();'>
    <basefont face="Times New Roman, Times New Roman, Times New Roman " size="2">
      <div style="margin-left: +10pt">
        <table width="90%" border="0" rules="none" align="center">
          <tr align="center">
            <td width="20%" colspan="1" rowspan="2" align="left" valign="top"><a href="https://ppubs.uspto.gov/pubwebapp/external.html?q=11677771.pn.&amp;db=USPAT" target="popup"><input type="button" class="button" value="   Full Text   "></a></td>
            <td class="table_data"><b>US 11,677,771 B2</b></td>
            <td width="20%" colspan="1" rowspan="2" align="right" valign="top">
              <form><input type="button" value="Print this page" onclick="printpage()"></form>
            </td>
          </tr>
          <tr align="center">
            <td colspan="1" class="table_data" style="text-transform: uppercase"><b>Community threat intelligence and visibility for operational technology networks</b></td>
          </tr>
          <tr align="center">
            <td colspan="3" class="table_data"><b> Garrett Bladow,  Baltimore, MD (US);  Robert Lee,  Gambrills, MD (US);  Benjamin Whitney,  Annapolis, MD (US); and  Jerry Matthew Bodman,  Crownsville, MD (US)</b></td>
          </tr>
          <tr align="center">
            <td colspan="3" class="table_data"><b>Assigned to  Dragos, Inc.,  Hanover, MD (US)</b></td>
          </tr>
          <tr align="center">
            <td colspan="3" class="table_data"><b>Filed by  Dragos, Inc.,  Hanover, MD (US)</b></td>
          </tr>
          <tr align="center">
            <td colspan="3" class="table_data"><b>Filed on May   12, 2021, as Appl. No. 17/318,539.</b></td>
          </tr>
          <tr align="center">
            <td colspan="3" class="table_data"><b>Prior Publication US 2022/0368711 A1, Nov.  17, 2022</b></td>
          </tr>
          <tr align="center">
            <td colspan="3" class="table_data"><b>Int. Cl. </b><i><b>H04L 29/06</b></i> (2006.01); <i><b>H04L 9/40</b></i> (2022.01)</td>
          </tr>
        </table>
        <table width="90%" border="0" rules="none" align="center">
          <colgroup>
            <col width="75%">
            <col width="15%">
          </colgroup>
          <tr align="left">
            <td class="table_data" align="left"><b>CPC </b><i><b>H04L 63/1425</b></i> (2013.01)&#xa0;[<i><b>H04L 63/101</b></i> (2013.01); <i><b>H04L 63/102</b></i> (2013.01); <i><b>H04L 63/105</b></i> (2013.01); <i><b>H04L 63/1433</b></i> (2013.01); <i><b>H04L 63/1441</b></i> (2013.01)]</td>
            <td class="table_data" align="right"><b>20 Claims</b></td>
          </tr>
        </table>
        <center><img src="US11677771-20230613-D00000.gif" alt="OG exemplary drawing"></center>
        <table width="90%" border="0" rules="none" align="center">
          <colgroup>
            <col width="90%">
          </colgroup>
          <tr>
            <td class="table_data" align="center">&#xa0;</td>
          </tr>
          <tr>
            <td valign="top" class="para_text">
              <div class="claim_text_root">1. A method comprising:<div class="claim_text">for each operational technology (OT) network of a plurality of OT networks, said each OT network being a segmented network that is isolated from the Internet and comprising at least one physical process device and at least one control device configured to control the at least one physical process device:<div class="claim_text">providing at least one monitoring device for deployment in said each OT network, the at least one monitoring device configured to process OT network traffic in an OT network protocol and collect telemetry data including telemetry data corresponding to the at least one physical process device and at least one control device, and</div>
                  <div class="claim_text">providing a telemetry sanitization system for said each OT network, the telemetry sanitization system configured to apply a sanitization process to the telemetry data collected by the at least one monitoring device to generate sanitized telemetry data that does not include sensitive data identifying said each OT network, any of the at least one process device, and any of the at least one control device;</div>
                </div>
                <div class="claim_text">receiving the sanitized telemetry data from the telemetry sanitization systems provided for the plurality of OT networks;</div>
                <div class="claim_text">maintaining threat intelligence data generated based on the sanitized telemetry data, the threat intelligence data describing a plurality of security threats identified in the plurality of OT networks based on contextual data of the sanitized telemetry data, the threat intelligence data being insufficient to reidentify any OT network, any process device of a respective OT network, and any control device of a respective OT network; and</div>
                <div class="claim_text">providing access to at least one of the threat intelligence data and the sanitized telemetry data to a plurality of users;</div>
                <div class="claim_text">wherein receiving the sanitized telemetry data, maintaining the threat intelligence data, and providing access are performed by one or more computing devices.</div>
              </div>
            </td>
          </tr>
        </table>
      </div>
    
  </body>
</html>