58 patents
Page 2 of 3
Utility
Data leakage prevention over application programming interface
4 Oct 22
A method by a network device for assigning data types to data values included in application programming interface (API) responses sent by an API server to one or more API clients via an API.
Itsik Mantin, Avidan Reich
Filed: 30 Dec 20
Utility
Capturing contextual information for data accesses to improve data security
4 Oct 22
A method by one or more runtime agents protecting a web application for capturing contextual information for data accesses.
Kunal Anand, Brian Anderson, Joe Moore, Ran Rosin, Itsik Mantin, Peter Klimek, Craig Burlingame
Filed: 30 Dec 19
Utility
Chunk-scanning of web application layer requests to reduce delays
27 Sep 22
A method by a web application layer attack detector communicatively coupled between web application clients and web application servers.
Boris Zingerman, Uri Shapen
Filed: 18 Jan 19
Utility
Data based web application firewall
6 Sep 22
A method for protecting information from databases includes a web application firewall and a database activity monitor.
Shiri Margel, Itsik Mantin, Amichai Shulman, Daniella Goihman-Shuster
Filed: 17 Apr 19
Utility
Method for generating a human likeness score
23 Aug 22
One embodiment of the invention is a method utilizing a CAPTCHA to generate a human likeness score including blocks: a) receiving a user solution to the CAPTCHA; b) receiving a user interaction pattern descriptive of an interaction undertaken by the user, through a graphical interface of the CAPTCHA, to achieve the user solution; c) determining the accuracy of the user solution; d) comparing the user interaction pattern against an interaction model generated from interaction patterns of previous users; e) calculating the human likeness score based upon the determination of block c) and the comparison of block d), wherein the human likeness score lies within a continuum of human likeness scores.
Tyler James Paxton, Reid Michael Tatoris, Benjamin Trenda, Elvis Jakupovic, Steven P. Burkett, Adam Michael Janower
Filed: 6 Feb 20
Utility
Monitoring and preventing use of weak cryptographic logic
2 Aug 22
A runtime application self protection (RASP) plug-in monitors for, and prevents, invocation of unacceptably weak cryptographic processing requested by an application.
Kunal Anand
Filed: 17 Oct 19
Utility
Inline anomaly detection for multi-request operations
2 Aug 22
A method is described for a proxy to mitigate attacks from web application clients based on context of web application layer requests.
Jonathan R. Azaria, Ori Or-Meir, Nadav Avital, Amir Shladovsky, Ben Herzberg
Filed: 30 Dec 19
Utility
Mechanism for providing obfuscated code to web application clients
26 Jul 22
A method by one or more network devices for providing obfuscated code to web application clients.
Itsik Mantin
Filed: 1 Aug 19
Utility
Community-based data security
10 May 22
A method by one or more electronic devices implementing a system for providing community-based data security, where the system is communicatively coupled to a plurality of database security analyzers, where each of the plurality of database security analyzers is configured to analyze data accesses to one or more databases associated with that database security analyzer.
Doron Tzur, Shiri Margel, Itsik Mantin
Filed: 30 Apr 19
Utility
Dynamic aggregation of information based on web application layer requests
10 May 22
A method by a web application layer proxy for dynamically creating counters during runtime based on actual web application layer requests received by the web application layer proxy.
David Levy Nahum
Filed: 28 Aug 19
Utility
Generating collection rules based on security rules
10 May 22
A computing device is described that is coupled to a set of web application layer attack detectors (ADs), which are coupled between clients and web application servers.
Nadav Avital Arbel, Luda Lazar, Gilad Yehudai
Filed: 28 Dec 18
Utility
Infrastructure distributed denial of service protection
15 Mar 22
A method of providing infrastructure protection for a server of a network organization, the method including announcing an internet protocol (IP) address range associated with the network organization using a border gateway protocol (BGP) on an edge server of a distributed network of edge servers.
Dvir Shapira, Ehud Cohen, Tomer Bronshtein, Eyal Leshem, Alon Ludmer
Filed: 3 Apr 20
Utility
Infrastructure distributed denial of service protection
15 Mar 22
Dvir Shapira, Ehud Cohen, Tomer Bronshtein, Eyal Leshem, Alon Ludmer
Filed: 3 Apr 20
Utility
Streaming-friendly technology for detection of data
1 Mar 22
A method by a network device for detecting data in a data stream.
Itsik Mantin
Filed: 29 Dec 20
Utility
Accelerating dynamic content delivery in a content delivery network
1 Feb 22
A technique for accelerating dynamic content delivery in a content delivery network.
David Levy Nahum
Filed: 27 Jun 19
Utility
Aggregating alerts of malicious events for computer security
4 Jan 22
A method of processing malicious events in a network infrastructure determines features of malicious events detected by a firewall of an attack analyzer.
Gilad Yehudai, Itsik Mantin, Lior Fisch, Shelly Hershkovitz, Amichai Shulman, Moran Rachel Ambar
Filed: 5 Jun 18
Utility
Insider threat detection utilizing user group to data object and/or resource group access analysis
12 Oct 21
Techniques for detecting suspicious data object access requests indicative of potential insider threats are described.
Guy Shtar, Shiri Margel
Filed: 22 Jan 19
Utility
Columnar storage and processing of unstructured data
12 Oct 21
Data storage for unstructured data such as JSON data stored as collections of documents transforms the JSON data into a columnar form of storing unstructured data by grouping similar fields together for facilitating retrieval of the individual fields from a range of documents.
Ron Ben-Natan, Ury Segal
Filed: 13 Jun 14
Utility
Automatic generation of attribute values for rules of a web application layer attack detector
13 Jul 21
According to one embodiment, a web application layer attack detector (AD) is coupled between an HTTP client and a web application server.
Tal Arieh Be'ery, Shelly Hershkovitz, Nitzan Niv, Amichai Shulman
Filed: 8 Aug 17
Utility
Coordinated detection and differentiation of denial of service attacks
29 Jun 21
An analyzer module (AM) within a same protected network and on-premise with a server detects and distinguishes between types of Denial-of-Service (DoS) attacks.
Tal Arieh Be'ery, Amichai Shulman
Filed: 23 Jul 19