Patents by Inventor Alexei KRAVTSOV
Alexei KRAVTSOV has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Publication number: 20240134979Abstract: In one embodiment, a method includes generating an application programming interface (API) definition by observing traffic. The API definition is associated with an API definition name and an API specification. The method also includes mounting the API definition with an application and deploying the application by a Continuous Integration/Continuous Delivery (CI/CD) pipeline. The method further includes implementing a runtime API and mapping the runtime API to the API definition.Type: ApplicationFiled: May 14, 2023Publication date: April 25, 2024Inventors: Alexei Kravtsov, Giovanni Conte, Hendrikus G. P. Bosch
-
Patent number: 11822672Abstract: In one embodiment, a method includes extracting, by a vulnerability scanning tool, a plurality of images from one or more pods running within a cluster. The method also includes determining, by the vulnerability scanning tool, a plurality of unique images from the plurality of images, scanning, by the vulnerability scanning tool, the plurality of unique images in parallel, and detecting, by the vulnerability scanning tool, one or more vulnerabilities within the plurality of unique images in response to scanning the plurality of unique images in parallel. The method further includes determining, by the vulnerability scanning tool, a vulnerability level associated with a pod of the one or more pods and assigning, by the vulnerability scanning tool, the vulnerability level to the pod.Type: GrantFiled: June 1, 2021Date of Patent: November 21, 2023Assignee: CISCO TECHNOLOGY, INC.Inventors: Alexei Kravtsov, Idan Frimark, Erez Fishhimer
-
Publication number: 20230353593Abstract: In one embodiment, a method includes generating, by a pod deployment tool, a security context profile, associating, by the pod deployment tool, the security context profile with a deployment rule, and associating, by the pod deployment tool, a vulnerability level with the deployment rule. The method also includes identifying, by the pod deployment tool, pod policies associated with a pod located within a cluster of a network and analyzing, by the pod deployment tool, conditions of the deployment rule using the pod policies. The conditions may be associated with the security context profile and the vulnerability level. The method further includes determining, by the pod deployment tool, whether to allow deployment of the pod within the network in response to analyzing the conditions of the deployment rule.Type: ApplicationFiled: July 10, 2023Publication date: November 2, 2023Inventors: Alexei Kravtsov, Idan Frimark, Erez Fishhimer
-
Patent number: 11700274Abstract: In one embodiment, a method includes generating, by a pod deployment tool, a security context profile, associating, by the pod deployment tool, the security context profile with a deployment rule, and associating, by the pod deployment tool, a vulnerability level with the deployment rule. The method also includes identifying, by the pod deployment tool, pod policies associated with a pod located within a cluster of a network and analyzing, by the pod deployment tool, conditions of the deployment rule using the pod policies. The conditions may be associated with the security context profile and the vulnerability level. The method further includes determining, by the pod deployment tool, whether to allow deployment of the pod within the network in response to analyzing the conditions of the deployment rule.Type: GrantFiled: June 1, 2021Date of Patent: July 11, 2023Assignee: CISCO TECHNOLOGY, INC.Inventors: Alexei Kravtsov, Idan Frimark, Erez Fishhimer
-
Patent number: 11588646Abstract: A system and method for establishing application identities including application runtime properties. A method includes signing at least one artifact of a first application communicating with a second application, wherein each of the at least one artifact includes data used for executing the first application, wherein a signing result of each artifact is a signed cryptographic hash of the artifact; monitoring events related to communications between the first application and the second application to identify a file event; generating at least one runtime hash for the file event, wherein the at least one runtime hash represents runtime properties of the first application; and generating an application identity for the first application, the application identity for the first application including the signed cryptographic hash of each of the at least one artifact and the at least one runtime hash of the file event.Type: GrantFiled: September 8, 2020Date of Patent: February 21, 2023Assignee: CISCO TECHNOLOGY, INC.Inventors: Ran Ilany, Alexei Kravtsov
-
Patent number: 11533182Abstract: A method and system for securing instantiates. The method includes determining at least one signable file among a plurality of files of an instantiate, wherein determining the at least one signable file further comprises classifying each of the plurality of files with respect to whether the file is changed at runtime; signing each of the at least one signable file to create at least one first signature, wherein signing the plurality of files further comprises computing a cryptographic hash for each file, wherein each encrypted hash is signed using a private key; and verifying an identity of the instantiate using the at least one first signature, wherein verifying the identity of the instantiate further comprises comparing the at least one first signature to the at least one second signature, wherein each of the at least one second signature is a signature of one of the at least one signable file at runtime.Type: GrantFiled: March 6, 2020Date of Patent: December 20, 2022Assignee: CISCO TECHNOLOGY, INC.Inventors: Ran Ilany, Alexei Kravtsov, Ophir Setter
-
Publication number: 20210075626Abstract: A system and method for establishing application identities including application runtime properties. A method includes signing at least one artifact of a first application communicating with a second application, wherein each of the at least one artifact includes data used for executing the first application, wherein a signing result of each artifact is a signed cryptographic hash of the artifact; monitoring events related to communications between the first application and the second application to identify a file event; generating at least one runtime hash for the file event, wherein the at least one runtime hash represents runtime properties of the first application; and generating an application identity for the first application, the application identity for the first application including the signed cryptographic hash of each of the at least one artifact and the at least one runtime hash of the file event.Type: ApplicationFiled: September 8, 2020Publication date: March 11, 2021Applicant: Portshift Software Technologies LTD.Inventors: Ran ILANY, Alexei KRAVTSOV
-
Publication number: 20200287723Abstract: A method and system for securing instantiates. The method includes determining at least one signable file among a plurality of files of an instantiate, wherein determining the at least one signable file further comprises classifying each of the plurality of files with respect to whether the file is changed at runtime; signing each of the at least one signable file to create at least one first signature, wherein signing the plurality of files further comprises computing a cryptographic hash for each file, wherein each encrypted hash is signed using a private key; and verifying an identity of the instantiate using the at least one first signature, wherein verifying the identity of the instantiate further comprises comparing the at least one first signature to the at least one second signature, wherein each of the at least one second signature is a signature of one of the at least one signable file at runtime.Type: ApplicationFiled: March 6, 2020Publication date: September 10, 2020Applicant: Portshift Software Technologies LTD.Inventors: Ran ILANY, Alexei KRAVTSOV, Ophir SETTER