Patents by Inventor Ariel Futoransky
Ariel Futoransky has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Publication number: 20220270093Abstract: A system and method for detecting intrusions to a set of assets comprising a list of assets identifications, a list of wallet identifications, a register of asset-wallet associations, a bitcoin blockchain, wherein each asset holds a wallet, and wherein wallet identifications include bitcoin live unspent transactions, the method consisting in the steps of: at the publication of every new block of the bitcoin blockchain, checking if one of the live unspent transactions is missing from the list of live unspent transactions included in the new block of the blockchain, and determining whether an intrusion has happened based on the check.Type: ApplicationFiled: February 23, 2022Publication date: August 25, 2022Inventors: Ariel Futoransky, Jonatan Lucas Altszul, Matias Augusto Travizano
-
Publication number: 20200058023Abstract: A blockchain-based, decentralized data marketplace is described. The marketplace allows data sellers to sell their data to data buyers in exchange for payments in tokens. The marketplace allows for securely and anonymously selling data in a trusted environment that is also fair to all participants and provides data sellers with the ability to control and monetize their own data (e.g., personal data). A notary with access to “ground truth” data can validate data that is being offered in the marketplace to ensure that it is not falsified or fabricated before it is purchased by a data buyer. The marketplace implements blockchain-based smart contracts that work together, and with cryptographic protocols, to achieve an efficient, decentralized data marketplace where data sellers and data buyers transact directly with one another while remaining anonymous, if desired.Type: ApplicationFiled: August 13, 2019Publication date: February 20, 2020Inventors: Matias Travizano, Martin Minnoni, Daniel Fernandez, Ariel Futoransky, Gustavo Ezequiel Ajzenman, Carlos Sarraute
-
Patent number: 9183397Abstract: A system for providing automated computer security compromise as a service, contains a web server having a web front end running on the web server. The Web server has stored therein pentest definitions. A command and control component processes the pentest definitions, builds pentest task tickets and reporting task tickets, and monitors at least one penetration tester component and/or at least one report generator component. The command and control component interacts with a cloud computing environment to scale up or down the number of penetration tester components and the number of report generator components, and assigns task tickets to the penetration tester and report generator components. At least one penetration tester component runs penetration testing modules available inside the penetration testing framework as instructed by the pentest task tickets. At least one reporter generator component generates reports based on the reporting tasks tickets generated by the command and control service.Type: GrantFiled: June 5, 2012Date of Patent: November 10, 2015Assignee: Core SDI IncorporatedInventors: Ariel Futoransky, Aureliano Emanuel Calvo, Fernando Russ Federico Russ, Jorge Lucangeli Obes, Ariel Waissbein, Alejandro Javier Frydman, Ezequiel David Gutesman, Pedro Oscar Varangot
-
Publication number: 20140237606Abstract: A system for providing automated computer security compromise as a service, contains a web server having a web front end running on the web server. The Web server has stored therein pentest definitions. A command and control component processes the pentest definitions, builds pentest task tickets and reporting task tickets, and monitors at least one penetration tester component and/or at least one report generator component. The command and control component interacts with a cloud computing environment to scale up or down the number of penetration tester components and the number of report generator components, and assigns task tickets to the penetration tester and report generator components. At least one penetration tester component runs penetration testing modules available inside the penetration testing framework as instructed by the pentest task tickets. At least one reporter generator component generates reports based on the reporting tasks tickets generated by the command and control service.Type: ApplicationFiled: June 5, 2012Publication date: August 21, 2014Applicant: Core SDI IncorporatedInventors: Ariel Futoransky, Aureliano Emanuel Calvo, Alejandro Javier Frydman, Ezequiel David Gutesman, Pedro Oscar Varangot, Fernando Russ Federico Russ, Jorge Lucangeli Obes, Ariel Waissbein
-
Patent number: 8490193Abstract: A system and method for automated probabilistic planning of network attacks against infrastructures of computer networks and applications is provided. The embodiments automate the analysis and probabilistic planning of multi-step attacks to computer and application networks (in particular in the context of automating penetration tests), optimizing with respect to one of the following metrics: the probability of success of the actions, a numerical parameter that must be minimized (e.g., running time), or the number of logs generated by the control devices in the target network.Type: GrantFiled: September 8, 2010Date of Patent: July 16, 2013Assignee: Core Security TechnologiesInventors: Carlos Emilio Sarraute Yamada, Ariel Futoransky, Gerardo Gabriel Richarte, Jorge Lucangeli Obes
-
Patent number: 8484738Abstract: A system and method provide application penetration testing. The system contains logic configured to find at least one vulnerability in the application so as to gain access to data associated with the application, logic configured to confirm the vulnerability and determine if the application can be compromised, and logic configured to compromise and analyze the application by extracting or manipulating data from a database associated with the application. In addition, the method provides for penetration testing of a target by: receiving at least one confirmed vulnerability of the target; receiving a method for compromising the confirmed vulnerability of the target; installing a network agent on the target in accordance with the method, wherein the network agent allows a penetration tester to execute arbitrary operating system commands on the target; and executing the arbitrary operating system commands on the target to analyze risk to which the target may be exposed.Type: GrantFiled: March 6, 2008Date of Patent: July 9, 2013Assignee: Core SDI IncorporatedInventors: Alberto Gustavo Soliño Testa, Gerardo Gabriel Richarte, Fernando Federico Russ, Diego Martin Kelyacoubian, Ariel Futoransky, Diego Bartolome Tiscornia, Ariel Waissbein, Hector Adrian Manrique, Javier Ricardo De Acha Campos, Eduardo Arias, Sebastian Pablo Cufre, Axel Elián Brzostowski
-
Patent number: 8356353Abstract: The present invention provides a system and method for providing computer network attack simulation. The method includes the steps of: receiving a network configuration and setup description; simulating the network configuration based on the received network configuration; receiving at least one confirmed vulnerability of at least one computer, machine, or network device in the simulated network; receiving a method for compromising the confirmed vulnerability of the at least one computer, machine, or network device; and virtually installing a network agent on the at least one computer, machine, or network device, wherein the network agent allows a penetration tester to execute arbitrary operating system calls on the at least one computer, machine, or network device.Type: GrantFiled: June 26, 2008Date of Patent: January 15, 2013Assignee: Core SDI, IncorporatedInventors: Ariel Futoransky, Fernando Carlos Miranda, Jose Ignacio Orlicki, Carlos Emilio Sarraute Yamada
-
Patent number: 8146135Abstract: Method, system, and computer code for implementing privacy protection in a web application, wherein the web application is executed in a web application language execution environment within a web server, the method containing the steps of: establishing at least one inbound tagging rule for tagging objects entering the web application language execution environment, referred to as inbound objects, according to a respective source of each of the inbound objects; assigning a tag to at least one of the inbound objects being operated on by the web application language execution environment based on the at least one inbound tagging rule; establishing at least one privacy rule for performing privacy actions on at least one object that is outbound from the web application language execution environment, referred to as outbound objects, according to a respective tag of each of the outbound objects; and performing a privacy action on the at least one outbound object being operated on by the web application language exType: GrantFiled: October 21, 2010Date of Patent: March 27, 2012Assignee: Core SDI, IncorporatedInventors: Ariel Waissbein, Ariel Futoransky, Diego Bartolome Tiscornia, Ezequiel David Gutesman
-
Publication number: 20110113468Abstract: Method, system, and computer code for implementing privacy protection in a web application, wherein the web application is executed in a web application language execution environment within a web server, the method containing the steps of: establishing at least one inbound tagging rule for tagging objects entering the web application language execution environment, referred to as inbound objects, according to a respective source of each of the inbound objects; assigning a tag to at least one of the inbound objects being operated on by the web application language execution environment based on the at least one inbound tagging rule; establishing at least one privacy rule for performing privacy actions on at least one object that is outbound from the web application language execution environment, referred to as outbound objects, according to a respective tag of each of the outbound objects; and performing a privacy action on the at least one outbound object being operated on by the web application language exType: ApplicationFiled: October 21, 2010Publication date: May 12, 2011Applicant: Core Security TechnologiesInventors: Ariel Waissbein, Ariel Futoransky, Diego Bartolome Tiscornia, Ezequiel David Gutesman
-
Publication number: 20110061104Abstract: A system and method for automated probabilistic planning of network attacks against infrastructures of computer networks and applications is provided. The embodiments automate the analysis and probabilistic planning of multi-step attacks to computer and application networks (in particular in the context of automating penetration tests), optimizing with respect to one of the following metrics: the probability of success of the actions, a numerical parameter that must be minimized (e.g., running time), or the number of logs generated by the control devices in the target network.Type: ApplicationFiled: September 8, 2010Publication date: March 10, 2011Applicant: CORE SDI, INC.Inventors: Carlos Emilio Sarraute Yamada, Ariel Futoransky, Gerardo Gabriel Richarte, Jorge Lucangeli Obes
-
Patent number: 7831995Abstract: Method, system, and computer code for implementing security and privacy policy in a web application having an execution environment in which a representation of each object handled by the execution environment accommodates data and an associated tag. An inbound tagging rule is established for tagging inbound objects according to a respective source of each of the inbound objects. A tag is assigned to an object being operated on by the execution environment based on the inbound tagging rule. A security/privacy rule is established for performing security/privacy actions on outbound objects according to a respective tag of each of the outbound objects. A security/privacy action is performed on the object being operated on by the execution environment based on the security/privacy rule.Type: GrantFiled: October 31, 2005Date of Patent: November 9, 2010Assignee: CORE, SDI, Inc.Inventors: Ariel Futoransky, Ariel Waissbein, Diego Bartolome Tiscornia, Ezequiel Gutesman
-
Patent number: 7549147Abstract: A method for protecting software is provided, where source code for the software has a first directive marking an encryption beginning point and a second directive marking an encryption end point. The method contains the steps of: processing the source code to identify a block of code between the first and second directives; compiling the source code to produce a binary file; generating a valid key and a random string; encrypting the random string with the key to obtain a first encrypted value; encrypting a portion of the binary file corresponding to the block of code with the valid key to obtain a second encrypted value; and replacing the portion of the binary file corresponding to the block of code with the second encrypted value and code that can decrypt the second encrypted value during execution of the software.Type: GrantFiled: April 15, 2003Date of Patent: June 16, 2009Assignee: Core SDI, IncorporatedInventors: Ariel Futoransky, Carlos Emilio Sarraute Yamada, Diego Ariel Bendersky, Luciano Notarfrancesco, Ariel Waissbein
-
Publication number: 20090007270Abstract: The present invention provides a system and method for providing computer network attack simulation. The method includes the steps of: receiving a network configuration and setup description; simulating the network configuration based on the received network configuration; receiving at least one confirmed vulnerability of at least one computer, machine, or network device in the simulated network; receiving a method for compromising the confirmed vulnerability of the at least one computer, machine, or network device; and virtually installing a network agent on the at least one computer, machine, or network device, wherein the network agent allows a penetration tester to execute arbitrary operating system calls on the at least one computer, machine, or network device.Type: ApplicationFiled: June 26, 2008Publication date: January 1, 2009Applicant: Core SDI, IncInventors: Ariel Futoransky, Fernando Carlos Miranda, Jose Ignacio Orlicki, Carlos Emilio Sarraute Yamada
-
Publication number: 20080263671Abstract: A system and method provide application penetration testing. The system contains logic configured to find at least one vulnerability in the application so as to gain access to data associated with the application, logic configured to confirm the vulnerability and determine if the application can be compromised, and logic configured to compromise and analyze the application by extracting or manipulating data from a database associated with the application. In addition, the method provides for penetration testing of a target by: receiving at least one confirmed vulnerability of the target; receiving a method for compromising the confirmed vulnerability of the target; installing a network agent on the target in accordance with the method, wherein the network agent allows a penetration tester to execute arbitrary operating system commands on the target; and executing the arbitrary operating system commands on the target to analyze risk to which the target may be exposed.Type: ApplicationFiled: March 6, 2008Publication date: October 23, 2008Applicant: Core SDI, IncorporatedInventors: Alberto Gustavo Solino Testa, Gerardo Gabriel Richarte, Fernando Federico Russ, Diego Martin Kelyacoubian, Ariel Futoransky, Diego Bartolome Tiscornia, Ariel Waissbein, Hector Adrian Manrique, Javier Ricardo De Acha Campos, Eduardo Arias, Sebastian Pablo Cufre, Axel Elian Brzostowski
-
Publication number: 20060143688Abstract: Method, system, and computer code for implementing security and privacy policy in a web application having an execution environment in which a representation of each object handled by the execution environment accommodates data and an associated tag. An inbound tagging rule is established for tagging inbound objects according to a respective source of each of the inbound objects. A tag is assigned to an object being operated on by the execution environment based on the inbound tagging rule. A security/privacy rule is established for performing security/privacy actions on outbound objects according to a respective tag of each of the outbound objects. A security/privacy action is performed on the object being operated on by the execution environment based on the security/privacy rule.Type: ApplicationFiled: October 31, 2005Publication date: June 29, 2006Applicant: CORE SDI, IncorporatedInventors: Ariel Futoransky, Ariel Waissbein, Diego Tiscornia, Ezequiel Gutesman
-
Publication number: 20030220940Abstract: A system and method are provided for analyzing audit log data. Text strings from a plurality of devices are stored in a log database, each of the text strings being indicative of an audit event in the respective device. At least a portion of the text strings are retrieved from the log database and the retrieved text strings are parsed according to pre-defined parsing rules. Each of the retrieved text strings is mapped to a respective audit event. The retrieved text strings are mapped based on the respective audit event. Representations of the filtered text strings are displayed on a grid using color-coded areas. The horizontal axis of the grid represents a first time scale and the vertical axis of the grid represents a second time scale different from the first time scale.Type: ApplicationFiled: April 15, 2003Publication date: November 27, 2003Applicant: Core SDI, IncorporatedInventors: Ariel Futoransky, Emiliano Kargieman, Diego Ariel Bendersky, Luciano Notarfrancesco, Gerardo Gabriel Richarte, Ivan Francisco Arce, Alejo Sanchez, Diego Ariel Aizemberg
-
Publication number: 20030221116Abstract: A security framework is provided for protecting software. The source code for the software has directives marking portions of the source code to be modified or encrypted. The source code is modified using a random factor based on the directives. The source code is compiled to produce a binary file. Source code starting and ending lines and binary file positions of each of the blocks to be encrypted are stored. Portions of the binary file that correspond to each of these blocks are encrypted. Each of these blocks is decrypted when a function inside the block is required during execution of the software.Type: ApplicationFiled: April 15, 2003Publication date: November 27, 2003Applicant: Core SDI, IncorporatedInventors: Ariel Futoransky, Carlos Emilio Sarraute Yamada, Diego Ariel Bendersky, Luciano Notarfrancesco, Ariel Waissbein
-
Publication number: 20030177376Abstract: A system is provided for controlling access to information technology assets in a computer network. The system includes a ticket manager server configured to generate tickets based on user data in a master database. A ticket manager client, resident on a workstation, is configured to receive tickets from the ticket manager server and distribute resource data obtained from the tickets to network security modules. The user data includes resource registers, each of which has a type field designating a particular security module, resource data for use by the designated security module, and an execution domain field that exclusively designates an execution environment in which the designated security module can use the resource data.Type: ApplicationFiled: January 30, 2003Publication date: September 18, 2003Applicant: Core SDI, Inc.Inventors: Ivan Francisco Fernando Arce Velleggia, Ariel Futoransky, Gerardo Gabriel Richarte, Emiliano Kargieman, Carlos Hernan Ochoa