Patents by Inventor Ariel Waissbein
Ariel Waissbein has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 9183397Abstract: A system for providing automated computer security compromise as a service, contains a web server having a web front end running on the web server. The Web server has stored therein pentest definitions. A command and control component processes the pentest definitions, builds pentest task tickets and reporting task tickets, and monitors at least one penetration tester component and/or at least one report generator component. The command and control component interacts with a cloud computing environment to scale up or down the number of penetration tester components and the number of report generator components, and assigns task tickets to the penetration tester and report generator components. At least one penetration tester component runs penetration testing modules available inside the penetration testing framework as instructed by the pentest task tickets. At least one reporter generator component generates reports based on the reporting tasks tickets generated by the command and control service.Type: GrantFiled: June 5, 2012Date of Patent: November 10, 2015Assignee: Core SDI IncorporatedInventors: Ariel Futoransky, Aureliano Emanuel Calvo, Fernando Russ Federico Russ, Jorge Lucangeli Obes, Ariel Waissbein, Alejandro Javier Frydman, Ezequiel David Gutesman, Pedro Oscar Varangot
-
Publication number: 20140237606Abstract: A system for providing automated computer security compromise as a service, contains a web server having a web front end running on the web server. The Web server has stored therein pentest definitions. A command and control component processes the pentest definitions, builds pentest task tickets and reporting task tickets, and monitors at least one penetration tester component and/or at least one report generator component. The command and control component interacts with a cloud computing environment to scale up or down the number of penetration tester components and the number of report generator components, and assigns task tickets to the penetration tester and report generator components. At least one penetration tester component runs penetration testing modules available inside the penetration testing framework as instructed by the pentest task tickets. At least one reporter generator component generates reports based on the reporting tasks tickets generated by the command and control service.Type: ApplicationFiled: June 5, 2012Publication date: August 21, 2014Applicant: Core SDI IncorporatedInventors: Ariel Futoransky, Aureliano Emanuel Calvo, Alejandro Javier Frydman, Ezequiel David Gutesman, Pedro Oscar Varangot, Fernando Russ Federico Russ, Jorge Lucangeli Obes, Ariel Waissbein
-
Patent number: 8484738Abstract: A system and method provide application penetration testing. The system contains logic configured to find at least one vulnerability in the application so as to gain access to data associated with the application, logic configured to confirm the vulnerability and determine if the application can be compromised, and logic configured to compromise and analyze the application by extracting or manipulating data from a database associated with the application. In addition, the method provides for penetration testing of a target by: receiving at least one confirmed vulnerability of the target; receiving a method for compromising the confirmed vulnerability of the target; installing a network agent on the target in accordance with the method, wherein the network agent allows a penetration tester to execute arbitrary operating system commands on the target; and executing the arbitrary operating system commands on the target to analyze risk to which the target may be exposed.Type: GrantFiled: March 6, 2008Date of Patent: July 9, 2013Assignee: Core SDI IncorporatedInventors: Alberto Gustavo Soliño Testa, Gerardo Gabriel Richarte, Fernando Federico Russ, Diego Martin Kelyacoubian, Ariel Futoransky, Diego Bartolome Tiscornia, Ariel Waissbein, Hector Adrian Manrique, Javier Ricardo De Acha Campos, Eduardo Arias, Sebastian Pablo Cufre, Axel Elián Brzostowski
-
Patent number: 8146135Abstract: Method, system, and computer code for implementing privacy protection in a web application, wherein the web application is executed in a web application language execution environment within a web server, the method containing the steps of: establishing at least one inbound tagging rule for tagging objects entering the web application language execution environment, referred to as inbound objects, according to a respective source of each of the inbound objects; assigning a tag to at least one of the inbound objects being operated on by the web application language execution environment based on the at least one inbound tagging rule; establishing at least one privacy rule for performing privacy actions on at least one object that is outbound from the web application language execution environment, referred to as outbound objects, according to a respective tag of each of the outbound objects; and performing a privacy action on the at least one outbound object being operated on by the web application language exType: GrantFiled: October 21, 2010Date of Patent: March 27, 2012Assignee: Core SDI, IncorporatedInventors: Ariel Waissbein, Ariel Futoransky, Diego Bartolome Tiscornia, Ezequiel David Gutesman
-
Publication number: 20110113468Abstract: Method, system, and computer code for implementing privacy protection in a web application, wherein the web application is executed in a web application language execution environment within a web server, the method containing the steps of: establishing at least one inbound tagging rule for tagging objects entering the web application language execution environment, referred to as inbound objects, according to a respective source of each of the inbound objects; assigning a tag to at least one of the inbound objects being operated on by the web application language execution environment based on the at least one inbound tagging rule; establishing at least one privacy rule for performing privacy actions on at least one object that is outbound from the web application language execution environment, referred to as outbound objects, according to a respective tag of each of the outbound objects; and performing a privacy action on the at least one outbound object being operated on by the web application language exType: ApplicationFiled: October 21, 2010Publication date: May 12, 2011Applicant: Core Security TechnologiesInventors: Ariel Waissbein, Ariel Futoransky, Diego Bartolome Tiscornia, Ezequiel David Gutesman
-
Patent number: 7831995Abstract: Method, system, and computer code for implementing security and privacy policy in a web application having an execution environment in which a representation of each object handled by the execution environment accommodates data and an associated tag. An inbound tagging rule is established for tagging inbound objects according to a respective source of each of the inbound objects. A tag is assigned to an object being operated on by the execution environment based on the inbound tagging rule. A security/privacy rule is established for performing security/privacy actions on outbound objects according to a respective tag of each of the outbound objects. A security/privacy action is performed on the object being operated on by the execution environment based on the security/privacy rule.Type: GrantFiled: October 31, 2005Date of Patent: November 9, 2010Assignee: CORE, SDI, Inc.Inventors: Ariel Futoransky, Ariel Waissbein, Diego Bartolome Tiscornia, Ezequiel Gutesman
-
Patent number: 7549147Abstract: A method for protecting software is provided, where source code for the software has a first directive marking an encryption beginning point and a second directive marking an encryption end point. The method contains the steps of: processing the source code to identify a block of code between the first and second directives; compiling the source code to produce a binary file; generating a valid key and a random string; encrypting the random string with the key to obtain a first encrypted value; encrypting a portion of the binary file corresponding to the block of code with the valid key to obtain a second encrypted value; and replacing the portion of the binary file corresponding to the block of code with the second encrypted value and code that can decrypt the second encrypted value during execution of the software.Type: GrantFiled: April 15, 2003Date of Patent: June 16, 2009Assignee: Core SDI, IncorporatedInventors: Ariel Futoransky, Carlos Emilio Sarraute Yamada, Diego Ariel Bendersky, Luciano Notarfrancesco, Ariel Waissbein
-
Publication number: 20080263671Abstract: A system and method provide application penetration testing. The system contains logic configured to find at least one vulnerability in the application so as to gain access to data associated with the application, logic configured to confirm the vulnerability and determine if the application can be compromised, and logic configured to compromise and analyze the application by extracting or manipulating data from a database associated with the application. In addition, the method provides for penetration testing of a target by: receiving at least one confirmed vulnerability of the target; receiving a method for compromising the confirmed vulnerability of the target; installing a network agent on the target in accordance with the method, wherein the network agent allows a penetration tester to execute arbitrary operating system commands on the target; and executing the arbitrary operating system commands on the target to analyze risk to which the target may be exposed.Type: ApplicationFiled: March 6, 2008Publication date: October 23, 2008Applicant: Core SDI, IncorporatedInventors: Alberto Gustavo Solino Testa, Gerardo Gabriel Richarte, Fernando Federico Russ, Diego Martin Kelyacoubian, Ariel Futoransky, Diego Bartolome Tiscornia, Ariel Waissbein, Hector Adrian Manrique, Javier Ricardo De Acha Campos, Eduardo Arias, Sebastian Pablo Cufre, Axel Elian Brzostowski
-
Publication number: 20060143688Abstract: Method, system, and computer code for implementing security and privacy policy in a web application having an execution environment in which a representation of each object handled by the execution environment accommodates data and an associated tag. An inbound tagging rule is established for tagging inbound objects according to a respective source of each of the inbound objects. A tag is assigned to an object being operated on by the execution environment based on the inbound tagging rule. A security/privacy rule is established for performing security/privacy actions on outbound objects according to a respective tag of each of the outbound objects. A security/privacy action is performed on the object being operated on by the execution environment based on the security/privacy rule.Type: ApplicationFiled: October 31, 2005Publication date: June 29, 2006Applicant: CORE SDI, IncorporatedInventors: Ariel Futoransky, Ariel Waissbein, Diego Tiscornia, Ezequiel Gutesman
-
Publication number: 20030221116Abstract: A security framework is provided for protecting software. The source code for the software has directives marking portions of the source code to be modified or encrypted. The source code is modified using a random factor based on the directives. The source code is compiled to produce a binary file. Source code starting and ending lines and binary file positions of each of the blocks to be encrypted are stored. Portions of the binary file that correspond to each of these blocks are encrypted. Each of these blocks is decrypted when a function inside the block is required during execution of the software.Type: ApplicationFiled: April 15, 2003Publication date: November 27, 2003Applicant: Core SDI, IncorporatedInventors: Ariel Futoransky, Carlos Emilio Sarraute Yamada, Diego Ariel Bendersky, Luciano Notarfrancesco, Ariel Waissbein