Patents by Inventor Dean Sysman
Dean Sysman has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Publication number: 20240121217Abstract: Disclosed herein are devices, systems and methods for securely accessing data transferred via multiple isolated networks network, comprising adjusting one or more mapping records comprising network mapping and routing settings for a plurality of isolated networks connecting a plurality of clients to a server to expose one of the plurality of isolated networks to one or more processing engines executed by the server while concealing all other isolated networks from the respective processing engine, activating a lock configured to enable each processing engines to execute a single thread, executing the processing engine(s) to fetch data from the exposed isolated network(s), and releasing the lock, Wherein each processing engine is able to access the isolated network exposed to the respective processing engine while unable to access any of the isolated networks concealed from respective processing engine.Type: ApplicationFiled: December 15, 2023Publication date: April 11, 2024Applicant: Axonius Solutions Ltd.Inventors: Sagi HAAS, Dean SYSMAN, Ofri SHUR, Avidor BARTOV
-
Patent number: 11888819Abstract: Disclosed herein are devices, systems and methods for securely accessing data transferred via multiple isolated networks network, comprising adjusting one or more mapping records comprising network mapping and routing settings for a plurality of isolated networks connecting a plurality of clients to a server to expose one of the plurality of isolated networks to one or more processing engines executed by the server while concealing all other isolated networks from the respective processing engine, activating a lock configured to enable each processing engines to execute a single thread, executing the processing engine(s) to fetch data from the exposed isolated network(s), and releasing the lock. Wherein each processing engine is able to access the isolated network exposed to the respective processing engine while unable to access any of the isolated networks concealed from respective processing engine.Type: GrantFiled: November 9, 2021Date of Patent: January 30, 2024Assignee: Axonius Solutions Ltd.Inventors: Sagi Haas, Dean Sysman, Ofri Shur, Avidor Bartov
-
Patent number: 11750558Abstract: A system for managing network connected devices, comprising at least one hardware processor adapted to produce a plurality of unique device descriptors, each describing one of a plurality of network connected devices, by: for each of a plurality of device descriptors, each having a plurality of supported actions, and one or more domain device identifiers, each identifier associating the device descriptor with one of a plurality of management domains: for each of the plurality of management domains not associated with the device descriptor: and instructing execution on a network connected device described by the device descriptor a domain identification query according to the descriptor's plurality of supported actions, to determine a new domain device identifier.Type: GrantFiled: January 11, 2023Date of Patent: September 5, 2023Assignee: Axonius Solutions Ltd.Inventors: Avidor Bartov, Itay Weiss, Ofri Shur, Dean Sysman, Shmuel Ur
-
Publication number: 20230171224Abstract: A system for managing network connected devices, comprising at least one hardware processor adapted to produce a plurality of unique device descriptors, each describing one of a plurality of network connected devices, by: for each of a plurality of device descriptors, each having a plurality of supported actions, and one or more domain device identifiers, each identifier associating the device descriptor with one of a plurality of management domains: for each of the plurality of management domains not associated with the device descriptor: instructing execution on a network connected device described by the device descriptor a domain identification query according to the descriptor's plurality of supported actions, to determine a new domain device identifier; identifying in the plurality of device descriptors a second device descriptor having a domain device identifier equal to the new domain device identifier; and merging the device descriptor with the second device descriptor.Type: ApplicationFiled: January 11, 2023Publication date: June 1, 2023Applicant: Axonius Solutions Ltd.Inventors: Avidor BARTOV, Itay WEISS, Ofri SHUR, Dean SYSMAN, Shmuel UR
-
Publication number: 20230146393Abstract: Disclosed herein are devices, systems and methods for securely accessing data transferred via multiple isolated networks network, comprising adjusting one or more mapping records comprising network mapping and routing settings for a plurality of isolated networks connecting a plurality of clients to a server to expose one of the plurality of isolated networks to one or more processing engines executed by the server while concealing all other isolated networks from the respective processing engine, activating a lock configured to enable each processing engines to execute a single thread, executing the processing engine(s) to fetch data from the exposed isolated network(s), and releasing the lock. Wherein each processing engine is able to access the isolated network exposed to the respective processing engine while unable to access any of the isolated networks concealed from respective processing engine.Type: ApplicationFiled: November 9, 2021Publication date: May 11, 2023Applicant: Axonius Solutions Ltd.Inventors: Sagi HAAS, Dean SYSMAN, Ofri SHUR, Avidor BARTOV
-
Patent number: 11575643Abstract: A system for managing network connected devices, comprising at least one hardware processor adapted to produce a plurality of unique device descriptors, each describing one of a plurality of network connected devices, by: for each of a plurality of device descriptors, each having a plurality of supported actions, and one or more domain device identifiers, each identifier associating the device descriptor with one of a plurality of management domains: for each of the plurality of management domains not associated with the device descriptor: instructing execution on a network connected device described by the device descriptor a domain identification query according to the descriptor's plurality of supported actions, to determine a new domain device identifier; identifying in the plurality of device descriptors a second device descriptor having a domain device identifier equal to the new domain device identifier; and merging the device descriptor with the second device descriptor.Type: GrantFiled: June 14, 2021Date of Patent: February 7, 2023Assignee: Axonius Solutions Ltd.Inventors: Avidor Bartov, Itay Weiss, Ofri Shur, Dean Sysman, Shmuel Ur
-
Publication number: 20210306298Abstract: A system for managing network connected devices, comprising at least one hardware processor adapted to produce a plurality of unique device descriptors, each describing one of a plurality of network connected devices, by: for each of a plurality of device descriptors, each having a plurality of supported actions, and one or more domain device identifiers, each identifier associating the device descriptor with one of a plurality of management domains: for each of the plurality of management domains not associated with the device descriptor: instructing execution on a network connected device described by the device descriptor a domain identification query according to the descriptor's plurality of supported actions, to determine a new domain device identifier; identifying in the plurality of device descriptors a second device descriptor having a domain device identifier equal to the new domain device identifier; and merging the device descriptor with the second device descriptor.Type: ApplicationFiled: June 14, 2021Publication date: September 30, 2021Applicant: Axonius Solutions Ltd.Inventors: Avidor BARTOV, Itay WEISS, Ofri SHUR, Dean SYSMAN, Shmuel UR
-
Patent number: 11063904Abstract: A system for managing network connected devices, comprising at least one hardware processor adapted to produce a plurality of unique device descriptors, each describing one of a plurality of network connected devices, by: for each of a plurality of device descriptors, each having a plurality of supported actions, and one or more domain device identifiers, each identifier associating the device descriptor with one of a plurality of management domains: for each of the plurality of management domains not associated with the device descriptor: instructing execution on a network connected device described by the device descriptor a domain identification query according to the descriptor's plurality of supported actions, to determine a new domain device identifier; identifying in the plurality of device descriptors a second device descriptor having a domain device identifier equal to the new domain device identifier; and merging the device descriptor with the second device descriptor.Type: GrantFiled: April 29, 2020Date of Patent: July 13, 2021Assignee: Axonius Solutions Ltd.Inventors: Avidor Bartov, Itay Weiss, Ofri Shur, Dean Sysman, Shmuel Ur
-
Publication number: 20200259787Abstract: A system for managing network connected devices, comprising at least one hardware processor adapted to produce a plurality of unique device descriptors, each describing one of a plurality of network connected devices, by: for each of a plurality of device descriptors, each having a plurality of supported actions, and one or more domain device identifiers, each identifier associating the device descriptor with one of a plurality of management domains: for each of the plurality of management domains not associated with the device descriptor: instructing execution on a network connected device described by the device descriptor a domain identification query according to the descriptor's plurality of supported actions, to determine a new domain device identifier; identifying in the plurality of device descriptors a second device descriptor having a domain device identifier equal to the new domain device identifier; and merging the device descriptor with the second device descriptor.Type: ApplicationFiled: April 29, 2020Publication date: August 13, 2020Applicant: Axonius Solutions Ltd.Inventors: Avidor BARTOV, Itay WEISS, Ofri SHUR, Dean SYSMAN, Shmuel UR
-
Patent number: 10652208Abstract: A system for managing network connected devices, comprising at least one hardware processor adapted to produce a plurality of unique device descriptors, each describing one of a plurality of network connected devices, by: for each of a plurality of device descriptors, each having a plurality of supported actions, and one or more domain device identifiers, each identifier associating the device descriptor with one of a plurality of management domains: for each of the plurality of management domains not associated with the device descriptor: instructing execution on a network connected device described by the device descriptor a domain identification query according to the descriptor's plurality of supported actions, to determine a new domain device identifier; identifying in the plurality of device descriptors a second device descriptor having a domain device identifier equal to the new domain device identifier; and merging the device descriptor with the second device descriptor.Type: GrantFiled: October 3, 2018Date of Patent: May 12, 2020Assignee: Axonius Solutions Ltd.Inventors: Avidor Bartov, Ofir Yefet, Mark Segal, Itay Weiss, Ofri Shur, Dean Sysman, Shmuel Ur
-
Publication number: 20200112541Abstract: A system for managing network connected devices, comprising at least one hardware processor adapted to produce a plurality of unique device descriptors, each describing one of a plurality of network connected devices, by: for each of a plurality of device descriptors, each having a plurality of supported actions, and one or more domain device identifiers, each identifier associating the device descriptor with one of a plurality of management domains: for each of the plurality of management domains not associated with the device descriptor: instructing execution on a network connected device described by the device descriptor a domain identification query according to the descriptor's plurality of supported actions, to determine a new domain device identifier; identifying in the plurality of device descriptors a second device descriptor having a domain device identifier equal to the new domain device identifier; and merging the device descriptor with the second device descriptor.Type: ApplicationFiled: October 3, 2018Publication date: April 9, 2020Applicant: Axonius Solutions Ltd.Inventors: Avidor BARTOV, Ofir YEFET, Mark SEGAL, Itay WEISS, Ofri SHUR, Dean SYSMAN, Shmuel UR
-
Publication number: 20190311117Abstract: A computer implemented method of detecting execution of unregistered code in a protected networked system, comprising maintaining a pages registry record in a storage of an endpoint in a protected networked system, the pages registry record comprising a registration signature for each of a plurality of registered executable pages, monitoring a plurality of executable pages at a page management level using an adjusted page fault handler of an operating system kernel executed by one or more processors of the endpoint, detecting one or more unregistered executable pages by identifying incompliance of a runtime signature calculated in runtime for the unregistered executable page(s) with respective registration signature stored in the pages registry record and initiating one or more actions in case of the detection of the unregistered executable page(s).Type: ApplicationFiled: June 14, 2017Publication date: October 10, 2019Applicant: Cymmetria, Inc.Inventors: Dean SYSMAN, Imri GOLDBERG, Itamar SHER, Jonathan PERRY, Shmuel UR
-
Patent number: 10270807Abstract: A computer implemented method of detecting unauthorized access to a protected network by monitoring a dynamically updated deception environment, comprising launching, on one or more decoy endpoints, one or more decoy operating system (OS) managing one or more of a plurality of deception applications mapping a plurality of applications executed in a protected network, updating dynamically a usage indication for a plurality of deception data objects deployed in the protected network to emulate usage of the plurality of deception data objects for accessing the deception application(s) wherein the plurality of deception data objects are configured to trigger an interaction with the deception application(s) when used, detecting usage of data contained in the deception data object(s) by monitoring the interaction and identifying one or more potential unauthorized operations based on analysis of the detection.Type: GrantFiled: July 20, 2016Date of Patent: April 23, 2019Assignee: Cymmetria, Inc.Inventors: Dean Sysman, Gadi Evron, Imri Goldberg, Ran Harel, Shmuel Ur
-
Publication number: 20180309787Abstract: A computer implemented method of detecting unauthorized access to a protected network by detecting a usage of dynamically updated deception communication, comprising deploying, in a protected network, a plurality of decoy endpoints configured to transmit one or more communication deception data objects encoded according to one or more communication protocols used in the protected network, instructing a first decoy endpoint of the plurality of decoy endpoints to transmit the communication deception data object(s) to a second decoy endpoint of the plurality of decoy endpoints, monitoring the protected network to detect a usage of data contained in the one or more communication deception data object, detecting one or more potential unauthorized operations based on analysis of the detection and initiating one or more actions according to the detection.Type: ApplicationFiled: July 31, 2017Publication date: October 25, 2018Inventors: Gadi EVRON, Dean SYSMAN, Imri GOLDBERG, Shmuel UR, Itamar SHER
-
Publication number: 20180212995Abstract: A computer implemented method of detecting unauthorized access to a protected network by monitoring a dynamically updated deception environment, comprising launching, on one or more decoy endpoints, one or more decoy operating system (OS) managing one or more of a plurality of deception applications mapping a plurality of applications executed in a protected network, updating dynamically a usage indication for a plurality of deception data objects deployed in the protected network to emulate usage of the plurality of deception data objects for accessing the deception application(s) wherein the plurality of deception data objects are configured to trigger an interaction with the deception application(s) when used, detecting usage of data contained in the deception data object(s) by monitoring the interaction and identifying one or more potential unauthorized operations based on analysis of the detection.Type: ApplicationFiled: July 20, 2016Publication date: July 26, 2018Applicant: Cymmetria , Inc.Inventors: Dean SYSMAN, Gadi EVRON, Imri GOLDBERG, Ran HAREL, Shmuel UR
-
Publication number: 20170359376Abstract: A method for deploying threat specific deception campaigns for updating a score given to a malicious activity threat by performing an analysis of processes executed by computing nodes of a monitored computer network. When an analysis outcome is indicative of a malicious activity threat to the monitored computer network from process(es) executed on one or more of the computing node(s): setting a score to the malicious activity threat according to potential damage characteristic(s) of the malicious activity threat when the score is above a first threshold launch a threat specific deception campaign by using at least one deception application executed by the computing node(s) for gathering additional data and updating the score according to an analysis of the additional data, and when the score/updated score is above a second threshold generate instructions for alerting an operator and/or reacting to the malicious activity on the at computing node(s).Type: ApplicationFiled: June 14, 2017Publication date: December 14, 2017Inventors: Gadi EVRON, Dean Sysman, Imri Goldberg, Shmuel Ur
-
Publication number: 20170134423Abstract: A computer implemented method of detecting unauthorized access to a protected network by monitoring a dynamically updated deception environment, comprising launching, on one or more decoy endpoints, one or more decoy operating system (OS) managing one or more of a plurality of deception applications mapping a plurality of applications executed in a protected network, updating dynamically a usage indication for a plurality of deception data objects deployed in the protected network to emulate usage of the plurality of deception data objects for accessing the deception application(s) wherein the plurality of deception data objects are configured to trigger an interaction with the deception application(s) when used, detecting usage of data contained in the deception data object(s) by monitoring the interaction and identifying one or more potential unauthorized operations based on analysis of the detection.Type: ApplicationFiled: January 25, 2017Publication date: May 11, 2017Inventors: Dean Sysman, Gadi Evron, Imri Goldberg, Itamar Sher, Shmuel Ur