Patents by Inventor Yaniv Shaked
Yaniv Shaked has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 12001585Abstract: A system and method for agentless detection of sensitive data in a cloud computing environment. The method includes detecting a first data object including a data schema and a content in a cloud computing environment; detecting a second data object, having the data schema of the first data object; generating in a security graph: a first data object node representing the first data object, a second data object node representing the second data object, and a data schema node representing the data schema; storing a classification based on the content in the security graph, wherein the content is classified as sensitive data or non-sensitive data; and rendering an output based on the classification and the data schema node, in lieu of the first data object node and the second data object node, in response to receiving a query to detect a node representing a data object classified as sensitive data.Type: GrantFiled: October 24, 2022Date of Patent: June 4, 2024Assignee: WIZ, INC.Inventors: Raaz Herzberg, Avi Tal Lichtenstein, Roy Reznik, Ami Luttwak, Moran Cohen, Yaniv Shaked, Yinon Costica, George Pisha
-
Patent number: 12003630Abstract: A system and method reduces use of restricted operations in a cloud computing environment during cybersecurity threat inspection. The method includes: detecting an encrypted disk in a cloud computing environment, the encrypted disk encrypted utilizing a first key in a key management system (KMS); generating a second key in the KMS, the second key providing access for a principal of an inspection environment; generating a snapshot of the encrypted disk; generating a volume based on the snapshot, wherein the volume is re-encrypted with the second key; generating a snapshot of the re-encrypted volume; generating an inspectable disk from the snapshot of the re-encrypted volume; and initiating inspection for a cybersecurity object on the inspectable disk.Type: GrantFiled: July 26, 2023Date of Patent: June 4, 2024Assignee: Wiz, Inc.Inventors: Shahar Rand, Eric Abramov, Yaniv Shaked, Elad Gabay
-
Patent number: 12003520Abstract: A method for scalable vulnerability detection is provided. The method includes selecting at least a workload of a plurality of workloads deployed in a first cloud environment for inspection, wherein the workload includes a first volume; generating in a remote cluster an inspection node, the inspection node including at least a first disk, wherein the remote cluster provisions inspection nodes in response to demand for inspection nodes; generating a persistent volume (PV) on which the at least a first disk is mounted, wherein the at least a first disk is generated from a snapshot of the first volume; and generating a persistent volume claim (PVC) of the PV for an inspector workload, wherein the inspector workload is configured to inspect the PV for an object, and wherein inspector workloads are provisioned in response to demand for inspector workloads.Type: GrantFiled: September 15, 2023Date of Patent: June 4, 2024Assignee: Wiz, Inc.Inventors: Yarin Miran, Ami Luttwak, Roy Reznik, Avihai Berkovitz, Moran Cohen, Yaniv Shaked, Yaniv Joseph Oliver
-
Techniques for detecting artificial intelligence model cybersecurity risk in a computing environment
Patent number: 12003529Abstract: A system and method for detecting a cybersecurity risk of an artificial intelligence (AI), is presented. The method includes: inspecting a computing environment for an AI model deployed therein; generating a representation of the AI model in a security database, the security database including a representation of the computing environment; inspecting the AI model for a cybersecurity risk; generating a representation of the cybersecurity risk in the security database, the representation of the cybersecurity risk connected to the representation of the AI model in response to detecting the cybersecurity risk; and initiating a mitigation action based on the cybersecurity risk.Type: GrantFiled: February 22, 2024Date of Patent: June 4, 2024Assignee: Wiz, Inc.Inventors: Amitai Cohen, Barak Sharoni, Shir Tamari, George Pisha, Itay Arbel, Daniel Velikanski, Yaniv Shaked -
Publication number: 20240179032Abstract: Various aspects of the present disclosure generally relate to wireless communication. In some aspects, a user equipment (UE) may receive, from a network node, an indication of a slot to be associated with precoder estimation, the indication of the slot including an indication of a first precoder and one or more parameters associated with the slot. The UE may receive, from the network node and during the slot, a first one or more reference signals associated with estimating a physical channel using the first precoder and a second one or more reference signals associated with estimating a second precoder using the estimated physical channel. The UE may receive, from the network node, one or more signals based on the second precoder. Numerous other aspects are described.Type: ApplicationFiled: November 28, 2022Publication date: May 30, 2024Inventors: Yaniv EISTEIN, Ronen SHAKED, Aviv REGEV, Lev ZAVUROV
-
Patent number: 11995193Abstract: An architecture of a multi-cloud inspector for any computing device type is provided. According to an embodiment, a method for implementing multi-cloud inspection includes accessing an object list, determining which objects to inspect, determining which inspectors to use, creating object copies, providing and running inspectors for each object copy, receiving inspection report summaries, generating an enriched dataset, and adding the enriched dataset to a security graph database.Type: GrantFiled: September 28, 2023Date of Patent: May 28, 2024Assignee: WIZ, INC.Inventors: Yaniv Shaked, Ami Luttwak, Gal Kozoshnik, Roy Reznik, Yarin Miran
-
Patent number: 11997034Abstract: Methods, systems, and devices for wireless communications are described. A transmitting device may select a scrambling sequence to use per symbol to reduce variance in a non-linearity parameter for a power amplifier (PA) output between a data symbol and a pilot symbol based on a PA model for at least one pilot symbol or one or more parameters of the model. The receiving device may indicate a capability to blindly estimate the scrambling sequence the transmitting device selected to the transmitting device. If the transmitting device does not receive the capability message from the receiving device or if the capability message indicates the receiving device is not capable of blind estimation, the transmitting device may indicate the selected scrambling sequence to the receiving device. Otherwise, the transmitting device may not indicate the selected scrambling sequence to the receiving device, and the receiving device may blindly estimate the scrambling sequence.Type: GrantFiled: May 13, 2021Date of Patent: May 28, 2024Assignee: QUALCOMM IncorporatedInventors: Gideon Shlomo Kutz, Assaf Touboul, Ronen Shaked, Elad Meir, Amit Bar-Or Tillinger, Yaniv Eistein, Michael Levitsky, Shay Landis, Tal Oved
-
Publication number: 20240146579Abstract: Methods, systems, and devices for wireless communications are described. A user equipment (UE) may receive a downlink message which may include an indication of a precoder applied to one or more downlink signals. The UE may receive the one or more downlink signals using a demodulation reference signal (DMRS) and the precoder, where the one or more downlink signals may be mismatched in gain and phase. The UE may perform an iterative channel estimation procedure to estimate the downlink channel. The UE may then perform a gain and phase mismatch equalization procedure to equalize an estimated gain and phase mismatch of the one or more downlink signals based on the estimated downlink channel and the precoder. The UE may then receive one or more equalized downlink signals in accordance with the gain and phase mismatch equalization procedure.Type: ApplicationFiled: October 26, 2022Publication date: May 2, 2024Inventors: Aviv Regev, Ronen Shaked, Yaniv Eistein
-
Patent number: 11973770Abstract: A method for scalable vulnerability detection is provided. The method includes selecting at least a workload of a plurality of workloads deployed in a first cloud environment for inspection, wherein the workload includes a first volume; generating in a remote cluster an inspection node, the inspection node including at least a first disk, wherein the remote cluster provisions inspection nodes in response to demand for inspection nodes; generating a persistent volume (PV) on which the at least a first disk is mounted, wherein the at least a first disk is generated from a snapshot of the first volume; and generating a persistent volume claim (PVC) of the PV for an inspector workload, wherein the inspector workload is configured to inspect the PV for an object, and wherein inspector workloads are provisioned in response to demand for inspector workloads.Type: GrantFiled: November 22, 2021Date of Patent: April 30, 2024Assignee: Wiz, Inc.Inventors: Yarin Miran, Ami Luttwak, Roy Reznik, Avihai Berkovitz, Moran Cohen, Yaniv Shaked, Yaniv Joseph Oliver
-
Publication number: 20240135027Abstract: A system and method for agentless detection of sensitive data in a cloud computing environment is disclosed. The method includes: generating an inspectable disk from a clone of an original disk in a cloud computing environment; inspecting the inspectable disk for a cybersecurity object, the cybersecurity object indicating a sensitive data, the disk deployed in a cloud computing environment; extracting a data schema from the cybersecurity object, in response to detecting the cybersecurity object on the disk; generating a classification of the data schema; detecting in the disk a plurality of data files, each data file including the classified data schema; determining that the data schema corresponds to sensitive data based on the generated classification; generating in a security database: a representation of the data schema, and a representation of each data file; and rendering a visual representation of the cloud computing environment including a representation of the data schema.Type: ApplicationFiled: December 29, 2023Publication date: April 25, 2024Applicant: Wiz, Inc.Inventors: Raaz HERZBERG, Avi Tal LICHTENSTEIN, Roy REZNIK, Ami LUTTWAK, Moran COHEN, Yaniv SHAKED, Yinon COSTICA, George PISHA, Daniel Hershko SHEMESH, Yarin MIRAN
-
Patent number: 11968062Abstract: Methods, systems, and devices for wireless communications are described. A user equipment (UE) may receive a downlink message which may include an indication of a precoder applied to one or more downlink signals. The UE may receive the one or more downlink signals using a demodulation reference signal (DMRS) and the precoder, where the one or more downlink signals may be mismatched in gain and phase. The UE may perform an iterative channel estimation procedure to estimate the downlink channel. The UE may then perform a gain and phase mismatch equalization procedure to equalize an estimated gain and phase mismatch of the one or more downlink signals based on the estimated downlink channel and the precoder. The UE may then receive one or more equalized downlink signals in accordance with the gain and phase mismatch equalization procedure.Type: GrantFiled: October 26, 2022Date of Patent: April 23, 2024Assignee: QUALCOMM IncorporatedInventors: Aviv Regev, Ronen Shaked, Yaniv Eistein
-
Publication number: 20240129121Abstract: A system and method for inspecting encrypted disks for a cybersecurity object using a custom key are disclosed. The method includes detecting an encrypted disk in a cloud computing environment, the cloud computing environment including a security policy service; authorizing a key policy on the security policy service for a custom key of an inspector account, wherein the key policy is a policy authorized to decrypt the encrypted disk; generating a second encrypted disk based on the encrypted disk; inspecting the second encrypted disk for a cybersecurity object with the custom key; and releasing a resource allocated to the second encrypted disk in response to completing the inspection.Type: ApplicationFiled: December 26, 2023Publication date: April 18, 2024Applicant: Wiz, Inc.Inventors: Daniel Hershko SHEMESH, Yarin MIRAN, Roy REZNIK, Ami LUTTWAK, Yinon COSTICA, Yaniv SHAKED, Eyal MOSCOVICI
-
Patent number: 11954516Abstract: A system and method for inspecting managed workloads in a cloud computing environment for cybersecurity threats improves inspection of managed workload service repositories, by only inspecting bases of managed workload deployed in the cloud computing environment. The method includes discovering a managed workload deployed in a cloud computing environment; determining an identifier of the managed workload, wherein the identifier includes an indicator to a base repository in which a base is stored, and wherein the managed workload is currently deployed in the cloud computing environment, the base repository further storing a plurality of bases, wherein a portion of the plurality of bases do not correspond to a deployed workload; accessing the base repository to pull the base; and inspecting the base of the deployed managed workload for a cybersecurity threat.Type: GrantFiled: September 15, 2023Date of Patent: April 9, 2024Assignee: WIZ, INC.Inventors: Niv Roit Ben David, Yaniv Shaked, Yarin Miran, Raaz Herzberg, Amir Lande Blau
-
Publication number: 20240104222Abstract: A system and method for evaluating definitions from a markup language document for agentless host configuration of an image in a virtualized computing environment generates an instruction to deploy a virtual instance based on a base image, the virtual instance including a disk. The method further includes generating an inspectable disk based on the disk of the virtual instance; receiving a markup language document, the document including a plurality of definitions, each including a data element; inspecting the inspectable disk for a cybersecurity object corresponding to a data element of a first definition of the plurality of definitions; evaluating the first definition based on the cybersecurity object to generate an evaluated first definition result, in response to determining that the definition is evaluable; generating an output based on the evaluated first definition result; and generating the output based on a notification, in response to determining that the definition is unevaluable.Type: ApplicationFiled: September 23, 2022Publication date: March 28, 2024Applicant: Wiz, Inc.Inventors: Yaniv SHAKED, Mattan SHALEV, Gal KOZOSHNIK, Daniel KLEIN, Roy REZNIK, Ami LUTTWAK
-
Publication number: 20240104118Abstract: A system and method for agentless detection of sensitive data in a cloud computing environment includes generating a snapshot from a managed database service, the snapshot including a plurality of data files stored in a bucket on a cloud computing environment; detecting a data object in the plurality of data files, the data object including a data schema and a content; classifying the first data object based on the content, wherein the content is classified as sensitive data or non-sensitive data; and generating a node on a security graph stored in a graph database to represent the first data object and the classification thereof, wherein the security graph further includes a representation of the cloud computing environment.Type: ApplicationFiled: October 24, 2022Publication date: March 28, 2024Applicant: Wiz, Inc.Inventors: Raaz HERZBERG, Avi Tal LICHTENSTEIN, Roy REZNIK, Ami LUTTWAK, Moran COHEN, Yaniv SHAKED, Yinon COSTICA, George PISHA
-
Publication number: 20240104240Abstract: A system and method for agentless detection of sensitive data in a cloud computing environment. The method includes detecting a first data object including a data schema and a content in a cloud computing environment; detecting a second data object, having the data schema of the first data object; generating in a security graph: a first data object node representing the first data object, a second data object node representing the second data object, and a data schema node representing the data schema; storing a classification based on the content in the security graph, wherein the content is classified as sensitive data or non-sensitive data; and rendering an output based on the classification and the data schema node, in lieu of the first data object node and the second data object node, in response to receiving a query to detect a node representing a data object classified as sensitive data.Type: ApplicationFiled: October 24, 2022Publication date: March 28, 2024Applicant: Wiz, Inc.Inventors: Raaz HERZBERG, Avi Tal LICHTENSTEIN, Roy REZNIK, Ami LUTTWAK, Moran COHEN, Yaniv SHAKED, Yinon COSTICA, George PISHA
-
Publication number: 20240104235Abstract: A system and method for agentless detection of sensitive data in a cloud computing environment includes generating a snapshot from a managed database service, the snapshot including a plurality of data files stored in a bucket on a cloud computing environment; deploying a virtual instance based on the snapshot to generate a database, the database including a database management system (DBMS); querying the DBMS to fetch data from the database; classifying the fetched data, wherein the fetched data is classified as sensitive data or non-sensitive data; and generating a node on a security graph stored in a graph database to represent the fetched data and the classification thereof, wherein the security graph includes a representation of the cloud computing environment.Type: ApplicationFiled: October 24, 2022Publication date: March 28, 2024Applicant: Wiz, Inc.Inventors: Raaz HERZBERG, Avi Tal LICHTENSTEIN, Roy REZNIK, Ami LUTTWAK, Moran COHEN, Yaniv SHAKED, Yinon COSTICA, George PISHA
-
Patent number: 11936785Abstract: A system and method for inspecting encrypted disks for a cybersecurity object using a custom key are disclosed. The method includes detecting an encrypted disk in a cloud computing environment, the cloud computing environment including a security policy service; authorizing a key policy on the security policy service for a custom key of an inspector account, wherein the key policy is a policy authorized to decrypt the encrypted disk; generating a second encrypted disk based on the encrypted disk; inspecting the second encrypted disk for a cybersecurity object with the custom key; and releasing a resource allocated to the second encrypted disk in response to completing the inspection.Type: GrantFiled: October 4, 2023Date of Patent: March 19, 2024Assignee: WIZ, INC.Inventors: Daniel Hershko Shemesh, Yarin Miran, Roy Reznik, Ami Luttwak, Yinon Costica, Yaniv Shaked, Eyal Moscovici
-
Publication number: 20240086524Abstract: A system and method for evaluating definitions from a markup language document for agentless host configuration includes generating an inspectable disk based on a disk of a host, the host deployed in a virtualized computing environment. The system is configured to: receive a markup language document, the markup language document including a plurality of definitions, each definition including a data element; inspect the inspectable disk for a cybersecurity object corresponding to a first data element of a first definition of the plurality of definitions; evaluate the first definition further based on the cybersecurity object to generate an evaluated first definition result, in response to determining that the definition is evaluable; generate an output based on the evaluated first definition result; and generate the output based on a predetermined notification, in response to determining that the definition is unevaluable.Type: ApplicationFiled: September 8, 2022Publication date: March 14, 2024Applicant: Wiz, Inc.Inventors: Yaniv SHAKED, Mattan SHALEV, Gal KOZOSHNIK, Daniel KLEIN, Roy REZNIK, Ami LUTTWAK
-
Publication number: 20240089163Abstract: Aspects are provided which allow for a network entity such as a base station to configure odd modulation orders to be applied to downlink or uplink transmissions via signaling between the network entity and the UE. Initially, the network entity transmits a configuration to the UE indicating network support for communications using odd order modulation. Afterwards, the UE transmits, and the network entity receives, data in a signal using the odd order modulation. As a result, improved SPEF, PAPR reduction, and phase noise mitigation associated with odd order modulations may be realized through application of odd order modulations to data transmissions or receptions based on network support being configured for such odd order modulations.Type: ApplicationFiled: September 9, 2022Publication date: March 14, 2024Inventors: Ronen SHAKED, Yaniv EISTEIN