Patents Assigned to Check Point Software Technologies LTD
  • Patent number: 12289330
    Abstract: A system and method for securing software as a service (SaaS) platforms by providing inter-service visibility. A method includes identifying, based on log data of a first service, a second service connected to the first service, wherein each of the first service and the second service is a set of functions for performing a respective task, wherein the second service is called by the first service; identifying a plurality of patterns in communications between the first service and the second service in the log data of the first service; creating, based on the identified plurality of patterns, a baseline for communications between the first service and the second service; detecting an anomalous communication between the first service and the second service, wherein the anomalous communication deviates from the baseline; and performing a mitigation action with respect to the detected anomalous communication.
    Type: Grant
    Filed: August 8, 2022
    Date of Patent: April 29, 2025
    Assignee: Check Point Software Technologies Ltd.
    Inventors: Michael Seltzer, Aner Gelman, Shaked Gitelman
  • Publication number: 20250110816
    Abstract: A system and method are provided for utilizing a service's Application Programming Interface (API) documentation, generating an OpenAPI specification for the API, enriching the OpenAPI specification with artificial intelligence (AI) generated explanatory notes, and integrating the enriched OpenAPI specification with an AI engine (e.g., a natural language model, large language model, etc.). This process may permit users to interact with the service through natural language.
    Type: Application
    Filed: September 28, 2023
    Publication date: April 3, 2025
    Applicant: CHECK POINT SOFTWARE TECHNOLOGIES LTD.
    Inventors: Barak KFIR, Albert HAVINSON, Nofar BARDUGO, Dan KARPATI, Tamir ZEGMAN
  • Publication number: 20250112963
    Abstract: A computer device (referred to as a processing engine), system, and method are provided for refactoring an original security policy using an artificial intelligence (AI) engine including a large language model (LLM). The processing engine parses policy data converts the original security policy into a code representation and sends the converted code representation to the AI engine. The AI engine analyzes the original security policy by applying the LLM to the code representation and identifies policy insights that are sent to the processing engine.
    Type: Application
    Filed: June 27, 2024
    Publication date: April 3, 2025
    Applicant: Check Point Software Technologies Ltd.
    Inventors: Barak KFIR, Nofar BARDUGO, Dan KARPATI, Eliyahu Hanokh SANDLER, Tamir ZEGMAN
  • Publication number: 20250071119
    Abstract: A device and method for employing a machine learning model using processor circuitry to intelligently predict user permissions within a network environment and output a restriction recommendation for modifying user permissions.
    Type: Application
    Filed: August 21, 2023
    Publication date: February 27, 2025
    Applicant: CHECK POINT SOFTWARE TECHNOLOGIES LTD.
    Inventors: Yosef Ben SHLOMO, Ori JOSEPH, Erez ISRAEL, Eliya MOREINIS ADAR, Arie BLUMIN
  • Patent number: 12238067
    Abstract: A computer implemented method of automatically generating security rules for a networked environment based on anomalies identified using Machine Learning (ML), comprising receiving one or more feature vectors each comprising a plurality of operational parameters of a plurality of objects of a networked environment, identifying one or more anomaly patterns in the networked environment by applying one or more trained ML models to the one or more feature vectors trained to identify patterns deviating from normal behavior of the plurality of objects, parsing each anomaly patterns to a set of behavioral rules by traversing the anomaly pattern through a tree-like decision model, and generating one or more security rules for the networked environment according to the set(s) of behavior rules. Wherein the one or more security rules are applied to increase security of the networked environment.
    Type: Grant
    Filed: December 13, 2021
    Date of Patent: February 25, 2025
    Assignee: CHECK POINT SOFTWARE TECHNOLOGIES LTD.
    Inventor: Rony Pikarski
  • Publication number: 20250007934
    Abstract: A device and method for classifying network devices based on their manufacturer (also referred to as vendor or brand) and function (e.g., printer, car, thermostat, etc.). This classification process utilizes a trained model that leverages parameters associated with the device's network activity as input.
    Type: Application
    Filed: June 30, 2023
    Publication date: January 2, 2025
    Applicant: CHECK POINT SOFTWARE TECHNOLOGIES LTD.
    Inventors: Amit ELHELO, Dmitry ZINKEVICH, Erez ISRAEL, Daniel COHEN-SASON, Ofek DADUSH, Natan KATZ
  • Patent number: 12155694
    Abstract: A device, system, and method are provided for detecting an email phishing attack by training graph neural network to detect phishing emails based on hypertext markup language (HTML) tags and cascading style sheets (CSS) included in an email. Noise is added during the training of the graph neural network to make the trained graph neural networks more robust against small changes in the training data.
    Type: Grant
    Filed: September 30, 2022
    Date of Patent: November 26, 2024
    Assignee: Check Point Software Technologies Ltd.
    Inventors: Natan Katz, Raphael Lior Gozlan, Dor Livne
  • Patent number: 11968223
    Abstract: A method and system is provided for setting network policies based on electronic devices connected to a network. The electronic devices present on the network are detected and their behavior is captured using profiles. These profiles are then used to generate network policies based on the electronic devices connected to the network. Instead of reacting to behavior of the electronic devices (e.g., anomaly detection to detect malware), the method and system sets the network policies to prevent unauthorized communications (e.g., before malware is present in the system).
    Type: Grant
    Filed: February 2, 2023
    Date of Patent: April 23, 2024
    Assignee: Check Point Software Technologies Ltd.
    Inventors: Daniel Cohen-Sason, Pini Shamgar, Yevgeny Fabrikant
  • Patent number: 11960606
    Abstract: A system, method, and device are provided for detecting and mitigating a storage attack at the block level by generating canary blocks by marking blocks of data (referred to as memory blocks) such that other programs do not modify these canary blocks that are monitored to detect data storage attacks that attempt to modify the canary blocks and/or by monitoring statistical and behavioral features of activities over blocks, whether they can be modified by other programs or not. The system and method also backup the memory blocks by backing up memory blocks as they are modified. When a data storage attack is detected, the attack is stopped, and the files are remediated using the backup of the affected memory blocks.
    Type: Grant
    Filed: March 24, 2022
    Date of Patent: April 16, 2024
    Assignee: Check Point Software Technologies Ltd.
    Inventors: Liran Orevi, Haggai David
  • Patent number: 11843614
    Abstract: An instantiated application includes both a runtime instantiation of an application image, and an administrative service operable to install in the instantiated application at least one security module during runtime of the instantiated application in a container. Prior to runtime, a design time agent can access the application image in a repository, examine the application image, and based on the examining, adding at least one security module to the application image prior to instantiation. During runtime, a runtime agent can query parameters of the container, such as static and dynamic variables available on the machine on which the container is running. The runtime agent processes these parameters in conjunction with predefined rules to determine an action such as starting, stopping, adding, and/or changing the security module, such as the method of packet inspection.
    Type: Grant
    Filed: December 30, 2021
    Date of Patent: December 12, 2023
    Assignee: CHECK POINT SOFTWARE TECHNOLOGIES LTD.
    Inventor: Ilan Uriel
  • Patent number: 11797685
    Abstract: An automated method executed by circuitry is provided for monitoring a software platform including multiple pods that manage, deploy, and execute micro services. The method uses monitoring pods at locations of interest in the software platform to label transactions that pass through the monitoring pods. The labels applied to the transactions are sent to a security program for review.
    Type: Grant
    Filed: September 18, 2020
    Date of Patent: October 24, 2023
    Assignee: Check Point Software Technologies LTD.
    Inventor: Ilan Uriel
  • Patent number: 11606375
    Abstract: Computerized methods and systems identify malware enabled by automatically generated domain names. An agent executes a malware, in a controlled environment, at a first temporal input value and a second temporal input value. A first set of domain names is generated in response to the execution at the first temporal input value. A second set of domain names is generated in response to the execution at the second temporal input value. The agent compares the first set of domain names with the second set of domain names to produce a comparison output metric.
    Type: Grant
    Filed: June 9, 2020
    Date of Patent: March 14, 2023
    Assignee: CHECK POINT SOFTWARE TECHNOLOGIES LTD.
    Inventor: Aliaksandr Chailytko
  • Patent number: 11601459
    Abstract: A method and system is provided for setting network policies based on electronic devices connected to a network. The electronic devices present on the network are detected and their behavior is captured using profiles. These profiles are then used to generate network policies based on the electronic devices connected to the network. Instead of reacting to behavior of the electronic devices (e.g., anomaly detection to detect malware), the method and system sets the network policies to prevent unauthorized communications (e.g., before malware is present in the system).
    Type: Grant
    Filed: January 27, 2021
    Date of Patent: March 7, 2023
    Assignee: CHECK POINT SOFTWARE TECHNOLOGIES LTD.
    Inventors: Daniel Cohen-Sason, Pini Shamgar, Yevgeny Fabrikant
  • Patent number: 11550934
    Abstract: A method is provided for identifying improperly redacted information in documents. The documents are analyzed to detect redacted areas and text elements and to identify an intersection between a redacted area and a text element. When an area of the intersection is greater than an intersection threshold, the document is identified as containing improperly redacted information.
    Type: Grant
    Filed: March 16, 2021
    Date of Patent: January 10, 2023
    Assignee: CHECK POINT SOFTWARE TECHNOLOGIES, LTD.
    Inventor: Tamir Zegman
  • Patent number: 11489811
    Abstract: Methods and systems are provided for protecting DNS traffic locally on an electronic device (e.g., a smart phone) by capturing DNS traffic from network traffic transmitted from the device and ensuring the DNS traffic is routed to a trusted DNS server via a prescribed transmission protocol.
    Type: Grant
    Filed: August 31, 2021
    Date of Patent: November 1, 2022
    Assignee: Check Point Software Technologies Ltd.
    Inventors: Barak Kfir, Eliyahu Hanokh Sandler
  • Patent number: 11431732
    Abstract: An instantiated application includes both a runtime instantiation of an application image, and an administrative service operable to install in the instantiated application at least one security module during runtime of the instantiated application in a container. Prior to runtime, a design time agent can access the application image in a repository, examine the application image, and based on the examining, adding at least one security module to the application image prior to instantiation. During runtime, a runtime agent can query parameters of the container, such as static and dynamic variables available on the machine on which the container is running. The runtime agent processes these parameters in conjunction with predefined rules to determine an action such as starting, stopping, adding, and/or changing the security module, such as the method of packet inspection.
    Type: Grant
    Filed: July 4, 2019
    Date of Patent: August 30, 2022
    Assignee: CHECK POINT SOFTWARE TECHNOLOGIES LTD.
    Inventor: Ilan Uriel
  • Patent number: 11411924
    Abstract: Methods and systems for processing cryptographically secured connections by a gateway, between a client and a server, are performed. Upon receiving TCP and TLS/SSL handshakes associated with a client side connection, from a client (client computer) to the gateway, a probing connection is established. The probing connection completes the handshakes, and based on the completion of the handshakes, the gateway renders a decision, to bypass, block or inspect, the connections between the client and the server, allowing or not allowing data to pass through the connections between the client and the server.
    Type: Grant
    Filed: December 20, 2018
    Date of Patent: August 9, 2022
    Assignee: CHECK POINT SOFTWARE TECHNOLOGIES LTD.
    Inventors: Pavel Isaev, Idan Sayag, Alexey Volodin, Tamir Zegman
  • Patent number: 11323426
    Abstract: Transparently identifying users using a shared VPN tunnel uses an innovative method to detect a user of a shared VPN tunnel, after authenticating the user, using an assigned userid (that may be a virtual IP). The virtual IP is used as a cookie in each request made by the user. This cookie is an authentication token used by the gateway to detect the user behind a specific request for an Internet resource (such as an http/s request). The cookie is stripped by the gateway so the cookie is not sent to the resource.
    Type: Grant
    Filed: October 19, 2017
    Date of Patent: May 3, 2022
    Assignee: CHECK POINT SOFTWARE TECHNOLOGIES LTD.
    Inventors: Amnon Perlmutter, Lior Drihem, Yair Ziv, Jeremy Sinai, Tsemach Mizrachi
  • Patent number: 11321453
    Abstract: Methods and systems utilizing sandbox outputs for files, such as dynamic file analysis (DFA) reports, regardless of size, to automatically create rules. From these rules, the maliciousness of the file is determined, and if the file is malicious, i.e., malware, the malware is classified into malware families.
    Type: Grant
    Filed: April 18, 2019
    Date of Patent: May 3, 2022
    Assignee: CHECK POINT SOFTWARE TECHNOLOGIES LTD.
    Inventors: Ivan Kosarev, Lotem Finkelstein
  • Patent number: 11165820
    Abstract: Computerized methods and systems detect unauthorized and potentially malicious, as well as malicious records, typically in the form of electronic forms, such as those where users input information (into input blocks or fields), such as bank and financial institution electronic forms and the like. Should such an unauthorized form, be detected, the detection causes the taking of protective action by the computer whose on whose browser the unauthorized form has been rendered.
    Type: Grant
    Filed: October 13, 2015
    Date of Patent: November 2, 2021
    Assignee: CHECK POINT SOFTWARE TECHNOLOGIES LTD.
    Inventors: Oded Vanunu, Liad Mizrachi