Patents Assigned to Check Point Software Technologies LTD
  • Patent number: 11550934
    Abstract: A method is provided for identifying improperly redacted information in documents. The documents are analyzed to detect redacted areas and text elements and to identify an intersection between a redacted area and a text element. When an area of the intersection is greater than an intersection threshold, the document is identified as containing improperly redacted information.
    Type: Grant
    Filed: March 16, 2021
    Date of Patent: January 10, 2023
    Assignee: CHECK POINT SOFTWARE TECHNOLOGIES, LTD.
    Inventor: Tamir Zegman
  • Patent number: 11489811
    Abstract: Methods and systems are provided for protecting DNS traffic locally on an electronic device (e.g., a smart phone) by capturing DNS traffic from network traffic transmitted from the device and ensuring the DNS traffic is routed to a trusted DNS server via a prescribed transmission protocol.
    Type: Grant
    Filed: August 31, 2021
    Date of Patent: November 1, 2022
    Assignee: Check Point Software Technologies Ltd.
    Inventors: Barak Kfir, Eliyahu Hanokh Sandler
  • Patent number: 11431732
    Abstract: An instantiated application includes both a runtime instantiation of an application image, and an administrative service operable to install in the instantiated application at least one security module during runtime of the instantiated application in a container. Prior to runtime, a design time agent can access the application image in a repository, examine the application image, and based on the examining, adding at least one security module to the application image prior to instantiation. During runtime, a runtime agent can query parameters of the container, such as static and dynamic variables available on the machine on which the container is running. The runtime agent processes these parameters in conjunction with predefined rules to determine an action such as starting, stopping, adding, and/or changing the security module, such as the method of packet inspection.
    Type: Grant
    Filed: July 4, 2019
    Date of Patent: August 30, 2022
    Assignee: CHECK POINT SOFTWARE TECHNOLOGIES LTD.
    Inventor: Ilan Uriel
  • Patent number: 11411924
    Abstract: Methods and systems for processing cryptographically secured connections by a gateway, between a client and a server, are performed. Upon receiving TCP and TLS/SSL handshakes associated with a client side connection, from a client (client computer) to the gateway, a probing connection is established. The probing connection completes the handshakes, and based on the completion of the handshakes, the gateway renders a decision, to bypass, block or inspect, the connections between the client and the server, allowing or not allowing data to pass through the connections between the client and the server.
    Type: Grant
    Filed: December 20, 2018
    Date of Patent: August 9, 2022
    Assignee: CHECK POINT SOFTWARE TECHNOLOGIES LTD.
    Inventors: Pavel Isaev, Idan Sayag, Alexey Volodin, Tamir Zegman
  • Patent number: 11323426
    Abstract: Transparently identifying users using a shared VPN tunnel uses an innovative method to detect a user of a shared VPN tunnel, after authenticating the user, using an assigned userid (that may be a virtual IP). The virtual IP is used as a cookie in each request made by the user. This cookie is an authentication token used by the gateway to detect the user behind a specific request for an Internet resource (such as an http/s request). The cookie is stripped by the gateway so the cookie is not sent to the resource.
    Type: Grant
    Filed: October 19, 2017
    Date of Patent: May 3, 2022
    Assignee: CHECK POINT SOFTWARE TECHNOLOGIES LTD.
    Inventors: Amnon Perlmutter, Lior Drihem, Yair Ziv, Jeremy Sinai, Tsemach Mizrachi
  • Patent number: 11321453
    Abstract: Methods and systems utilizing sandbox outputs for files, such as dynamic file analysis (DFA) reports, regardless of size, to automatically create rules. From these rules, the maliciousness of the file is determined, and if the file is malicious, i.e., malware, the malware is classified into malware families.
    Type: Grant
    Filed: April 18, 2019
    Date of Patent: May 3, 2022
    Assignee: CHECK POINT SOFTWARE TECHNOLOGIES LTD.
    Inventors: Ivan Kosarev, Lotem Finkelstein
  • Patent number: 11165820
    Abstract: Computerized methods and systems detect unauthorized and potentially malicious, as well as malicious records, typically in the form of electronic forms, such as those where users input information (into input blocks or fields), such as bank and financial institution electronic forms and the like. Should such an unauthorized form, be detected, the detection causes the taking of protective action by the computer whose on whose browser the unauthorized form has been rendered.
    Type: Grant
    Filed: October 13, 2015
    Date of Patent: November 2, 2021
    Assignee: CHECK POINT SOFTWARE TECHNOLOGIES LTD.
    Inventors: Oded Vanunu, Liad Mizrachi
  • Patent number: 11075882
    Abstract: Computerized methods and systems reduce the false positive rate of Web Application Firewalls (WAFs), by operating automatically and utilizing system defined “trusted sources”.
    Type: Grant
    Filed: February 28, 2019
    Date of Patent: July 27, 2021
    Assignee: CHECK POINT SOFTWARE TECHNOLOGIES LTD.
    Inventor: Roy Barda
  • Patent number: 10972488
    Abstract: Computerized methods and systems determine an entry point or source of an attack on an endpoint, such as a machine, e.g., a computer, node of a network, system or the like. These computerized methods and systems utilize an attack execution/attack or start root, to build an attack tree, which shows the attack on the end point and the damage caused by the attack, as it propagates through the machine, network, system, or the like.
    Type: Grant
    Filed: September 15, 2019
    Date of Patent: April 6, 2021
    Assignee: CHECK POINT SOFTWARE TECHNOLOGIES LTD.
    Inventors: Anandabrata Pal, Lior Arzi, Tamara Leiderfarb
  • Patent number: 10880316
    Abstract: Computerized methods and systems determine an initial execution of an attack on an endpoint. An indicator of the attack is obtained by analysis of a first process on the endpoint. A sequence of processes that includes the first process associates the initial execution of the attack with the first process. Each respective process in the sequence of processes is created or executed by at least one of the initial execution or a process in the sequence of processes. The initial execution is identified based on linking from the first process to the initial execution through a combination of executions and creations of the processes in the sequence of processes.
    Type: Grant
    Filed: December 9, 2015
    Date of Patent: December 29, 2020
    Assignee: CHECK POINT SOFTWARE TECHNOLOGIES LTD.
    Inventors: Anandabrata Pal, Tamara Leiderfarb, Lior Arzi
  • Patent number: 10728274
    Abstract: Computerized methods and systems inspect data packets received from a web server for the presence of a value from a list of prohibited values. If a prohibited value is absent, a gateway injects at least one JavaScript code segment for execution by a web browser. The at least one JavaScript code segment includes a plurality of JavaScript functions which include at least one security analysis JavaScript function and a plurality of modified JavaScript functions. Each of the modified JavaScript functions is created from a respective native JavaScript function to include at least one code segment that when executed inspects for at least one of: a dynamic modification of at least one JavaScript function from a prohibited list of JavaScript functions, a dynamic creation of at least one JavaScript function from the prohibited list of JavaScript functions, or a dynamic reference to a value from the list of prohibited values.
    Type: Grant
    Filed: September 22, 2016
    Date of Patent: July 28, 2020
    Assignee: CHECK POINT SOFTWARE TECHNOLOGIES LTD.
    Inventors: Ilan Uriel, Aviad Mor
  • Patent number: 10728266
    Abstract: Computerized methods and systems identify malware enabled by automatically generated domain names. An agent executes a malware, in a controlled environment, at a first temporal input value and a second temporal input value. A first set of domain names is generated in response to the execution at the first temporal input value. A second set of domain names is generated in response to the execution at the second temporal input value. The agent compares the first set of domain names with the second set of domain names to produce a comparison output metric.
    Type: Grant
    Filed: August 15, 2017
    Date of Patent: July 28, 2020
    Assignee: CHECK POINT SOFTWARE TECHNOLOGIES LTD.
    Inventor: Aliaksandr Chailytko
  • Patent number: 10645074
    Abstract: A method for monitoring access of users to Internet SaaS applications includes the CISO (company Internet security office) in the configuration and operation of the method, instead of relying only on whatever security the SaaS application implements. Certificates, not accessible to users, are pushed to a user's client. When an access request is received from a client by an application, a gateway requests from the client the certificate. After a notification and approval process with the user, a received certificate is verified, user access to the application is allowed or denied, and the CISO notified of the attempted access.
    Type: Grant
    Filed: March 28, 2017
    Date of Patent: May 5, 2020
    Assignee: CHECK POINT SOFTWARE TECHNOLOGIES LTD.
    Inventors: Alon Boxiner, Liad Mizrachi, Oded Vanunu, Roman Zaikin, Yoav Shay Daniely
  • Patent number: 10567468
    Abstract: Methods and systems provide mechanisms for inspection devices, such as firewalls and servers and computers associated therewith, to selectively manipulate files, for which a download has been requested. The manipulation is performed in a manner which is transparent to the requesting user.
    Type: Grant
    Filed: December 28, 2015
    Date of Patent: February 18, 2020
    Assignee: CHECK POINT SOFTWARE TECHNOLOGIES LTD.
    Inventors: Amnon Perlmutter, Lior Drihem
  • Patent number: 10554629
    Abstract: A method for introducing a replacement code segment over-the-air through a wireless mobile communication network to an existing code resident on a mobile terminal: identifying the mobile terminal from among terminals served through the wireless mobile communication network; sending a push notification through the network to the mobile terminal, the push notification indicative of the replacement code segment ready for downloading; activating a dynamic update module resident in the mobile terminal, in response to the push notification; sending a request for the replacement code segment; downloading the replacement code segment to the mobile terminal; and transferring the downloaded replacement code segment to the dynamic update module for dynamic replacement of a corresponding old code segment within the mobile terminal with the replacement code segment, obviating a need to recompile the existing code.
    Type: Grant
    Filed: June 30, 2016
    Date of Patent: February 4, 2020
    Assignee: CHECK POINT SOFTWARE TECHNOLOGIES LTD.
    Inventors: Yuval Raban, Nadia Goshmir, Shami Reshtik
  • Patent number: 10511616
    Abstract: Disclosed are methods and systems for detecting malware and potential malware based on using generalized attack trees (generalized attack tree graphs). The generalized attack trees are based on attack trees (attack tree graphs), whose objects, such as links and vertices, have been analyzed, and some of these objects have been generalized, resulting in the generalized attack tree of the invention.
    Type: Grant
    Filed: November 6, 2018
    Date of Patent: December 17, 2019
    Assignee: CHECK POINT SOFTWARE TECHNOLOGIES LTD.
    Inventors: Tamara Leiderfarb, Lior Arzi, Anandabrata Pal
  • Patent number: 10462160
    Abstract: Computerized methods and systems identify events associated with an attack initiated on an endpoint client. A listing of processes executed or created on the endpoint during the attack is obtained. The listing of processes includes a first process and at least one subsequent process executed or created by the first process. The computerized methods and systems analyze for the occurrence of at least one event during a time interval associated with the attack. The computerized methods and systems determine whether the listing of processes includes a process that when executed caused the occurrence of the at least one event. If the listing of processes excludes process that when executed caused the occurrence of the at least one event, the at least one event and the causing process are stored, for example, in a database or memory.
    Type: Grant
    Filed: October 13, 2016
    Date of Patent: October 29, 2019
    Assignee: CHECK POINT SOFTWARE TECHNOLOGIES LTD.
    Inventors: Lior Arzi, Tamara Leiderfarb, Anandabrata Pal
  • Patent number: 10382493
    Abstract: Computerized methods and systems receive neutralized data items on a first entity from a second entity over a network by receiving a first data item from the second entity. A security protocol that applies rules and policies is applied to the first data item to create a second data item that is a neutralized version of the first data item. The first data item and the second data item are converted into comparable forms. The second data item is analyzed against the first data item by comparing the comparable forms to form at least one comparison measure. The second data item is received on the endpoint if the at least one comparison measure satisfies a threshold criterion. The security protocol is modified to adjust the applied rules and policies if the at least one comparison measure does not satisfy the threshold criterion.
    Type: Grant
    Filed: June 9, 2016
    Date of Patent: August 13, 2019
    Assignee: CHECK POINT SOFTWARE TECHNOLOGIES LTD.
    Inventors: Daniel Finchelstein, Amnon Perlmutter
  • Patent number: 10243741
    Abstract: Securely exchanging keys to establish secure connections to low powered connected devices (LPCDs), such as smart devices and IoT (Internet Of Things) devices, and mutual authentication between these devices and third party controllers is accomplished via a higher performance machine configured with a dedicated remote service (DRS). A known symmetric pre-shared key (PSK) is used to establish a secure first connection between the LPCD and the DRS using another symmetric key. The DRS can then use asymmetric key exchange to securely send a new symmetric key to the 3P, and send the same new symmetric key to the LPCD using the secure first connection. This facilitates LPCDs to securely establish secure communications with other devices, in particular for control by third party (3P) devices. This also allows authentication of the LPCD with cloud services, and enables a DRS to vouch for associated devices to other DRSs.
    Type: Grant
    Filed: March 30, 2017
    Date of Patent: March 26, 2019
    Assignee: CHECK POINT SOFTWARE TECHNOLOGIES LTD.
    Inventors: Yiftach Cohen, Erez Geva
  • Patent number: 10057390
    Abstract: Methods and systems provide mechanisms for inspection devices, such as firewalls and servers and computers associated therewith, to modify HTTP requests, without requiring the inspection device to terminate the connections at the TCP (Transport Control Protocol) level, as occurs with contemporary web proxies, e.g., web proxy servers—either explicit or implicit proxies.
    Type: Grant
    Filed: April 1, 2015
    Date of Patent: August 21, 2018
    Assignee: CHECK POINT SOFTWARE TECHNOLOGIES LTD.
    Inventors: Amnon Perlmutter, Lior Drihem