Patents Assigned to Dazz, Inc.
-
Publication number: 20250258912Abstract: A system and method for machine learning training. A method includes clustering cybersecurity alerts from different alert sources into clusters based on features distances between alerts. A subset of the cybersecurity alerts is selected from each cluster based on the cluster center of the cluster. Each subset is presented via a user device in order to obtain a set of user inputs with respect to each presented subset. A training set is created based on the user inputs with respect to each presented subset. The training set includes the cybersecurity alerts and corresponding training prioritizations. A prioritization machine learning model is trained to prioritize cybersecurity alerts from the plurality of alert sources using the training set.Type: ApplicationFiled: April 3, 2025Publication date: August 14, 2025Applicant: Dazz, Inc.Inventors: Eshel YARON, Barak BERCOVITZ
-
Publication number: 20250211478Abstract: A system and method for alert mitigation. A method includes identifying timestamps in log data with respect to a graph. The nodes include computing resource nodes representing computing resources and user nodes representing entities which make changes to the computing infrastructure with respect to the computing resources. Temporal variations of the graph are created by assigning a time value to each edge based on the identified timestamps, where the time value assigned to each edge represents a time of a change in the computing infrastructure. A temporal variation is retrieved from the graph based on a time. The retrieved temporal variation includes a subset of the nodes and edges determined based on the time value assigned to each edge. A root cause of an alert is determined based on the retrieved temporal variation. Mitigation actions are performed based on the root cause.Type: ApplicationFiled: February 20, 2025Publication date: June 26, 2025Applicant: Dazz, Inc.Inventors: Eshel YARON, Barak BERCOVITZ, Dvir HAZOUT
-
Publication number: 20250209163Abstract: A system and method for securing deployment of computing infrastructure resources.Type: ApplicationFiled: February 20, 2025Publication date: June 26, 2025Applicant: Dazz, Inc.Inventors: Omer DEUTSCHER, Tomer SCHWARTZ, Eshel YARON, Barak BERCOVITZ
-
Publication number: 20250190556Abstract: Systems and methods for alert deduplication. A method includes querying a software component associations database based on a plurality of software containers indicated by a plurality of alerts in order to identify a plurality of correlations between software containers among the plurality of software containers, wherein the software component associations database stores at least associations between configuration files of the plurality of software containers and build files used to build the plurality of software containers; identifying at least one set of duplicate alerts among the plurality of alerts based on the identified plurality of correlations, wherein each set of duplicate alerts includes at least two alerts of the plurality of alerts which indicate correlated software containers among the plurality of software containers; and deduplicating the plurality of alerts based on the identified at least one set of duplicate alerts in order to produce a deduplicated set of alerts.Type: ApplicationFiled: February 20, 2025Publication date: June 12, 2025Applicant: Dazz, Inc.Inventors: Oren YONA, Eyal GOLOMBEK, Tomer SCHWARTZ, Eshel YARON, Pavel RESNIANSKI
-
Publication number: 20250190555Abstract: A system and method for remediating cybersecurity events. A method includes creating a semantic concepts dictionary defining semantic concepts representing characteristics of software components. An entity graph is created based on correlations between entities, where the entity graph has nodes representing respective entities and the entities include software components of a software infrastructure as well as event logic components of cybersecurity event logic deployed with respect to the software infrastructure. A knowledge base is built such that the knowledge base includes the semantic concepts dictionary and the entity graph. The knowledge base is queried using a query generated based on one or more semantic concepts and one or more entity-identifying values extracted from cybersecurity event data. The query includes at least one semantic concept and at least one entity-identifying value. One or more remedial actions are performed based on one or more query results from the knowledge base.Type: ApplicationFiled: February 20, 2025Publication date: June 12, 2025Applicant: Dazz, Inc.Inventors: Tomer SCHWARTZ, Eshel YARON, Barak BERCOVITZ
-
Patent number: 12321464Abstract: A system and method for software containers attribution are provided. The method includes de-compiling a configuration file of a container image of a software container; identifying at least one candidate build file in the de-compiled configuration file, wherein the at least one candidate build potentially formed the container image; determining if at least one matching condition is satisfied between each of the at least one candidate build file and the de-compiled configuration file; associating the configuration file with each candidate build file satisfying the matching condition; and updating an inventory with the associated configuration file and the respective candidate build, wherein such association provides a direct mapping between the container image and the build files formed the container image.Type: GrantFiled: October 16, 2024Date of Patent: June 3, 2025Assignee: Dazz, Inc.Inventors: Eshel Yaron, Tomer Schwartz, Pavel Resnianski
-
Publication number: 20250173434Abstract: A system and method for alert prioritization. A method includes applying a prioritization machine learning model with respect to a plurality of second cybersecurity alerts from a plurality of alert sources. The prioritization machine learning model is trained based on a training set to prioritize cybersecurity alerts across the plurality of alert sources. The training set includes a plurality of first cybersecurity alerts from the plurality of alert sources and a plurality of corresponding training prioritizations for the plurality of first cybersecurity alerts. A priority is determined for the plurality of cybersecurity alerts based on outputs of the prioritization model. A plurality of remediation actions is performed based on the determined priority.Type: ApplicationFiled: November 27, 2024Publication date: May 29, 2025Applicant: Dazz, Inc.Inventors: Eshel YARON, Barak BERCOVITZ
-
Patent number: 12314387Abstract: Systems and methods for alert management. A method includes analyzing alerts with respect to cybersecurity issues indicated in the alerts to identify at least one group of matching alerts. Each group of matching alerts includes alerts generated by multiple cybersecurity detection tools. A software component associations database is queried based on software components indicated in each of the groups of alerts. The software component associations database stores associations between configuration files of software containers and build files used to build the software containers. At least one group of duplicate alerts is identified among the groups of matching alerts based on associations returned by the software component associations database. The software component indicated by a first alert of each group of duplicate alerts is associated with the software component indicated by a second alert of the group of duplicate alerts. The alerts are managed based on the groups of duplicate alerts.Type: GrantFiled: July 29, 2022Date of Patent: May 27, 2025Assignee: Dazz, Inc.Inventors: Oren Yona, Eyal Golombek, Tomer Schwartz, Eshel Yaron, Pavel Resnianski
-
Publication number: 20250080397Abstract: A system and method for mitigating alerts using network path resolution. A method includes generating a graph mapping between computing resources and workloads, wherein the graph includes nodes and edges, wherein the nodes include computing resource nodes representing respective computing resources and workload nodes representing respective workloads, wherein each workload is at least one process; identifying a path including at least one first workload of the workloads by querying the graph based on a first computing resource of the computing resources indicated in an alert; identifying at least one root cause of an alert based on the identified path; and performing at least one mitigation action based on the identified at least one root cause.Type: ApplicationFiled: July 3, 2024Publication date: March 6, 2025Applicant: Dazz, Inc.Inventors: Eshel YARON, Rom GENDLER, Dor ZUSMAN COHEN
-
Publication number: 20250080398Abstract: A system and method for remediating alerts using graph exploration. A method includes creating a graph including a plurality of nodes and a plurality of edges, wherein the plurality of nodes includes a plurality of computing resource nodes representing respective computing resources among a computing infrastructure and a plurality of user nodes representing respective entities which make changes to the computing infrastructure; querying the graph based on a computing resource indicated in an alert; identifying a root cause of the alert based on results of the querying of the graph; and performing at least one mitigation action based on the identified root cause.Type: ApplicationFiled: July 3, 2024Publication date: March 6, 2025Applicant: Dazz, Inc.Inventors: Eshel YARON, Barak BERCOVITZ, Dvir HAZOUT
-
Publication number: 20250045379Abstract: A system and method for securing deployment of computing infrastructure resources. A method includes determining, based on a unique identifier of a computing infrastructure resource indicated in an alert, a source identifier of a resource component including the computing infrastructure resource, wherein the resource component includes at least one source file, wherein the source identifier of the resource component is a combination of characteristics of the resource component which collectively uniquely identify the resource component with respect to the directory in which the at least one source file of the resource component reside; contextually enriching the alert by adding the source identifier of the resource component including the computing infrastructure resource to the alert; and performing at least one remediation action with respect to the contextually enriching alert.Type: ApplicationFiled: October 22, 2024Publication date: February 6, 2025Applicant: Dazz, Inc.Inventors: Eshel YARON, Tomer SCHWARTZ, Rom GENDLER
-
Publication number: 20250036779Abstract: A system and method for software containers attribution are provided. The method includes de-compiling a configuration file of a container image of a software container; identifying at least one candidate build file in the de-compiled configuration file, wherein the at least one candidate build potentially formed the container image; determining if at least one matching condition is satisfied between each of the at least one candidate build file and the de-compiled configuration file; associating the configuration file with each candidate build file satisfying the matching condition; and updating an inventory with the associated configuration file and the respective candidate build, wherein such association provides a direct mapping between the container image and the build files formed the container image.Type: ApplicationFiled: October 16, 2024Publication date: January 30, 2025Applicant: Dazz, Inc.Inventors: Eshel YARON, Tomer SCHWARTZ, Pavel RESNIANSKI
-
Patent number: 12204651Abstract: A system and method for software containers attribution are provided. The method includes de-compiling a configuration file of a container image of a software container; identifying at least one candidate build file in the de-complied configuration file, wherein the at least one candidate build potentially formed the container image; determining if at least one matching condition is satisfied between each of the at least one candidate build file and the de-complied configuration file; associating the configuration file with each candidate build file satisfying the matching condition; and updating an inventory with the associated configuration file and the respective candidate build, wherein such association provides a direct mapping between the container image and the build files formed the container image.Type: GrantFiled: March 29, 2022Date of Patent: January 21, 2025Assignee: Dazz, Inc.Inventors: Eshel Yaron, Tomer Schwartz, Pavel Resnianski
-
Publication number: 20240378299Abstract: Systems and methods for identifying security control steps in software development pipelines. A method includes enumerating a plurality of steps in a software development infrastructure by analyzing software development pipeline data of the software development infrastructure, wherein each step includes a set of computer instructions for performing at least one task; identifying a plurality of step properties for each of the plurality of steps in step data of the step; and classifying at least one of the plurality of steps as a security control step based on the plurality of step properties identified for each of the plurality of steps, wherein each step classified as a security control step includes instructions for at least analyzing code in order to determine whether at least one security requirement is met.Type: ApplicationFiled: July 25, 2024Publication date: November 14, 2024Applicant: Dazz, Inc.Inventors: Eshel YARON, Tomer SCHWARTZ, Barak BERCOVITZ
-
Patent number: 12086266Abstract: Systems and methods for identifying security control steps in software development pipelines. A method includes enumerating a plurality of steps in a software development infrastructure by analyzing software development pipeline data of the software development infrastructure, wherein each step includes a set of computer instructions for performing at least one task; identifying a plurality of step properties for each of the plurality of steps in step data of the step; and classifying at least one of the plurality of steps as a security control step based on the plurality of step properties identified for each of the plurality of steps, wherein each step classified as a security control step includes instructions for at least analyzing code in order to determine whether at least one security requirement is met.Type: GrantFiled: May 20, 2022Date of Patent: September 10, 2024Assignee: Dazz, Inc.Inventors: Eshel Yaron, Tomer Schwartz, Barak Bercovitz
-
Publication number: 20240232333Abstract: A system and method for securing deployment of computing infrastructure resources. A method includes determining, based on a unique identifier of a computing infrastructure resource indicated in an alert, a source identifier of a resource component including the computing infrastructure resource, wherein the resource component includes at least one source file, wherein the source identifier of the resource component is a combination of characteristics of the resource component which collectively uniquely identify the resource component with respect to the directory in which the at least one source file of the resource component reside; contextually enriching the alert by adding the source identifier of the resource component including the computing infrastructure resource to the alert; and performing at least one remediation action with respect to the contextually enriching alert.Type: ApplicationFiled: October 21, 2022Publication date: July 11, 2024Applicant: Dazz, Inc.Inventors: Eshel YARON, Tomer SCHWARTZ, Rom GENDLER
-
Publication number: 20240134967Abstract: A system and method for securing deployment of computing infrastructure resources. A method includes determining, based on a unique identifier of a computing infrastructure resource indicated in an alert, a source identifier of a resource component including the computing infrastructure resource, wherein the resource component includes at least one source file, wherein the source identifier of the resource component is a combination of characteristics of the resource component which collectively uniquely identify the resource component with respect to the directory in which the at least one source file of the resource component reside; contextually enriching the alert by adding the source identifier of the resource component including the computing infrastructure resource to the alert; and performing at least one remediation action with respect to the contextually enriching alert.Type: ApplicationFiled: October 20, 2022Publication date: April 25, 2024Applicant: Dazz, Inc.Inventors: Eshel YARON, Tomer SCHWARTZ, Rom GENDLER
-
Publication number: 20240037227Abstract: A system and method for securing deployment of computing infrastructure resources.Type: ApplicationFiled: July 27, 2022Publication date: February 1, 2024Applicant: Dazz, Inc.Inventors: Omer DEUTSCHER, Tomer SCHWARTZ, Eshel YARON, Barak BERCOVITZ
-
Publication number: 20230376603Abstract: Systems and methods for identifying security control steps in software development pipelines. A method includes enumerating a plurality of steps in a software development infrastructure by analyzing software development pipeline data of the software development infrastructure, wherein each step includes a set of computer instructions for performing at least one task; identifying a plurality of step properties for each of the plurality of steps in step data of the step; and classifying at least one of the plurality of steps as a security control step based on the plurality of step properties identified for each of the plurality of steps, wherein each step classified as a security control step includes instructions for at least analyzing code in order to determine whether at least one security requirement is met.Type: ApplicationFiled: May 20, 2022Publication date: November 23, 2023Applicant: Dazz, Inc.Inventors: Eshel YARON, Tomer SCHWARTZ, Barak BERCOVITZ
-
Publication number: 20230315860Abstract: A system and method for software containers attribution are provided. The method includes de-compiling a configuration file of a container image of a software container; identifying at least one candidate build file in the de-complied configuration file, wherein the at least one candidate build potentially formed the container image; determining if at least one matching condition is satisfied between each of the at least one candidate build file and the de-complied configuration file; associating the configuration file with each candidate build file satisfying the matching condition; and updating an inventory with the associated configuration file and the respective candidate build, wherein such association provides a direct mapping between the container image and the build files formed the container image.Type: ApplicationFiled: March 29, 2022Publication date: October 5, 2023Applicant: Dazz, Inc.Inventors: Eshel Yaron, Tomer Schwartz, Pavel Resnianski