Patents Assigned to enSilo Ltd.
-
Publication number: 20190347415Abstract: A computer implemented method for protecting data stored in at least one file from being overwritten by malicious code, comprises: monitoring at least one file stored in a storage device location to detect a request to perform an overwrite operation at least a portion of data of the at least one file; redirecting the overwrite operation to a memory location designated as safe for being overwritten; analyzing the overwrite operation at the memory location to identify an association with malicious code; and outputting an indication of an attempt to overwrite the at least one file by malicious code.Type: ApplicationFiled: December 11, 2017Publication date: November 14, 2019Applicant: enSilo Ltd.Inventors: Udi YAVO, Tomer BITTON, Ido KELSON, Gregory MESSERMAN
-
Patent number: 10334083Abstract: There is provided a computer implemented method for detection and prevention of an attempt at establishment of a network connection for malicious communication, comprising: detecting a connection establishment process for establishing a network connection, the connection establishment process initiated by code running on a client terminal; analyzing records in at least one stack trace of the initiating code managed at the client terminal, to detect a trial to establish a malicious communication wherein the network connection is used for malicious activity; and blocking establishment of the network connection when the analysis detects the trial to establish the malicious communication based on the network connection.Type: GrantFiled: November 24, 2015Date of Patent: June 25, 2019Assignee: enSilo Ltd.Inventors: Roy Katmor, Tomer Bitton, Udi Yavo, Ido Kelson
-
Patent number: 10264104Abstract: There is provided a method for authenticating an attempt at establishment of a network connection by allowed code, comprising: providing a dataset having previously observed stack trace templates each representing a stack trace pattern prevailing in stack traces recorded by monitoring stacks of clients executing an allowed code during a connection establishment process for establishing network connections related to the allowed code; receiving a new stack trace recorded during a new connection establishment process for a new network connection by a new client; measuring a similarity between the new stack trace and the plurality of stack trace templates to identify a match to a stack trace template; evaluating the matched stack trace template for a predefined rule requirement; and updating a rule-set database with the matched stack trace template to authenticate new network connection establishments associated with stack templates matching the matched stack trace template.Type: GrantFiled: April 23, 2018Date of Patent: April 16, 2019Assignee: enSilo Ltd.Inventors: Roy Katmor, Tomer Bitton, Udi Yavo, Ido Kelson
-
Publication number: 20180241853Abstract: There is provided a method for authenticating an attempt at establishment of a network connection by allowed code, comprising: providing a dataset having previously observed stack trace templates each representing a stack trace pattern prevailing in stack traces recorded by monitoring stacks of clients executing an allowed code during a connection establishment process for establishing network connections related to the allowed code; receiving a new stack trace recorded during a new connection establishment process for a new network connection by a new client; measuring a similarity between the new stack trace and the plurality of stack trace templates to identify a match to a stack trace template; evaluating the matched stack trace template for a predefined rule requirement; and updating a rule-set database with the matched stack trace template to authenticate new network connection establishments associated with stack templates matching the matched stack trace template.Type: ApplicationFiled: April 23, 2018Publication date: August 23, 2018Applicant: enSilo Ltd.Inventors: Roy KATMOR, Tomer BITTON, Udi YAVO, Ido KELSON
-
Patent number: 9954980Abstract: There is provided a method for authenticating an attempt at establishment of a network connection by allowed code, comprising: providing a dataset having previously observed stack trace templates each representing a stack trace pattern prevailing in stack traces recorded by monitoring stacks of clients executing an allowed code during a connection establishment process for establishing network connections related to the allowed code; receiving a new stack trace recorded during a new connection establishment process for a new network connection by a new client; measuring a similarity between the new stack trace and the plurality of stack trace templates to identify a match to a stack trace template; evaluating the matched stack trace template for a predefined rule requirement; and updating a rule-set database with the matched stack trace template to authenticate new network connection establishments associated with stack templates matching the matched stack trace template.Type: GrantFiled: November 24, 2015Date of Patent: April 24, 2018Assignee: enSilo Ltd.Inventors: Roy Katmor, Tomer Bitton, Udi Yavo, Ido Kelson