Abstract: A system and method for traffic-based misconfiguration detection. A method includes analyzing a first set of computing interface traffic data to identify types of data included among traffic to and from a computing interface; creating at least one computing interface schema based on the analysis, wherein each computing interface schema defines a plurality of schema fields and a plurality of corresponding schema values, wherein each schema value indicates a normal behavior for the computing interface with respect to the corresponding schema field; and identifying a misconfiguration of the computing interface based on the at least one computing interface schema and a second set of computing interface traffic data.
Type:
Grant
Filed:
October 20, 2021
Date of Patent:
July 9, 2024
Assignee:
NONAME GATE LTD
Inventors:
Shay Levi, Oz Golan, Oren Shpigel, Aner Morag, Dor Dankner, Ron Martziano, Pavel Vaks, Hila Zigman, Netanel Maman, Yuval Alkalai Tavori
Abstract: Systems and methods for resolving dependencies of computing interfaces. An example method includes identifying at least one example value with respect to a specification of a first computing interface, wherein each of the at least one example value is a value included in a respective request to the first computing interface; and linking the first computing interface to at least one second computing interface based on the identified at least one example value.
Abstract: Systems and methods for active parameter identification. An example method includes applying a machine learning model to features extracted from each of at least one request to a computing interface, wherein the machine learning model is trained per value using a training set including a plurality of training values of a plurality of training requests, wherein the machine learning model is trained to output an indicator as to whether each portion of a request containing a respective value indicates a parameter when applied to the request; and identifying at least one parameter-indicating portion of each request to the computing interface based on outputs of the machine learning model.
Abstract: A system and method for contextual misconfiguration detection. A method includes identifying at least one configuration parameter based on configuration data related to a computing interface; determining at least one traffic behavior based on traffic data of traffic to and from the computing interface; and detecting at least one misconfiguration by applying a plurality of contextual misconfiguration rules to the identified at least one configuration parameter and the determined at least one traffic behavior, wherein each contextual misconfiguration rule defines a respective misconfiguration as a combination of at least one predetermined configuration parameter and at least one predetermined traffic behavior.
Type:
Application
Filed:
December 20, 2021
Publication date:
June 22, 2023
Applicant:
NONAME GATE LTD
Inventors:
Shay LEVI, Oz GOLAN, Hila ZIGMAN, Oren SHPIGEL, Netanel MAMAN, Yuval ALKALAI, Dor DANKNER
Abstract: A system and method for traffic-based misconfiguration detection. A method includes analyzing a first set of computing interface traffic data to identify types of data included among traffic to and from a computing interface; creating at least one computing interface schema based on the analysis, wherein each computing interface schema defines a plurality of schema fields and a plurality of corresponding schema values, wherein each schema value indicates a normal behavior for the computing interface with respect to the corresponding schema field; and identifying a misconfiguration of the computing interface based on the at least one computing interface schema and a second set of computing interface traffic data.
Type:
Application
Filed:
October 20, 2021
Publication date:
April 20, 2023
Applicant:
NONAME GATE LTD
Inventors:
Shay LEVI, Oz GOLAN, Oren SHPIGEL, Aner MORAG, Dor DANKNER, Ron MARTZIANO, Pavel VAKS, Hila ZIGMAN, Netanel MAMAN, Yuval ALKALAI
Abstract: A system and method for identifying computing interface calls using communications protocols. A method includes extracting data from a communications session involving communication between a first computing interface and a second computing interface, wherein the communication between the first computing interface and the second computing interface is implemented via a plurality of communication protocol layers, wherein extracting the data from the communications session further comprises building at least one layer of the plurality of communication protocol layers based on a portion of the data extracted from at least one other layer of the plurality of communication protocol layers; duplicating traffic for the communications session based on the extracted data, wherein duplicating the traffic further comprises converting the extracted data into a unified data modeling format; and identifying at least one computing interface call based on the duplicated traffic.