Patents Assigned to OPSWAT, Inc.
-
Publication number: 20180352003Abstract: Embodiments of the present invention include methods involving an authentication application, a client application, or a combination of a network access control server with the authentication application and the client application. The client application collects compliance data regarding the user device and communicates the compliance data to the network access control server. The network access control server generates a compliance check result based on whether the compliance data indicates that the user device is compliant with a security policy for the software-as-a-service server. The authentication application grants access by the user device when the compliance check result is positive; and the authentication application denies access by the user device when the compliance check result is negative. In some embodiments, the compliance check result or a user device identifier is stored in a web browser cookie or a client certificate on the user device.Type: ApplicationFiled: August 9, 2018Publication date: December 6, 2018Applicant: OPSWAT, Inc.Inventors: Adam Gregory Winn, Benjamin Czarny, Jianpeng Mo, Yiyi Miao
-
Patent number: 10116683Abstract: Computer security vulnerability assessment is performed with product binary data and product vulnerability data that correspond with product identification data. A correspondence between the product binary data and the product vulnerability data is determined, and a binaries-to-vulnerabilities database is generated. The binaries-to-vulnerabilities database is used to scan binary data from a target device to find matches with the product binary data. A known security vulnerability of the target device is determined based on the scanning and the correspondence between the product binary data and the vulnerability data. In some embodiments, the target device is powered off and used as an external storage device to receive the binary data therefrom.Type: GrantFiled: July 31, 2017Date of Patent: October 30, 2018Assignee: OPSWAT, INC.Inventors: Benjamin Czarny, Jianpeng Mo, Ali Rezafard, David Matthew Patt
-
Publication number: 20180293180Abstract: A method, program and/or system reads first data through a first path from a location in a data storage. Second data is read through a second path from the same location in the data storage. The first data is compared to the second data. A match between the first data and the second data indicates that the first path did not encrypt the first data. A mismatch between the first data and the second data indicates that the first path encrypted the first data.Type: ApplicationFiled: June 15, 2018Publication date: October 11, 2018Applicant: OPSWAT, Inc.Inventors: Benjamin Czarny, Jianpeng Mo, Boris Dynin
-
Patent number: 10063594Abstract: Embodiments of the present invention include methods involving an authentication application, a client application, or a combination of a network access control server with the authentication application and the client application. The client application collects compliance data regarding the user device and communicates the compliance data to the network access control server. The network access control server generates a compliance check result based on whether the compliance data indicates that the user device is compliant with a security policy for the software-as-a-service server. The authentication application grants access by the user device when the compliance check result is positive; and the authentication application denies access by the user device when the compliance check result is negative. In some embodiments, the compliance check result or a user device identifier is stored in a web browser cookie or a client certificate on the user device.Type: GrantFiled: March 14, 2016Date of Patent: August 28, 2018Assignee: OPSWAT, INC.Inventors: Adam Gregory Winn, Benjamin Czarny, Jianpeng Mo, Yiyi Miao
-
Patent number: 10002083Abstract: A method, program and/or system reads first data through a first path from a location in a data storage. Second data is read through a second path from the same location in the data storage. The first data is compared to the second data. A match between the first data and the second data indicates that the first path did not encrypt the first data. A mismatch between the first data and the second data indicates that the first path encrypted the first data.Type: GrantFiled: June 28, 2017Date of Patent: June 19, 2018Assignee: OPSWAT, INC.Inventors: Benjamin Czarny, Jianpeng Mo, Boris Dynin
-
Publication number: 20180091543Abstract: Computer security vulnerability assessment is performed with product binary data and product vulnerability data that correspond with product identification data. A correspondence between the product binary data and the product vulnerability data is determined, and a binaries-to-vulnerabilities database is generated. The binaries-to-vulnerabilities database is used to scan binary data from a target device to find matches with the product binary data. A known security vulnerability of the target device is determined based on the scanning and the correspondence between the product binary data and the vulnerability data. In some embodiments, the target device is powered off and used as an external storage device to receive the binary data therefrom.Type: ApplicationFiled: July 31, 2017Publication date: March 29, 2018Applicant: OPSWAT, Inc.Inventors: Benjamin Czarny, Jianpeng Mo, Ali Rezafard, David Matthew Patt
-
Publication number: 20170300429Abstract: A method, program and/or system reads first data through a first path from a location in a data storage. Second data is read through a second path from the same location in the data storage. The first data is compared to the second data. A match between the first data and the second data indicates that the first path did not encrypt the first data. A mismatch between the first data and the second data indicates that the first path encrypted the first data.Type: ApplicationFiled: June 28, 2017Publication date: October 19, 2017Applicant: OPSWAT, Inc.Inventors: Benjamin Czarny, Jianpeng Mo, Boris Dynin
-
Patent number: 9749349Abstract: Computer security vulnerability assessment is performed with product binary data and product vulnerability data that correspond with product identification data. A correspondence between the product binary data and the product vulnerability data is determined, and a binaries-to-vulnerabilities database is generated. The binaries-to-vulnerabilities database is used to scan binary data from a target device to find matches with the product binary data. A known security vulnerability of the target device is determined based on the scanning and the correspondence between the product binary data and the vulnerability data. In some embodiments, the target device is powered off and used as an external storage device to receive the binary data therefrom.Type: GrantFiled: September 23, 2016Date of Patent: August 29, 2017Assignee: OPSWAT, Inc.Inventors: Benjamin Czarny, Jianpeng Mo, Ali Rezafard, David Matthew Patt
-
Patent number: 9697367Abstract: A method, program and/or system reads first data through a first path from a location in a data storage. Second data is read through a second path from the same location in the data storage. The first data is compared to the second data. A match between the first data and the second data indicates that the first path did not encrypt the first data. A mismatch between the first data and the second data indicates that the first path encrypted the first data.Type: GrantFiled: October 17, 2016Date of Patent: July 4, 2017Assignee: OPSWAT, Inc.Inventors: Benjamin Czarny, Jianpeng Mo, Boris Dynin
-
Publication number: 20170032133Abstract: A method, program and/or system reads first data through a first path from a location in a data storage. Second data is read through a second path from the same location in the data storage. The first data is compared to the second data. A match between the first data and the second data indicates that the first path did not encrypt the first data. A mismatch between the first data and the second data indicates that the first path encrypted the first data.Type: ApplicationFiled: October 17, 2016Publication date: February 2, 2017Applicant: OPSWAT, Inc.Inventors: Benjamin Czarny, Jianpeng Mo, Boris Dynin
-
Patent number: 9471794Abstract: A method, program and/or system reads a file through a first path from a data storage to obtain a first data. The file is read through a second path from the data storage to obtain a second data. The first data is compared to the second data. When the first data matches the second data, the file is determined not to be encrypted in the data storage. When the first data does not match the second data, the file is determined to be encrypted in the data storage.Type: GrantFiled: February 3, 2016Date of Patent: October 18, 2016Assignee: OPSWAT, Inc.Inventors: Benjamin Czarny, Jianpeng Mo, Boris Dynin
-
Patent number: 9288199Abstract: Embodiments of the present invention involve a method and system including a network access control server, an authentication application running on a software-as-a-service server, and a client application running on a user device. The client application collects compliance data regarding the user device and communicates the compliance data to the network access control server. The network access control server generates a compliance check result based on whether the compliance data indicates that the user device is compliant with a security policy for the software-as-a-service server. The authentication application grants access by the user device when the compliance check result is positive; and the authentication application denies access by the user device when the compliance check result is negative. In some embodiments, the compliance check result is stored in a cookie of one or more web browsers installed on the user device.Type: GrantFiled: December 16, 2014Date of Patent: March 15, 2016Assignee: OPSWAT, Inc.Inventors: Adam Gregory Winn, Benjamin Czarny, Jianpeng Mo, Yiyi Miao
-
Patent number: 9256635Abstract: A method, program and/or system for determining whether a data storage is encrypted. A file is written through a first path to the data storage. The file is read through a second path from the data storage. First data known to have been written in the file is compared to second data that has been read from the file. When the first data matches the second data, the first path is determined not to have encrypted the file when writing to the data storage. When the first data does not match the second data, the first path is determined to have encrypted the file when writing to the data storage.Type: GrantFiled: April 24, 2015Date of Patent: February 9, 2016Assignee: OPSWAT, Inc.Inventors: Benjamin Czarny, Jianpeng Mo, Boris Dynin
-
Patent number: 9021163Abstract: A method, program and/or system for determining whether a data storage is encrypted. A file is written through a first path to the data storage. The file is read through a second path from the data storage. First data known to have been written in the file is compared to second data that has been read from the file. When the first data matches the second data, the first path is determined not to have encrypted the file when writing to the data storage. When the first data does not match the second data, the first path is determined to have encrypted the file when writing to the data storage.Type: GrantFiled: April 17, 2014Date of Patent: April 28, 2015Assignee: OPSWAT, Inc.Inventors: Benjamin Czarny, Jianpeng Mo, Boris Dynin