Patents by Inventor Ami Luttwak

Ami Luttwak has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).

  • Patent number: 10091169
    Abstract: A method and system for protecting cloud-based applications executed in a cloud computing platform are presented. The method includes intercepting traffic flows from a plurality of client devices to the cloud computing platform, wherein each of the plurality of client devices is associated with a user attempting to access a cloud-based application; extracting at least one parameter from the intercepted traffic related to at least each client device and a respective user attempting to access the cloud-based application; determining based on, the at least one parameter and at least a set of parameters combining cloud-based application risk factors for a provider of the cloud computing platform, a risk indicator for the user attempting to access the cloud-based application; and performing an action to mitigate a potential risk to the cloud computing platform based on the determined risk indicator.
    Type: Grant
    Filed: December 14, 2015
    Date of Patent: October 2, 2018
    Assignee: MICROSOFT ISRAEL RESEARCH AND DEVELOPMENT (2002) LTD.
    Inventors: Aviram Cohen, Liran Moysi, Ami Luttwak, Roy Reznik, Greg Vishnepolsky
  • Publication number: 20180262498
    Abstract: Mitigating false positives for impossible travel alerts. A first user access location for a user is provided, for a first user access of computing resources identified using a first identification process, to a user behavior analytics service. The first identification process identifies a real world indicator of location for a device associated with the first user access. A second user location is provided for the user, for a second user access of computing resources, to the user behavior analytics service, using a second identification process. The second identification process identifies a location associated with an egress point to which communication to and from a device is routed to access computing resources, such that the user behavior analytics service receives a location associated with the egress point as the second user location. At the user behavior analytics service, the second user location is filtered from being used for impossible travel detection.
    Type: Application
    Filed: March 13, 2017
    Publication date: September 13, 2018
    Inventors: Tal Arieh Be'ery, Ami Luttwak
  • Patent number: 10015205
    Abstract: Techniques for reconstructing application-layer traffic flowing between client devices and a cloud computing platform are provided. In an embodiment, the method allows for non-intrusive reconstructing application-layer traffic including requests and responses even in cases including packet drops, re-transmitted packets, and jittered packets. The method includes saving received packets into a zero-copy queue and analyzing the packets saved in the zero-copy memory to identify their respective sessions. Then, each identified session is reconstructed into a session window having a configurable size. In an embodiment, each reconstructed session includes application-layer requests and responses; The method further includes for, each identified session, matching each application-layer request to a corresponding application-layer response based on a matching identifier and time-interval threshold.
    Type: Grant
    Filed: July 21, 2015
    Date of Patent: July 3, 2018
    Assignee: MICROSOFT ISRAEL RESEARCH AND DEVELOPMENT (2002) LTD.
    Inventors: Aviram Cohen, Ami Luttwak, Roy Reznik, Gregory Vishnepolsky
  • Publication number: 20170118239
    Abstract: A method and proxy device for detecting cyber threats against cloud-based application are presented. The method includes receiving a request from a client device, the request directed to a cloud-based application computing platform, wherein the client device is associated with a user attempting to access the cloud-based application; determining whether the received request belongs to a current session of the client device accessing the cloud-based application; extracting, from the received request, at least one application-layer parameter of the current session; comparing the at least one extracted application-layer parameter to application-layer parameters extracted from previous sessions to determine at least one risk factor; and computing a risk score based on the determined at least one risk factor, wherein the risk score is indicative of a potential cyber threat.
    Type: Application
    Filed: January 26, 2016
    Publication date: April 27, 2017
    Applicant: Microsoft Technology Licensing, LLC.
    Inventors: Yonatan Most, Yinon Costica, Ami Luttwak
  • Publication number: 20160344736
    Abstract: A method and proxy device for securing an access to a cloud-based application are presented. The method includes receiving an authentication token, wherein the authentication token includes an identity of a user of a client device requesting an access to the cloud-based application; receiving, from an agent executed in the client device, a client certificate; retrieving, from a compliance server, a device posture of the client device, wherein the device posture is retrieved respective of the received client certificate; identifying an access policy for the client device to access the cloud-based application, wherein the access policy is identified based at least on the retrieved device posture; and determining whether to grant an access to the cloud-based application based in part on the compliance of the client device with the identified access policy.
    Type: Application
    Filed: March 28, 2016
    Publication date: November 24, 2016
    Applicant: Microsoft Technology Licensing, LLC.
    Inventors: Vitaly KHAIT, Ami LUTTWAK, Liran MOYSI, Ariel STOLOVICH, Greg VISHNEPOLSKY
  • Patent number: 9438565
    Abstract: This application relates generally to a system operating on network traffic between a network-based software as a service (SaaS) provider and a client. The system can be configured as a managed communications network proxy and take action on the network traffic based on predefined policies and rules. The system can include a suffix proxy configured for captive page processing by processing SaaS server responses so that subsequent requests are handled by the suffix proxy dependent on file type and response type.
    Type: Grant
    Filed: November 12, 2014
    Date of Patent: September 6, 2016
    Assignee: Adallom Technologies, Ltd.
    Inventors: Aviram Cohen, Liran Moysi, Ami Luttwak, Roy Reznik, Greg Vishnepolsky
  • Publication number: 20160112375
    Abstract: A method and system for protecting cloud-based applications executed in a cloud computing platform are presented. The method includes intercepting traffic flows from a plurality of client devices to the cloud computing platform, wherein each of the plurality of client devices is associated with a user attempting to access a cloud-based application; extracting at least one parameter from the intercepted traffic related to at least each client device and a respective user attempting to access the cloud-based application; determining based on, the at least one parameter and at least a set of parameters combining cloud-based application risk factors for a provider of the cloud computing platform, a risk indicator for the user attempting to access the cloud-based application; and performing an action to mitigate a potential risk to the cloud computing platform based on the determined risk indicator.
    Type: Application
    Filed: December 14, 2015
    Publication date: April 21, 2016
    Applicant: Microsoft Technology Licensing, LLC.
    Inventors: Aviram COHEN, Liran MOYSI, Ami LUTTWAK, Roy REZNIK, Greg VISHNEPOLSKY
  • Publication number: 20150135302
    Abstract: This application relates generally to a system operating on network traffic between a network-based software as a service (SaaS) provider and a client. The system can be configured as a managed communications network proxy and take action on the network traffic based on predefined policies and rules.
    Type: Application
    Filed: November 12, 2014
    Publication date: May 14, 2015
    Applicant: ADALLOM, INC.
    Inventors: Aviram Cohen, Liran Moysi, Ami Luttwak, Roy Reznik, Greg Vishnepolsky