Patents by Inventor Amnon Lotem

Amnon Lotem has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).

  • Publication number: 20230396588
    Abstract: A device and method for configuring a web application firewall (WAF) based on characterization of web attacks are provided. The method includes receiving a plurality of hypertext transfer protocol transactions (HTTP) entities; tokenizing the received plurality of HTTP entities based on at least one delimiter; analyzing statistical distribution of each of the at least one delimiter in the tokenized HTTP entities; training a model based on an analysis of the tokenized HTTP entities, when a sufficient number of HTTP entities have been analyzed; and configuring, based on the trained model, the WAF with at least one detection rule to detect at least malicious HTTP transactions.
    Type: Application
    Filed: June 3, 2022
    Publication date: December 7, 2023
    Applicant: RADWARE LTD.
    Inventors: Doron SHAVIT, Amnon LOTEM, Orly Stan BENCHETRIT
  • Patent number: 11785035
    Abstract: A method for operating at least one log-analytics detection platform for detecting security threats associated with a client network, comprising: obtaining, via a communication network, log files from a client network, each log file comprising a log record associated with a channel and including an outbound communications log; extracting a channel feature set for said channels from said log files, said channel feature set comprises data pertaining to an associated entity, at least one channel feature being behavior of communication over a channel; aggregating said channel associated features for each of the channels into a data repository; generating a risk factor characterized by an entity score for said least one entity associated with entities of said channels; and blocking of communication for said entity when said risk factory is indicative of said entity being a security threat.
    Type: Grant
    Filed: April 29, 2022
    Date of Patent: October 10, 2023
    Assignee: RADWARE LTD.
    Inventors: Amnon Lotem, Doron Peri, Aviv Raff
  • Publication number: 20230262096
    Abstract: Arrangement for hardening cloud security policies of a cloud computing platform includes analyzing a plurality of permission usage maps, one for each cloud entity of a plurality of cloud entities included in the computing platform to discover at least one hardening gap, wherein each hardening gap is at least a difference between permissions granted and permissions used by one of the cloud entities, wherein each of the permission usage maps represents the permissions granted to a respective one of the cloud entities and the permissions used by that respective at least one of the cloud entities; for each discovered hardening gap, computing a risk score designating a potential risk reduction achieved by addressing the hardening gap; generating at least one hardening recommendation for the at least one hardening gap and its respective computed risk score; and applying the at least one hardening recommendation, thereby hardening the cloud computing platform.
    Type: Application
    Filed: April 19, 2023
    Publication date: August 17, 2023
    Applicant: Radware Ltd.
    Inventors: Adi RAFF, Amnon LOTEM, Yaniv AMRAM, Leo REZNIK, Tal HALPERN, Nissim PARIENTE
  • Patent number: 11637864
    Abstract: A method and system for hardening cloud security policies of a cloud computing platform are presented.
    Type: Grant
    Filed: June 3, 2019
    Date of Patent: April 25, 2023
    Assignee: RADWARE LTD.
    Inventors: Adi Raff, Amnon Lotem, Yaniv Amram, Leo Reznik, Tal Halpern, Nissim Pariente
  • Publication number: 20220337610
    Abstract: A method for operating at least one log-analytics detection platform for detecting security threats associated with a client network, comprising: obtaining, via a communication network, log files from a client network, each log file comprising a log record associated with a channel and including an outbound communications log; extracting a channel feature set for said channels from said log files, said channel feature set comprises data pertaining to an associated entity, at least one channel feature being behavior of communication over a channel; aggregating said channel associated features for each of the channels into a data repository; generating a risk factor characterized by an entity score for said least one entity associated with entities of said channels; and blocking of communication for said entity when said risk factory is indicative of said entity being a security threat.
    Type: Application
    Filed: April 29, 2022
    Publication date: October 20, 2022
    Applicant: RADWARE LTD.
    Inventors: Amnon LOTEM, Doron PERI, Aviv RAFF
  • Patent number: 11343265
    Abstract: Log based analysis systems and methods for protecting computers and networks from malicious communications and malware attacks by analyzing log data obtained from client networks having network entities representing business units or customers. The system may further comprise a plurality of client asset machines, each operable to execute a security product associated with a security product vendor and log associated information of the network entities into at least one log file. The log files may be uploaded onto a log-analytics detection platform for analysis using learning algorithms operable to generate a risk factor attribute for at least one entity.
    Type: Grant
    Filed: February 7, 2016
    Date of Patent: May 24, 2022
    Assignee: Seculert Ltd.
    Inventors: Amnon Lotem, Doron Peri, Aviv Raff
  • Patent number: 11146581
    Abstract: A method and system for protecting a cloud computing platform against cyber-attacks are provided. The method includes gathering cloud logs from a cloud computing platform; analyzing, by a plurality of detectors, the cloud logs to detect at least one suspicious behavior, wherein each of the at least one suspicious behavior is identified by a suspect indicator; sequencing suspect indicators into attack sequences; scoring each of the attack sequences with an attack score, wherein each attack is scored using a scoring model; and alerting on each attack sequence having a score higher than a predefined threshold.
    Type: Grant
    Filed: December 31, 2018
    Date of Patent: October 12, 2021
    Assignee: Radware Ltd.
    Inventors: Amnon Lotem, Nissim Pariente
  • Patent number: 11089035
    Abstract: A method and system for predicting subsequent cyber-attacks in attack campaigns are provided. The method includes receiving events data related to cyber-attacks occurring in a network during a predefined time window; extracting at least one sequence from the received events data at least one attack vector; generating a sequence signature for each of the at least one extracted sequence; comparing each sequence signature to a representation of historic sequence signatures to determine at least partially matching sequence signature; and based on the matching sequence, determining at least one subsequent cyber-attack in a respective sequence.
    Type: Grant
    Filed: December 11, 2018
    Date of Patent: August 10, 2021
    Assignee: Radware Ltd.
    Inventors: Ehud Doron, Amnon Lotem, Yotam Ben-Ezra, Ami Navon, Nadav Grossaug, Nissim Pariente
  • Patent number: 10984652
    Abstract: A method and system for modeling and processing vehicular traffic data and information, comprising: (a) transforming a spatial representation of a road network into a network of spatially interdependent and interrelated oriented road sections, for forming an oriented road section network; (b) acquiring a variety of the vehicular traffic data and information associated with the oriented road section network, from a variety of sources; (c) prioritizing, filtering, and controlling, the vehicular traffic data and information acquired from each of the variety of sources; (d) calculating a mean normalized travel time (NTT) value for each oriented road section of said oriented road section network using the prioritized, filtered, and controlled, vehicular traffic data and information associated with each source, for forming a partial current vehicular traffic situation picture associated with each source; (e) fusing the partial current traffic situation picture associated with each source, for generating a single co
    Type: Grant
    Filed: November 6, 2018
    Date of Patent: April 20, 2021
    Assignee: INRIX, Inc.
    Inventors: Israel Feldman, Arie Trinker, Yochai Meltzer, Allon Eshpar, Amnon Lotem
  • Publication number: 20200259865
    Abstract: A method and system for hardening cloud security policies of a cloud computing platform are presented.
    Type: Application
    Filed: June 3, 2019
    Publication date: August 13, 2020
    Applicant: RADWARE, LTD.
    Inventors: Adi RAFF, Amnon LOTEM, Yaniv AMRAM, Leo REZNIK, Tal HALPERN, Nissim PARIENTE
  • Publication number: 20200213338
    Abstract: A method and system for protecting a cloud computing platform against cyber-attacks are provided. The method includes gathering cloud logs from a cloud computing platform; analyzing, by a plurality of detectors, the cloud logs to detect at least one suspicious behavior, wherein each of the at least one suspicious behavior is identified by a suspect indicator; sequencing suspect indicators into attack sequences; scoring each of the attack sequences with an attack score, wherein each attack is scored using a scoring model; and alerting on each attack sequence having a score higher than a predefined threshold.
    Type: Application
    Filed: December 31, 2018
    Publication date: July 2, 2020
    Applicant: RADWARE, LTD.
    Inventors: Amnon LOTEM, Nissim PARIENTE
  • Patent number: 10409993
    Abstract: A method for automatically translating a banner information, the method may include receiving by a computer the banner information, wherein the banner information is included in at least one banner and describes an identity of a software product; and translating by the computer the banner information into a unique software product identifier using a content of knowledgebase that comprises an attributes schema and translation rules; wherein each software product is associated with a single unique software product identifier; wherein the unique software product identifier comprises a structured set of attributes; wherein at least one translation rule is a pattern based translation rule; wherein the attributes schema specifies a set of allowable attributes and of allowable values of the attributes.
    Type: Grant
    Filed: January 13, 2017
    Date of Patent: September 10, 2019
    Assignee: SKYBOX SECURITY Ltd
    Inventors: Amnon Lotem, Gideon Cohen, Stav Kaufman
  • Patent number: 10397246
    Abstract: A crowdsourcing log analysis system and methods for protecting computers and networks from malware attacks by analyzing data log information obtained from a plurality of client network. The client networks are associated with a set of network entities representing a plurality of business units or customers. The system may further comprise a plurality of server machines, each operable to execute a security product associated with a security product vendor and log associated information of at the network entities into at least one log file. The log files may be uploaded onto a breach detection platform for analysis based upon crowdsourcing principles and is operable to generate a risk factor attribute for at least one suspect entity.
    Type: Grant
    Filed: June 15, 2015
    Date of Patent: August 27, 2019
    Assignee: Radware, Ltd.
    Inventors: Aviv Raff, Doron Peri, Amnon Lotem
  • Publication number: 20190182274
    Abstract: A method and system for predicting subsequent cyber-attacks in attack campaigns are provided. The method includes receiving events data related to cyber-attacks occurring in a network during a predefined time window; extracting at least one sequence from the received events data at least one attack vector; generating a sequence signature for each of the at least one extracted sequence; comparing each sequence signature to a representation of historic sequence signatures to determine at least partially matching sequence signature; and based on the matching sequence, determining at least one subsequent cyber-attack in a respective sequence.
    Type: Application
    Filed: December 11, 2018
    Publication date: June 13, 2019
    Applicant: RADWARE, LTD.
    Inventors: Ehud DORON, Amnon LOTEM, Yotam BEN-EZRA, Ami NAVON, Nadav GROSSAUG, Nissim PARIENTE
  • Publication number: 20190156661
    Abstract: A method and system for modeling and processing vehicular traffic data and information, comprising: (a) transforming a spatial representation of a road network into a network of spatially interdependent and interrelated oriented road sections, for forming an oriented road section network; (b) acquiring a variety of the vehicular traffic data and information associated with the oriented road section network, from a variety of sources; (c) prioritizing, filtering, and controlling, the vehicular traffic data and information acquired from each of the variety of sources; (d) calculating a mean normalized travel time (NTT) value for each oriented road section of said oriented road section network using the prioritized, filtered, and controlled, vehicular traffic data and information associated with each source, for forming a partial current vehicular traffic situation picture associated with each source; (e) fusing the partial current traffic situation picture associated with each source, for generating a single co
    Type: Application
    Filed: November 6, 2018
    Publication date: May 23, 2019
    Inventors: Israel FELDMAN, Arie TRINKER, Yochai Meltzer, Allon Eshpar, Amnon Lotem
  • Patent number: 10121366
    Abstract: A method and system for modeling and processing vehicular traffic data and information, comprising: (a) transforming a spatial representation of a road network into a network of spatially interdependent and interrelated oriented road sections, for forming an oriented road section network; (b) acquiring a variety of the vehicular traffic data and information associated with the oriented road section network, from a variety of sources; (c) prioritizing, filtering, and controlling, the vehicular traffic data and information acquired from each of the variety of sources; (d) calculating a mean normalized travel time (NTT) value for each oriented road section of said oriented road section network using the prioritized, filtered, and controlled, vehicular traffic data and information associated with each source, for forming a partial current vehicular traffic situation picture associated with each source; (e) fusing the partial current traffic situation picture associated with each source, for generating a single co
    Type: Grant
    Filed: September 21, 2016
    Date of Patent: November 6, 2018
    Assignee: INRIX, INC.
    Inventors: Israel Feldman, Arie Trinker, Yochai Meltzer, Allon Eshpar, Amnon Lotem
  • Patent number: 9569201
    Abstract: A method for automatically translating a banner information, the method may include receiving by a computer the banner information, wherein the banner information is included in at least one banner and describes an identity of a software product; and translating by the computer the banner information into a unique software product identifier using a content of knowledgebase that comprises an attributes schema and translation rules; wherein each software product is associated with a single unique software product identifier; wherein the unique software product identifier comprises a structured set of attributes; wherein at least one translation rule is a pattern based translation rule; wherein the attributes schema specifies a set of allowable attributes and of allowable values of the attributes.
    Type: Grant
    Filed: July 1, 2013
    Date of Patent: February 14, 2017
    Assignee: SKYBOX SECURITY INC.
    Inventors: Amnon Lotem, Gideon Cohen, Stav Kaufman
  • Patent number: 9552725
    Abstract: A method and system for modeling and processing vehicular traffic data and information, comprising: (a) transforming a spatial representation of a road network into a network of spatially interdependent and interrelated oriented road sections, for forming an oriented road section network; (b) acquiring a variety of the vehicular traffic data and information associated with the oriented road section network, from a variety of sources; (c) prioritizing, filtering, and controlling, the vehicular traffic data and information acquired from each of the variety of sources; (d) calculating a mean normalized travel time (NTT) value for each oriented road section of said oriented road section network using the prioritized, filtered, and controlled, vehicular traffic data and information associated with each source, for forming a partial current vehicular traffic situation picture associated with each source; (e) fusing the partial current traffic situation picture associated with each source, for generating a single co
    Type: Grant
    Filed: December 1, 2004
    Date of Patent: January 24, 2017
    Assignee: INRIX GLOBAL SERVICES LIMITED
    Inventors: Israel Feldman, Arie Trinker, Yochai Meltzer, Allon Eshpar, Amnon Lotem
  • Publication number: 20170011626
    Abstract: A method and system for modeling and processing vehicular traffic data and information, comprising: (a) transforming a spatial representation of a road network into a network of spatially interdependent and interrelated oriented road sections, for forming an oriented road section network; (b) acquiring a variety of the vehicular traffic data and information associated with the oriented road section network, from a variety of sources; (c) prioritizing, filtering, and controlling, the vehicular traffic data and information acquired from each of the variety of sources; (d) calculating a mean normalized travel time (NTT) value for each oriented road section of said oriented road section network using the prioritized, filtered, and controlled, vehicular traffic data and information associated with each source, for forming a partial current vehicular traffic situation picture associated with each source; (e) fusing the partial current traffic situation picture associated with each source, for generating a single co
    Type: Application
    Filed: September 21, 2016
    Publication date: January 12, 2017
    Inventors: Israel Feldman, Arie Trinker, Yochai Meltzer, Allon Eshpar, Amnon Lotem
  • Patent number: 9507944
    Abstract: A method for simulation aided security event management, the method comprises: generating attack simulation information that comprises multiple simulation data items of at least one data item type out of vulnerability instances data items, attack step data items and attack simulation scope data items; wherein the generating of attack simulation information is responsive to a network model, at least one attack starting point and attack action information; identifying security events in response to a correlation between simulation data items and event data; and prioritizing identified security events.
    Type: Grant
    Filed: March 20, 2013
    Date of Patent: November 29, 2016
    Assignee: SKYBOX SECURITY INC.
    Inventors: Amnon Lotem, Gideon Cohen, Lior Ben Naon