Patents by Inventor Ariel Futoransky

Ariel Futoransky has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).

  • Publication number: 20200058023
    Abstract: A blockchain-based, decentralized data marketplace is described. The marketplace allows data sellers to sell their data to data buyers in exchange for payments in tokens. The marketplace allows for securely and anonymously selling data in a trusted environment that is also fair to all participants and provides data sellers with the ability to control and monetize their own data (e.g., personal data). A notary with access to “ground truth” data can validate data that is being offered in the marketplace to ensure that it is not falsified or fabricated before it is purchased by a data buyer. The marketplace implements blockchain-based smart contracts that work together, and with cryptographic protocols, to achieve an efficient, decentralized data marketplace where data sellers and data buyers transact directly with one another while remaining anonymous, if desired.
    Type: Application
    Filed: August 13, 2019
    Publication date: February 20, 2020
    Inventors: Matias Travizano, Martin Minnoni, Daniel Fernandez, Ariel Futoransky, Gustavo Ezequiel Ajzenman, Carlos Sarraute
  • Patent number: 9183397
    Abstract: A system for providing automated computer security compromise as a service, contains a web server having a web front end running on the web server. The Web server has stored therein pentest definitions. A command and control component processes the pentest definitions, builds pentest task tickets and reporting task tickets, and monitors at least one penetration tester component and/or at least one report generator component. The command and control component interacts with a cloud computing environment to scale up or down the number of penetration tester components and the number of report generator components, and assigns task tickets to the penetration tester and report generator components. At least one penetration tester component runs penetration testing modules available inside the penetration testing framework as instructed by the pentest task tickets. At least one reporter generator component generates reports based on the reporting tasks tickets generated by the command and control service.
    Type: Grant
    Filed: June 5, 2012
    Date of Patent: November 10, 2015
    Assignee: Core SDI Incorporated
    Inventors: Ariel Futoransky, Aureliano Emanuel Calvo, Fernando Russ Federico Russ, Jorge Lucangeli Obes, Ariel Waissbein, Alejandro Javier Frydman, Ezequiel David Gutesman, Pedro Oscar Varangot
  • Publication number: 20140237606
    Abstract: A system for providing automated computer security compromise as a service, contains a web server having a web front end running on the web server. The Web server has stored therein pentest definitions. A command and control component processes the pentest definitions, builds pentest task tickets and reporting task tickets, and monitors at least one penetration tester component and/or at least one report generator component. The command and control component interacts with a cloud computing environment to scale up or down the number of penetration tester components and the number of report generator components, and assigns task tickets to the penetration tester and report generator components. At least one penetration tester component runs penetration testing modules available inside the penetration testing framework as instructed by the pentest task tickets. At least one reporter generator component generates reports based on the reporting tasks tickets generated by the command and control service.
    Type: Application
    Filed: June 5, 2012
    Publication date: August 21, 2014
    Applicant: Core SDI Incorporated
    Inventors: Ariel Futoransky, Aureliano Emanuel Calvo, Alejandro Javier Frydman, Ezequiel David Gutesman, Pedro Oscar Varangot, Fernando Russ Federico Russ, Jorge Lucangeli Obes, Ariel Waissbein
  • Patent number: 8490193
    Abstract: A system and method for automated probabilistic planning of network attacks against infrastructures of computer networks and applications is provided. The embodiments automate the analysis and probabilistic planning of multi-step attacks to computer and application networks (in particular in the context of automating penetration tests), optimizing with respect to one of the following metrics: the probability of success of the actions, a numerical parameter that must be minimized (e.g., running time), or the number of logs generated by the control devices in the target network.
    Type: Grant
    Filed: September 8, 2010
    Date of Patent: July 16, 2013
    Assignee: Core Security Technologies
    Inventors: Carlos Emilio Sarraute Yamada, Ariel Futoransky, Gerardo Gabriel Richarte, Jorge Lucangeli Obes
  • Patent number: 8484738
    Abstract: A system and method provide application penetration testing. The system contains logic configured to find at least one vulnerability in the application so as to gain access to data associated with the application, logic configured to confirm the vulnerability and determine if the application can be compromised, and logic configured to compromise and analyze the application by extracting or manipulating data from a database associated with the application. In addition, the method provides for penetration testing of a target by: receiving at least one confirmed vulnerability of the target; receiving a method for compromising the confirmed vulnerability of the target; installing a network agent on the target in accordance with the method, wherein the network agent allows a penetration tester to execute arbitrary operating system commands on the target; and executing the arbitrary operating system commands on the target to analyze risk to which the target may be exposed.
    Type: Grant
    Filed: March 6, 2008
    Date of Patent: July 9, 2013
    Assignee: Core SDI Incorporated
    Inventors: Alberto Gustavo Soliño Testa, Gerardo Gabriel Richarte, Fernando Federico Russ, Diego Martin Kelyacoubian, Ariel Futoransky, Diego Bartolome Tiscornia, Ariel Waissbein, Hector Adrian Manrique, Javier Ricardo De Acha Campos, Eduardo Arias, Sebastian Pablo Cufre, Axel Elián Brzostowski
  • Patent number: 8356353
    Abstract: The present invention provides a system and method for providing computer network attack simulation. The method includes the steps of: receiving a network configuration and setup description; simulating the network configuration based on the received network configuration; receiving at least one confirmed vulnerability of at least one computer, machine, or network device in the simulated network; receiving a method for compromising the confirmed vulnerability of the at least one computer, machine, or network device; and virtually installing a network agent on the at least one computer, machine, or network device, wherein the network agent allows a penetration tester to execute arbitrary operating system calls on the at least one computer, machine, or network device.
    Type: Grant
    Filed: June 26, 2008
    Date of Patent: January 15, 2013
    Assignee: Core SDI, Incorporated
    Inventors: Ariel Futoransky, Fernando Carlos Miranda, Jose Ignacio Orlicki, Carlos Emilio Sarraute Yamada
  • Patent number: 8146135
    Abstract: Method, system, and computer code for implementing privacy protection in a web application, wherein the web application is executed in a web application language execution environment within a web server, the method containing the steps of: establishing at least one inbound tagging rule for tagging objects entering the web application language execution environment, referred to as inbound objects, according to a respective source of each of the inbound objects; assigning a tag to at least one of the inbound objects being operated on by the web application language execution environment based on the at least one inbound tagging rule; establishing at least one privacy rule for performing privacy actions on at least one object that is outbound from the web application language execution environment, referred to as outbound objects, according to a respective tag of each of the outbound objects; and performing a privacy action on the at least one outbound object being operated on by the web application language ex
    Type: Grant
    Filed: October 21, 2010
    Date of Patent: March 27, 2012
    Assignee: Core SDI, Incorporated
    Inventors: Ariel Waissbein, Ariel Futoransky, Diego Bartolome Tiscornia, Ezequiel David Gutesman
  • Publication number: 20110113468
    Abstract: Method, system, and computer code for implementing privacy protection in a web application, wherein the web application is executed in a web application language execution environment within a web server, the method containing the steps of: establishing at least one inbound tagging rule for tagging objects entering the web application language execution environment, referred to as inbound objects, according to a respective source of each of the inbound objects; assigning a tag to at least one of the inbound objects being operated on by the web application language execution environment based on the at least one inbound tagging rule; establishing at least one privacy rule for performing privacy actions on at least one object that is outbound from the web application language execution environment, referred to as outbound objects, according to a respective tag of each of the outbound objects; and performing a privacy action on the at least one outbound object being operated on by the web application language ex
    Type: Application
    Filed: October 21, 2010
    Publication date: May 12, 2011
    Applicant: Core Security Technologies
    Inventors: Ariel Waissbein, Ariel Futoransky, Diego Bartolome Tiscornia, Ezequiel David Gutesman
  • Publication number: 20110061104
    Abstract: A system and method for automated probabilistic planning of network attacks against infrastructures of computer networks and applications is provided. The embodiments automate the analysis and probabilistic planning of multi-step attacks to computer and application networks (in particular in the context of automating penetration tests), optimizing with respect to one of the following metrics: the probability of success of the actions, a numerical parameter that must be minimized (e.g., running time), or the number of logs generated by the control devices in the target network.
    Type: Application
    Filed: September 8, 2010
    Publication date: March 10, 2011
    Applicant: CORE SDI, INC.
    Inventors: Carlos Emilio Sarraute Yamada, Ariel Futoransky, Gerardo Gabriel Richarte, Jorge Lucangeli Obes
  • Patent number: 7831995
    Abstract: Method, system, and computer code for implementing security and privacy policy in a web application having an execution environment in which a representation of each object handled by the execution environment accommodates data and an associated tag. An inbound tagging rule is established for tagging inbound objects according to a respective source of each of the inbound objects. A tag is assigned to an object being operated on by the execution environment based on the inbound tagging rule. A security/privacy rule is established for performing security/privacy actions on outbound objects according to a respective tag of each of the outbound objects. A security/privacy action is performed on the object being operated on by the execution environment based on the security/privacy rule.
    Type: Grant
    Filed: October 31, 2005
    Date of Patent: November 9, 2010
    Assignee: CORE, SDI, Inc.
    Inventors: Ariel Futoransky, Ariel Waissbein, Diego Bartolome Tiscornia, Ezequiel Gutesman
  • Patent number: 7549147
    Abstract: A method for protecting software is provided, where source code for the software has a first directive marking an encryption beginning point and a second directive marking an encryption end point. The method contains the steps of: processing the source code to identify a block of code between the first and second directives; compiling the source code to produce a binary file; generating a valid key and a random string; encrypting the random string with the key to obtain a first encrypted value; encrypting a portion of the binary file corresponding to the block of code with the valid key to obtain a second encrypted value; and replacing the portion of the binary file corresponding to the block of code with the second encrypted value and code that can decrypt the second encrypted value during execution of the software.
    Type: Grant
    Filed: April 15, 2003
    Date of Patent: June 16, 2009
    Assignee: Core SDI, Incorporated
    Inventors: Ariel Futoransky, Carlos Emilio Sarraute Yamada, Diego Ariel Bendersky, Luciano Notarfrancesco, Ariel Waissbein
  • Publication number: 20090007270
    Abstract: The present invention provides a system and method for providing computer network attack simulation. The method includes the steps of: receiving a network configuration and setup description; simulating the network configuration based on the received network configuration; receiving at least one confirmed vulnerability of at least one computer, machine, or network device in the simulated network; receiving a method for compromising the confirmed vulnerability of the at least one computer, machine, or network device; and virtually installing a network agent on the at least one computer, machine, or network device, wherein the network agent allows a penetration tester to execute arbitrary operating system calls on the at least one computer, machine, or network device.
    Type: Application
    Filed: June 26, 2008
    Publication date: January 1, 2009
    Applicant: Core SDI, Inc
    Inventors: Ariel Futoransky, Fernando Carlos Miranda, Jose Ignacio Orlicki, Carlos Emilio Sarraute Yamada
  • Publication number: 20080263671
    Abstract: A system and method provide application penetration testing. The system contains logic configured to find at least one vulnerability in the application so as to gain access to data associated with the application, logic configured to confirm the vulnerability and determine if the application can be compromised, and logic configured to compromise and analyze the application by extracting or manipulating data from a database associated with the application. In addition, the method provides for penetration testing of a target by: receiving at least one confirmed vulnerability of the target; receiving a method for compromising the confirmed vulnerability of the target; installing a network agent on the target in accordance with the method, wherein the network agent allows a penetration tester to execute arbitrary operating system commands on the target; and executing the arbitrary operating system commands on the target to analyze risk to which the target may be exposed.
    Type: Application
    Filed: March 6, 2008
    Publication date: October 23, 2008
    Applicant: Core SDI, Incorporated
    Inventors: Alberto Gustavo Solino Testa, Gerardo Gabriel Richarte, Fernando Federico Russ, Diego Martin Kelyacoubian, Ariel Futoransky, Diego Bartolome Tiscornia, Ariel Waissbein, Hector Adrian Manrique, Javier Ricardo De Acha Campos, Eduardo Arias, Sebastian Pablo Cufre, Axel Elian Brzostowski
  • Publication number: 20060143688
    Abstract: Method, system, and computer code for implementing security and privacy policy in a web application having an execution environment in which a representation of each object handled by the execution environment accommodates data and an associated tag. An inbound tagging rule is established for tagging inbound objects according to a respective source of each of the inbound objects. A tag is assigned to an object being operated on by the execution environment based on the inbound tagging rule. A security/privacy rule is established for performing security/privacy actions on outbound objects according to a respective tag of each of the outbound objects. A security/privacy action is performed on the object being operated on by the execution environment based on the security/privacy rule.
    Type: Application
    Filed: October 31, 2005
    Publication date: June 29, 2006
    Applicant: CORE SDI, Incorporated
    Inventors: Ariel Futoransky, Ariel Waissbein, Diego Tiscornia, Ezequiel Gutesman
  • Publication number: 20030220940
    Abstract: A system and method are provided for analyzing audit log data. Text strings from a plurality of devices are stored in a log database, each of the text strings being indicative of an audit event in the respective device. At least a portion of the text strings are retrieved from the log database and the retrieved text strings are parsed according to pre-defined parsing rules. Each of the retrieved text strings is mapped to a respective audit event. The retrieved text strings are mapped based on the respective audit event. Representations of the filtered text strings are displayed on a grid using color-coded areas. The horizontal axis of the grid represents a first time scale and the vertical axis of the grid represents a second time scale different from the first time scale.
    Type: Application
    Filed: April 15, 2003
    Publication date: November 27, 2003
    Applicant: Core SDI, Incorporated
    Inventors: Ariel Futoransky, Emiliano Kargieman, Diego Ariel Bendersky, Luciano Notarfrancesco, Gerardo Gabriel Richarte, Ivan Francisco Arce, Alejo Sanchez, Diego Ariel Aizemberg
  • Publication number: 20030221116
    Abstract: A security framework is provided for protecting software. The source code for the software has directives marking portions of the source code to be modified or encrypted. The source code is modified using a random factor based on the directives. The source code is compiled to produce a binary file. Source code starting and ending lines and binary file positions of each of the blocks to be encrypted are stored. Portions of the binary file that correspond to each of these blocks are encrypted. Each of these blocks is decrypted when a function inside the block is required during execution of the software.
    Type: Application
    Filed: April 15, 2003
    Publication date: November 27, 2003
    Applicant: Core SDI, Incorporated
    Inventors: Ariel Futoransky, Carlos Emilio Sarraute Yamada, Diego Ariel Bendersky, Luciano Notarfrancesco, Ariel Waissbein
  • Publication number: 20030177376
    Abstract: A system is provided for controlling access to information technology assets in a computer network. The system includes a ticket manager server configured to generate tickets based on user data in a master database. A ticket manager client, resident on a workstation, is configured to receive tickets from the ticket manager server and distribute resource data obtained from the tickets to network security modules. The user data includes resource registers, each of which has a type field designating a particular security module, resource data for use by the designated security module, and an execution domain field that exclusively designates an execution environment in which the designated security module can use the resource data.
    Type: Application
    Filed: January 30, 2003
    Publication date: September 18, 2003
    Applicant: Core SDI, Inc.
    Inventors: Ivan Francisco Fernando Arce Velleggia, Ariel Futoransky, Gerardo Gabriel Richarte, Emiliano Kargieman, Carlos Hernan Ochoa