Patents by Inventor Avi Tal LICHTENSTEIN
Avi Tal LICHTENSTEIN has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Publication number: 20240146743Abstract: A system and method for detecting potential lateral movement in a cloud computing environment includes detecting a private encryption key and a certificate, each of which further include a hash value of a respective public key, wherein the certificate is stored on a first resource deployed in the cloud computing environment; generating in a security graph: a private key node, a certificate node, and a resource node connected to the certificate node, wherein the security graph is a representation of the cloud computing environment; generating a connection in the security graph between the private key node and the certificate node, in response to determining a match between the hash values of the public key of the private key and the public key of the certificate; and determining that the first resource node is potentially compromised, in response to receiving an indication that an element of the public key is compromised.Type: ApplicationFiled: December 22, 2023Publication date: May 2, 2024Applicant: Wiz, Inc.Inventors: Avi Tal LICHTENSTEIN, Ami LUTTWAK, Yinon COSTICA
-
Publication number: 20240146745Abstract: A system and method for technology stack discovery by performing active inspection of a cloud computing environment utilizing disk cloning is described. The method includes: generating an inspectable disk based on an original disk of a reachable resource, wherein the reachable resource is a cloud object deployed in the cloud computing environment, and accessible from a network which is external to the cloud computing environment; detecting a cybersecurity object on the inspectable disk, the cybersecurity object indicating a cybersecurity issue; selecting a network path including a network protocol to access the reachable resource; and actively inspecting the network path to detect the cybersecurity issue.Type: ApplicationFiled: December 29, 2023Publication date: May 2, 2024Applicant: Wiz, Inc.Inventors: Matilda LIDGI, Shai KEREN, Raaz HERZBERG, Avi Tal LICHTENSTEIN, Ami LUTTWAK, Roy REZNIK, Daniel Hershko SHEMESH, Yarin MIRAN, Yinon COSTICA
-
Publication number: 20240135027Abstract: A system and method for agentless detection of sensitive data in a cloud computing environment is disclosed. The method includes: generating an inspectable disk from a clone of an original disk in a cloud computing environment; inspecting the inspectable disk for a cybersecurity object, the cybersecurity object indicating a sensitive data, the disk deployed in a cloud computing environment; extracting a data schema from the cybersecurity object, in response to detecting the cybersecurity object on the disk; generating a classification of the data schema; detecting in the disk a plurality of data files, each data file including the classified data schema; determining that the data schema corresponds to sensitive data based on the generated classification; generating in a security database: a representation of the data schema, and a representation of each data file; and rendering a visual representation of the cloud computing environment including a representation of the data schema.Type: ApplicationFiled: December 29, 2023Publication date: April 25, 2024Applicant: Wiz, Inc.Inventors: Raaz HERZBERG, Avi Tal LICHTENSTEIN, Roy REZNIK, Ami LUTTWAK, Moran COHEN, Yaniv SHAKED, Yinon COSTICA, George PISHA, Daniel Hershko SHEMESH, Yarin MIRAN
-
Patent number: 11949690Abstract: A system and method for detecting lateral movement based on an exposed cryptographic network protocol (CNP) key in a cloud computing environment. The method includes: inspecting a first workload for a private CNP key, the private CNP key associated with a hash of a public CNP key; detecting in a security database a representation of the public CNP key; generating a lateral movement path, the lateral movement path including an identifier of a second workload, the second workload represented by a representation connected to the representation of the public CNP key.Type: GrantFiled: August 29, 2023Date of Patent: April 2, 2024Assignee: WIZ, INC.Inventors: Avi Tal Lichtenstein, Ami Luttwak, Yinon Costica
-
Publication number: 20240104118Abstract: A system and method for agentless detection of sensitive data in a cloud computing environment includes generating a snapshot from a managed database service, the snapshot including a plurality of data files stored in a bucket on a cloud computing environment; detecting a data object in the plurality of data files, the data object including a data schema and a content; classifying the first data object based on the content, wherein the content is classified as sensitive data or non-sensitive data; and generating a node on a security graph stored in a graph database to represent the first data object and the classification thereof, wherein the security graph further includes a representation of the cloud computing environment.Type: ApplicationFiled: October 24, 2022Publication date: March 28, 2024Applicant: Wiz, Inc.Inventors: Raaz HERZBERG, Avi Tal LICHTENSTEIN, Roy REZNIK, Ami LUTTWAK, Moran COHEN, Yaniv SHAKED, Yinon COSTICA, George PISHA
-
Publication number: 20240104235Abstract: A system and method for agentless detection of sensitive data in a cloud computing environment includes generating a snapshot from a managed database service, the snapshot including a plurality of data files stored in a bucket on a cloud computing environment; deploying a virtual instance based on the snapshot to generate a database, the database including a database management system (DBMS); querying the DBMS to fetch data from the database; classifying the fetched data, wherein the fetched data is classified as sensitive data or non-sensitive data; and generating a node on a security graph stored in a graph database to represent the fetched data and the classification thereof, wherein the security graph includes a representation of the cloud computing environment.Type: ApplicationFiled: October 24, 2022Publication date: March 28, 2024Applicant: Wiz, Inc.Inventors: Raaz HERZBERG, Avi Tal LICHTENSTEIN, Roy REZNIK, Ami LUTTWAK, Moran COHEN, Yaniv SHAKED, Yinon COSTICA, George PISHA
-
Publication number: 20240104240Abstract: A system and method for agentless detection of sensitive data in a cloud computing environment. The method includes detecting a first data object including a data schema and a content in a cloud computing environment; detecting a second data object, having the data schema of the first data object; generating in a security graph: a first data object node representing the first data object, a second data object node representing the second data object, and a data schema node representing the data schema; storing a classification based on the content in the security graph, wherein the content is classified as sensitive data or non-sensitive data; and rendering an output based on the classification and the data schema node, in lieu of the first data object node and the second data object node, in response to receiving a query to detect a node representing a data object classified as sensitive data.Type: ApplicationFiled: October 24, 2022Publication date: March 28, 2024Applicant: Wiz, Inc.Inventors: Raaz HERZBERG, Avi Tal LICHTENSTEIN, Roy REZNIK, Ami LUTTWAK, Moran COHEN, Yaniv SHAKED, Yinon COSTICA, George PISHA
-
Patent number: 11916926Abstract: A system and method for detecting potential lateral movement in a cloud computing environment includes detecting a private encryption key and a certificate, each of which further include a hash value of a respective public key, wherein the certificate is stored on a first resource deployed in the cloud computing environment; generating in a security graph: a private key node, a certificate node, and a resource node connected to the certificate node, wherein the security graph is a representation of the cloud computing environment; generating a connection in the security graph between the private key node and the certificate node, in response to determining a match between the hash values of the public key of the private key and the public key of the certificate; and determining that the first resource node is potentially compromised, in response to receiving an indication that an element of the public key is compromised.Type: GrantFiled: September 29, 2023Date of Patent: February 27, 2024Assignee: Wiz, Inc.Inventors: Avi Tal Lichtenstein, Ami Luttwak, Yinon Costica
-
Publication number: 20240054228Abstract: A system and method for performing active inspection of a cloud computing environment includes selecting a reachable resource, having a network path to access the reachable resource, wherein the reachable resource is a cloud object deployed in the cloud computing environment, and accessible from a network which is external to the cloud computing environment; determining a network protocol for the network path; and actively inspecting the network path to determine if an application utilizing the network protocol is deployed on the reachable resource as part of a technology stack of the reachable resource.Type: ApplicationFiled: August 10, 2022Publication date: February 15, 2024Applicant: Wiz, Inc.Inventors: Matilda LIDGI, Shai KEREN, Raaz HERZBERG, Avi Tal LICHTENSTEIN, Ami LUTTWAK, Roy REZNIK
-
Publication number: 20240054229Abstract: A system and method for detecting an application path utilizing active inspection of a cloud computing environment, includes selecting a reachable resource having at least one network path to access the reachable resource, wherein the reachable resource is a cloud object deployed in the cloud computing environment, and accessible from a network which is external to the cloud computing environment; selecting a second resource having a second network path based on the network path of the reachable resource; and actively inspecting the second network path to determine if the second resource is accessible through the second network path from the reachable resource.Type: ApplicationFiled: August 10, 2022Publication date: February 15, 2024Applicant: Wiz, Inc.Inventors: Matilda LIDGI, Shai KEREN, Raaz HERZBERG, Avi Tal LICHTENSTEIN, Ami LUTTWAK, Roy REZNIK
-
Publication number: 20240048580Abstract: A method for detecting escalation paths in a cloud environment is provided. The method includes accessing a security graph representing cloud objects and their connections in the cloud environment; analyzing each cloud object to detect an escalation hop from a current cloud object to a next cloud object, wherein the analysis is based, in part, on a plurality of risk factors and reachability parameters determined for each cloud object; and marking the security graph with each identified escalation path in the security graph, wherein an escalation path is a collection of escalation hops from a source cloud object to a destination cloud object.Type: ApplicationFiled: October 10, 2023Publication date: February 8, 2024Applicant: Wiz, Inc.Inventors: Ami LUTTWAK, Yinon COSTICA, Assaf RAPPAPORT, Avi Tal LICHTENSTEIN, Roy REZNIK
-
Publication number: 20240048566Abstract: A system and method for detecting potential lateral movement in a cloud computing environment includes detecting a private encryption key and a certificate, each of which further include a hash value of a respective public key, wherein the certificate is stored on a first resource deployed in the cloud computing environment; generating in a security graph: a private key node, a certificate node, and a resource node connected to the certificate node, wherein the security graph is a representation of the cloud computing environment; generating a connection in the security graph between the private key node and the certificate node, in response to determining a match between the hash values of the public key of the private key and the public key of the certificate; and determining that the first resource node is potentially compromised, in response to receiving an indication that an element of the public key is compromised.Type: ApplicationFiled: September 29, 2023Publication date: February 8, 2024Applicant: Wiz, Inc.Inventors: Avi Tal LICHTENSTEIN, Ami LUTTWAK, Yinon COSTICA
-
Publication number: 20240031376Abstract: A system and method for detecting potential lateral movement using cloud keys in a cloud computing environment includes determining a first node in a security graph is a compromised node, wherein the security graph represents cloud entities of the cloud computing environment; detecting a cloud key node connected to the first node, wherein the cloud key node represents a cloud key of the cloud computing environment; and generating a potential lateral movement path, including the first node, and a second node, wherein the second node is connected to the cloud key node.Type: ApplicationFiled: September 26, 2023Publication date: January 25, 2024Applicant: Wiz, Inc.Inventors: Avi Tal LICHTENSTEIN, Ami LUTTWAK, Daniel Hershko SHEMESH
-
Publication number: 20230421573Abstract: A system and method for detecting lateral movement based on an exposed cryptographic network protocol (CNP) key in a cloud computing environment. The method includes: inspecting a first workload for a private CNP key, the private CNP key associated with a hash of a public CNP key; detecting in a security database a representation of the public CNP key; generating a lateral movement path, the lateral movement path including an identifier of a second workload, the second workload represented by a representation connected to the representation of the public CNP key.Type: ApplicationFiled: August 29, 2023Publication date: December 28, 2023Applicant: Wiz, Inc.Inventors: Avi Tal LICHTENSTEIN, Ami LUTTWAK, Yinon COSTICA
-
Patent number: 11811786Abstract: A system and method for detecting potential lateral movement in a cloud computing environment includes detecting a private encryption key and a certificate, each of which further include a hash value of a respective public key, wherein the certificate is stored on a first resource deployed in the cloud computing environment; generating in a security graph: a private key node, a certificate node, and a resource node connected to the certificate node, wherein the security graph is a representation of the cloud computing environment; generating a connection in the security graph between the private key node and the certificate node, in response to determining a match between the hash values of the public key of the private key and the public key of the certificate; and determining that the first resource node is potentially compromised, in response to receiving an indication that an element of the public key is compromised.Type: GrantFiled: March 31, 2022Date of Patent: November 7, 2023Assignee: WIZ, INC.Inventors: Avi Tal Lichtenstein, Ami Luttwak, Yinon Costica
-
Patent number: 11811787Abstract: A system and method for detecting potential lateral movement using cloud keys in a cloud computing environment includes determining a first node in a security graph is a compromised node, wherein the security graph represents cloud entities of the cloud computing environment; detecting a cloud key node connected to the first node, wherein the cloud key node represents a cloud key of the cloud computing environment; and generating a potential lateral movement path, including the first node, and a second node, wherein the second node is connected to the cloud key node.Type: GrantFiled: March 31, 2022Date of Patent: November 7, 2023Assignee: WIZ, INC.Inventors: Avi Tal Lichtenstein, Ami Luttwak, Daniel Hershko Shemesh
-
Patent number: 11799874Abstract: A system and method for detecting lateral movement based on a compromised cryptographic network protocol (CNP) key in a cloud computing environment includes inspecting a workload for a private CNP key, including metadata and a public CNP key hash; storing in a security graph: a private CNP key node representing the private CNP key, and a workload node representing the workload, wherein the security graph represents the cloud computing environment in which the workload is deployed; connecting in the security graph the private CNP key node to a public CNP key node in response to determining that the public CNP key hash of the private CNP key matches a public key hash associated with the public CNP key node; and generating a lateral movement path in response to determining that the private CNP key is compromised, the path including another workload node connected to the public CNP key.Type: GrantFiled: March 31, 2022Date of Patent: October 24, 2023Assignee: WIZ, INC.Inventors: Avi Tal Lichtenstein, Ami Luttwak, Yinon Costica
-
Publication number: 20230336554Abstract: A system and method for performing active inspection of a cloud computing environment includes receiving at least one network path to access a first resource, wherein the first resource is a cloud object deployed in the cloud computing environment, and potentially accessible from a network which is external to the cloud computing environment; and actively inspecting the at least one network path to determine if the first resource is accessible through the at least one network path from a network external to the cloud computing environment.Type: ApplicationFiled: April 13, 2022Publication date: October 19, 2023Applicant: Wiz, Inc.Inventors: Matilda LIDGI, Shai KEREN, Raaz HERZBERG, Avi Tal LICHTENSTEIN, Ami LUTTWAK, Roy REZNIK
-
Publication number: 20230336578Abstract: A system and method for performing active inspection of vulnerability exploitation in a cloud computing environment. The method includes receiving at least one network path to access a first resource, wherein the first resource is a cloud object is deployed in the cloud computing environment and having a known vulnerability, wherein the first resource is potentially accessible from a network which is external to the cloud computing environment; actively inspecting the at least one network path to determine if the first resource is accessible through the at least one network path from a network external to the cloud computing environment; and triggering the known vulnerability to determine if the first resource can be exploited with the known vulnerability, in response to determining that the first resource is accessible through the external network.Type: ApplicationFiled: April 13, 2022Publication date: October 19, 2023Applicant: Wiz, Inc.Inventors: Matilda LIDGI, Shai KEREN, Raaz HERZBERG, Avi Tal LICHTENSTEIN, Ami LUTTWAK, Roy REZNIK
-
Publication number: 20230336550Abstract: A system and method for performing authorization based active inspection of network paths for a resource, deployed in a cloud computing environment, includes receiving at least one network path to access the resource, wherein the resource is a cloud object deployed in the cloud computing environment, and potentially accessible from a network which is external to the cloud computing environment; and actively inspecting the at least one network path to determine if the resource is accessible through the at least one network path from a network external to the cloud computing environment and requires access authorization.Type: ApplicationFiled: April 13, 2022Publication date: October 19, 2023Applicant: Wiz, Inc.Inventors: Matilda LIDGI, Shai KEREN, Raaz HERZBERG, Avi Tal LICHTENSTEIN, Ami LUTTWAK, Roy REZNIK