Patents by Inventor Chen Lahav
Chen Lahav has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Publication number: 20260135887Abstract: Methods, systems, and computer storage media for providing security incident management using a security graph layering engine in a security management system. Security incident management is provided using the security graph layering engine that include multi-layer security graph that supports querying a security graph using a multi-layer representation of data associated with security graph. In operation, a security graph associated with a plurality of security resources in a cloud environment is accessed. Based on accessing the security graph, a multi-layer security graph is generated. The multi-layer security graph is a multi-layer representation of the security. The multi-layer security graph is deployed. A security query associated with the multi-layer security graph is accessed. The security query is executed based on the multi-layer security graph, executing the security query generates a query result.Type: ApplicationFiled: January 8, 2026Publication date: May 14, 2026Inventors: Chen LAHAV, idan Yohoshua hen
-
Publication number: 20260099608Abstract: Systems, methods, and techniques are directed to reducing cardinality in graphs of network-based computer systems. In an example, a graph representative of resources in the network-based computer system is generated. The graph comprises nodes representative of resources and edges between nodes representative of relationships between respective nodes. A level of structural similarity between first and second nodes to satisfy a structural similarity criterion. The first and second nodes are grouped in a grouped node, resulting in a modified graph. A security vulnerability of the computer system is identified based on the modified graph. Performance of a mitigation step with respect to the security vulnerability is caused. In another aspect, an edge associated with the first node is grouped in a grouped edge with an edge associated with the second node. In another aspect, a grouped node is grouped with another grouped node as a parent grouped node.Type: ApplicationFiled: October 3, 2024Publication date: April 9, 2026Inventors: Andrey KARPOVSKY, Amir PIROGOVSKY, Chen LAHAV, Tamer SALMAN, Lital BADASH
-
Patent number: 12531911Abstract: Methods, systems, and computer storage media for providing security incident management using a security graph layering engine in a security management system. Security incident management is provided using the security graph layering engine that include multi-layer security graph that supports querying a security graph using a multi-layer representation of data associated with security graph. In operation, a security graph associated with a plurality of security resources in a cloud environment is accessed. Based on accessing the security graph, a multi-layer security graph is generated. The multi-layer security graph is a multi-layer representation of the security. The multi-layer security graph is deployed. A security query associated with the multi-layer security graph is accessed. The security query is executed based on the multi-layer security graph, executing the security query generates a query result.Type: GrantFiled: May 9, 2023Date of Patent: January 20, 2026Assignee: Microsoft Technology Licensing, LLCInventors: Chen Lahav, Idan Yehoshua Hen
-
Publication number: 20250159016Abstract: Methods, systems, and computer storage media for providing attack path discovery management using an attack path discovery engine of a security management system. Attack path discovery management supports automatic attack path discovery that involves identifying and mapping potential pathways that attackers could use to infiltrate computing environments. In operation, an attack path discovery computation model comprising an entry point element, an advancement step element, and a target element, is accessed. A computing environment graph comprising computing components of a computing environment is accessed. Based on the entry point element, an entry point is identified in the computing graph; based on the advancement step element, an advancement step is identified in the computing environment graph; and based on the target element, a target is identified in the computing environment graph. An attack path is generated based on the entry point, the advancement steps, and the target.Type: ApplicationFiled: November 13, 2023Publication date: May 15, 2025Inventors: Idan HEN, Amit MAGEN MEDINA, Chen LAHAV, Alon DANOCH, Asaf HARARI, Aviv SHITRIT, Lior ZIV
-
Publication number: 20250097268Abstract: A computing system comprises one or more processors configured to obtain two or more security graphs that at least partially overlap. Each security graph comprises a plurality of nodes and at least one edge. The at least one edge represents a potential security vulnerability. Each node is classified as a permission scope node or a floating node. Each of the permission scope nodes is sorted into a respective permission scope profile. For each floating node that matches another floating node, such matching floating nodes are unified into a unified floating node. A set of edges that connects the sorted permission scope nodes and the unified floating nodes is defined based on the at least one edge of each security graph of the two or more security graphs. An interconnected security graph is output comprising the sorted permission scope nodes, the unified floating nodes, and the set of edges.Type: ApplicationFiled: September 14, 2023Publication date: March 20, 2025Applicant: Microsoft Technology Licensing, LLCInventors: Chen LAHAV, Idan HEN, Smadar CARMEL
-
Publication number: 20240380785Abstract: Methods, systems, and computer storage media for providing security incident management using a security graph layering engine in a security management system. Security incident management is provided using the security graph layering engine that include multi-layer security graph that supports querying a security graph using a multi-layer representation of data associated with security graph. In operation, a security graph associated with a plurality of security resources in a cloud environment is accessed. Based on accessing the security graph, a multi-layer security graph is generated. The multi-layer security graph is a multi-layer representation of the security. The multi-layer security graph is deployed. A security query associated with the multi-layer security graph is accessed. The security query is executed based on the multi-layer security graph, executing the security query generates a query result.Type: ApplicationFiled: May 9, 2023Publication date: November 14, 2024Inventors: Chen LAHAV, Idan Yehoshua HEN
-
Patent number: 11500626Abstract: Methods for intelligent automatic merging of source control queue items are performed by systems and apparatuses. Project changes are submitted in build requests to a gated check-in build queue requiring successful builds to commit changes to a code repository according to source control. Multiple pending build requests in the build queue are intelligently and automatically merged into a single, pending merged request based on risk factor values associated with the build requests. For merged requests successfully built, files in the build requests are committed and the build requests are removed from the queue. Merged requests unsuccessfully built are divided into equal subsets based on updated risk factor values using information from the unsuccessful build. Successful builds of subsets allow for committing of files and removal from the build queue, while unsuccessful builds are further divided and processed until single build requests are processed to identify root cause errors.Type: GrantFiled: May 8, 2020Date of Patent: November 15, 2022Assignee: MICROSOFT TECHNOLOGY LICENSING, LLCInventors: Elad Iwanir, Gal Tamir, Mario A. Rodriguez, Chen Lahav
-
Publication number: 20200264871Abstract: Methods for intelligent automatic merging of source control queue items are performed by systems and apparatuses. Project changes are submitted in build requests to a gated check-in build queue requiring successful builds to commit changes to a code repository according to source control. Multiple pending build requests in the build queue are intelligently and automatically merged into a single, pending merged request based on risk factor values associated with the build requests. For merged requests successfully built, files in the build requests are committed and the build requests are removed from the queue. Merged requests unsuccessfully built are divided into equal subsets based on updated risk factor values using information from the unsuccessful build. Successful builds of subsets allow for committing of files and removal from the build queue, while unsuccessful builds are further divided and processed until single build requests are processed to identify root cause errors.Type: ApplicationFiled: May 8, 2020Publication date: August 20, 2020Inventors: Elad Iwanir, Gal Tamir, Mario A. Rodriguez, Chen Lahav
-
Patent number: 10715533Abstract: A system for detecting by a cloud service a ransomware attack on a client device is provided. The system monitors changes to files of the client device that are stored by the cloud service. The system assesses whether a change to a file appears to be malicious in that the change may be caused by ransomware. When the change to the file appears to be malicious, the system performs a countermeasure to prevent synchronization of files of the client device with other client devices and with the cloud service to prevent the propagating of files from the client device, which is undergoing a ransomware attack.Type: GrantFiled: December 9, 2016Date of Patent: July 14, 2020Assignee: MICROSOFT TECHNOLOGY LICENSING, LLC.Inventors: Elad Iwanir, Chen Lahav, Gal Tamir
-
Patent number: 10691449Abstract: Methods for intelligent automatic merging of source control queue items are performed by systems and apparatuses. Project changes are submitted in build requests to a gated check-in build queue requiring successful builds to commit changes to a code repository according to source control. Multiple pending build requests in the build queue are intelligently and automatically merged into a single, pending merged request based on risk factor values associated with the build requests. For merged requests successfully built, files in the build requests are committed and the build requests are removed from the queue. Merged requests unsuccessfully built are divided into equal subsets based on updated risk factor values using information from the unsuccessful build. Successful builds of subsets allow for committing of files and removal from the build queue, while unsuccessful builds are further divided and processed until single build requests are processed to identify root cause errors.Type: GrantFiled: April 27, 2017Date of Patent: June 23, 2020Assignee: Microsoft Technology Licensing, LLCInventors: Elad Iwanir, Gal Tamir, Mario A. Rodriguez, Chen Lahav
-
Publication number: 20180314517Abstract: Methods for intelligent automatic merging of source control queue items are performed by systems and apparatuses. Project changes are submitted in build requests to a gated check-in build queue requiring successful builds to commit changes to a code repository according to source control. Multiple pending build requests in the build queue are intelligently and automatically merged into a single, pending merged request based on risk factor values associated with the build requests. For merged requests successfully built, files in the build requests are committed and the build requests are removed from the queue. Merged requests unsuccessfully built are divided into equal subsets based on updated risk factor values using information from the unsuccessful build. Successful builds of subsets allow for committing of files and removal from the build queue, while unsuccessful builds are further divided and processed until single build requests are processed to identify root cause errors.Type: ApplicationFiled: April 27, 2017Publication date: November 1, 2018Inventors: Elad Iwanir, Gal Tamir, Mario A. Rodriguez, Chen Lahav
-
Publication number: 20180034835Abstract: A system for detecting by a cloud service a ransomware attack on a client device is provided. The system monitors changes to files of the client device that are stored by the cloud service. The system assesses whether a change to a file appears to be malicious in that the change may be caused by ransomware. When the change to the file appears to be malicious, the system performs a countermeasure to prevent synchronization of files of the client device with other client devices and with the cloud service to prevent the propagating of files from the client device, which is undergoing a ransomware attack.Type: ApplicationFiled: December 9, 2016Publication date: February 1, 2018Inventors: Elad Iwanir, Chen Lahav, Gal Tamir