Patents by Inventor Chen Lahav

Chen Lahav has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).

  • Publication number: 20260135887
    Abstract: Methods, systems, and computer storage media for providing security incident management using a security graph layering engine in a security management system. Security incident management is provided using the security graph layering engine that include multi-layer security graph that supports querying a security graph using a multi-layer representation of data associated with security graph. In operation, a security graph associated with a plurality of security resources in a cloud environment is accessed. Based on accessing the security graph, a multi-layer security graph is generated. The multi-layer security graph is a multi-layer representation of the security. The multi-layer security graph is deployed. A security query associated with the multi-layer security graph is accessed. The security query is executed based on the multi-layer security graph, executing the security query generates a query result.
    Type: Application
    Filed: January 8, 2026
    Publication date: May 14, 2026
    Inventors: Chen LAHAV, idan Yohoshua hen
  • Publication number: 20260099608
    Abstract: Systems, methods, and techniques are directed to reducing cardinality in graphs of network-based computer systems. In an example, a graph representative of resources in the network-based computer system is generated. The graph comprises nodes representative of resources and edges between nodes representative of relationships between respective nodes. A level of structural similarity between first and second nodes to satisfy a structural similarity criterion. The first and second nodes are grouped in a grouped node, resulting in a modified graph. A security vulnerability of the computer system is identified based on the modified graph. Performance of a mitigation step with respect to the security vulnerability is caused. In another aspect, an edge associated with the first node is grouped in a grouped edge with an edge associated with the second node. In another aspect, a grouped node is grouped with another grouped node as a parent grouped node.
    Type: Application
    Filed: October 3, 2024
    Publication date: April 9, 2026
    Inventors: Andrey KARPOVSKY, Amir PIROGOVSKY, Chen LAHAV, Tamer SALMAN, Lital BADASH
  • Patent number: 12531911
    Abstract: Methods, systems, and computer storage media for providing security incident management using a security graph layering engine in a security management system. Security incident management is provided using the security graph layering engine that include multi-layer security graph that supports querying a security graph using a multi-layer representation of data associated with security graph. In operation, a security graph associated with a plurality of security resources in a cloud environment is accessed. Based on accessing the security graph, a multi-layer security graph is generated. The multi-layer security graph is a multi-layer representation of the security. The multi-layer security graph is deployed. A security query associated with the multi-layer security graph is accessed. The security query is executed based on the multi-layer security graph, executing the security query generates a query result.
    Type: Grant
    Filed: May 9, 2023
    Date of Patent: January 20, 2026
    Assignee: Microsoft Technology Licensing, LLC
    Inventors: Chen Lahav, Idan Yehoshua Hen
  • Publication number: 20250159016
    Abstract: Methods, systems, and computer storage media for providing attack path discovery management using an attack path discovery engine of a security management system. Attack path discovery management supports automatic attack path discovery that involves identifying and mapping potential pathways that attackers could use to infiltrate computing environments. In operation, an attack path discovery computation model comprising an entry point element, an advancement step element, and a target element, is accessed. A computing environment graph comprising computing components of a computing environment is accessed. Based on the entry point element, an entry point is identified in the computing graph; based on the advancement step element, an advancement step is identified in the computing environment graph; and based on the target element, a target is identified in the computing environment graph. An attack path is generated based on the entry point, the advancement steps, and the target.
    Type: Application
    Filed: November 13, 2023
    Publication date: May 15, 2025
    Inventors: Idan HEN, Amit MAGEN MEDINA, Chen LAHAV, Alon DANOCH, Asaf HARARI, Aviv SHITRIT, Lior ZIV
  • Publication number: 20250097268
    Abstract: A computing system comprises one or more processors configured to obtain two or more security graphs that at least partially overlap. Each security graph comprises a plurality of nodes and at least one edge. The at least one edge represents a potential security vulnerability. Each node is classified as a permission scope node or a floating node. Each of the permission scope nodes is sorted into a respective permission scope profile. For each floating node that matches another floating node, such matching floating nodes are unified into a unified floating node. A set of edges that connects the sorted permission scope nodes and the unified floating nodes is defined based on the at least one edge of each security graph of the two or more security graphs. An interconnected security graph is output comprising the sorted permission scope nodes, the unified floating nodes, and the set of edges.
    Type: Application
    Filed: September 14, 2023
    Publication date: March 20, 2025
    Applicant: Microsoft Technology Licensing, LLC
    Inventors: Chen LAHAV, Idan HEN, Smadar CARMEL
  • Publication number: 20240380785
    Abstract: Methods, systems, and computer storage media for providing security incident management using a security graph layering engine in a security management system. Security incident management is provided using the security graph layering engine that include multi-layer security graph that supports querying a security graph using a multi-layer representation of data associated with security graph. In operation, a security graph associated with a plurality of security resources in a cloud environment is accessed. Based on accessing the security graph, a multi-layer security graph is generated. The multi-layer security graph is a multi-layer representation of the security. The multi-layer security graph is deployed. A security query associated with the multi-layer security graph is accessed. The security query is executed based on the multi-layer security graph, executing the security query generates a query result.
    Type: Application
    Filed: May 9, 2023
    Publication date: November 14, 2024
    Inventors: Chen LAHAV, Idan Yehoshua HEN
  • Patent number: 11500626
    Abstract: Methods for intelligent automatic merging of source control queue items are performed by systems and apparatuses. Project changes are submitted in build requests to a gated check-in build queue requiring successful builds to commit changes to a code repository according to source control. Multiple pending build requests in the build queue are intelligently and automatically merged into a single, pending merged request based on risk factor values associated with the build requests. For merged requests successfully built, files in the build requests are committed and the build requests are removed from the queue. Merged requests unsuccessfully built are divided into equal subsets based on updated risk factor values using information from the unsuccessful build. Successful builds of subsets allow for committing of files and removal from the build queue, while unsuccessful builds are further divided and processed until single build requests are processed to identify root cause errors.
    Type: Grant
    Filed: May 8, 2020
    Date of Patent: November 15, 2022
    Assignee: MICROSOFT TECHNOLOGY LICENSING, LLC
    Inventors: Elad Iwanir, Gal Tamir, Mario A. Rodriguez, Chen Lahav
  • Publication number: 20200264871
    Abstract: Methods for intelligent automatic merging of source control queue items are performed by systems and apparatuses. Project changes are submitted in build requests to a gated check-in build queue requiring successful builds to commit changes to a code repository according to source control. Multiple pending build requests in the build queue are intelligently and automatically merged into a single, pending merged request based on risk factor values associated with the build requests. For merged requests successfully built, files in the build requests are committed and the build requests are removed from the queue. Merged requests unsuccessfully built are divided into equal subsets based on updated risk factor values using information from the unsuccessful build. Successful builds of subsets allow for committing of files and removal from the build queue, while unsuccessful builds are further divided and processed until single build requests are processed to identify root cause errors.
    Type: Application
    Filed: May 8, 2020
    Publication date: August 20, 2020
    Inventors: Elad Iwanir, Gal Tamir, Mario A. Rodriguez, Chen Lahav
  • Patent number: 10715533
    Abstract: A system for detecting by a cloud service a ransomware attack on a client device is provided. The system monitors changes to files of the client device that are stored by the cloud service. The system assesses whether a change to a file appears to be malicious in that the change may be caused by ransomware. When the change to the file appears to be malicious, the system performs a countermeasure to prevent synchronization of files of the client device with other client devices and with the cloud service to prevent the propagating of files from the client device, which is undergoing a ransomware attack.
    Type: Grant
    Filed: December 9, 2016
    Date of Patent: July 14, 2020
    Assignee: MICROSOFT TECHNOLOGY LICENSING, LLC.
    Inventors: Elad Iwanir, Chen Lahav, Gal Tamir
  • Patent number: 10691449
    Abstract: Methods for intelligent automatic merging of source control queue items are performed by systems and apparatuses. Project changes are submitted in build requests to a gated check-in build queue requiring successful builds to commit changes to a code repository according to source control. Multiple pending build requests in the build queue are intelligently and automatically merged into a single, pending merged request based on risk factor values associated with the build requests. For merged requests successfully built, files in the build requests are committed and the build requests are removed from the queue. Merged requests unsuccessfully built are divided into equal subsets based on updated risk factor values using information from the unsuccessful build. Successful builds of subsets allow for committing of files and removal from the build queue, while unsuccessful builds are further divided and processed until single build requests are processed to identify root cause errors.
    Type: Grant
    Filed: April 27, 2017
    Date of Patent: June 23, 2020
    Assignee: Microsoft Technology Licensing, LLC
    Inventors: Elad Iwanir, Gal Tamir, Mario A. Rodriguez, Chen Lahav
  • Publication number: 20180314517
    Abstract: Methods for intelligent automatic merging of source control queue items are performed by systems and apparatuses. Project changes are submitted in build requests to a gated check-in build queue requiring successful builds to commit changes to a code repository according to source control. Multiple pending build requests in the build queue are intelligently and automatically merged into a single, pending merged request based on risk factor values associated with the build requests. For merged requests successfully built, files in the build requests are committed and the build requests are removed from the queue. Merged requests unsuccessfully built are divided into equal subsets based on updated risk factor values using information from the unsuccessful build. Successful builds of subsets allow for committing of files and removal from the build queue, while unsuccessful builds are further divided and processed until single build requests are processed to identify root cause errors.
    Type: Application
    Filed: April 27, 2017
    Publication date: November 1, 2018
    Inventors: Elad Iwanir, Gal Tamir, Mario A. Rodriguez, Chen Lahav
  • Publication number: 20180034835
    Abstract: A system for detecting by a cloud service a ransomware attack on a client device is provided. The system monitors changes to files of the client device that are stored by the cloud service. The system assesses whether a change to a file appears to be malicious in that the change may be caused by ransomware. When the change to the file appears to be malicious, the system performs a countermeasure to prevent synchronization of files of the client device with other client devices and with the cloud service to prevent the propagating of files from the client device, which is undergoing a ransomware attack.
    Type: Application
    Filed: December 9, 2016
    Publication date: February 1, 2018
    Inventors: Elad Iwanir, Chen Lahav, Gal Tamir