Patents by Inventor Dean Sysman

Dean Sysman has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).

  • Publication number: 20200259787
    Abstract: A system for managing network connected devices, comprising at least one hardware processor adapted to produce a plurality of unique device descriptors, each describing one of a plurality of network connected devices, by: for each of a plurality of device descriptors, each having a plurality of supported actions, and one or more domain device identifiers, each identifier associating the device descriptor with one of a plurality of management domains: for each of the plurality of management domains not associated with the device descriptor: instructing execution on a network connected device described by the device descriptor a domain identification query according to the descriptor's plurality of supported actions, to determine a new domain device identifier; identifying in the plurality of device descriptors a second device descriptor having a domain device identifier equal to the new domain device identifier; and merging the device descriptor with the second device descriptor.
    Type: Application
    Filed: April 29, 2020
    Publication date: August 13, 2020
    Applicant: Axonius Solutions Ltd.
    Inventors: Avidor BARTOV, Itay WEISS, Ofri SHUR, Dean SYSMAN, Shmuel UR
  • Patent number: 10652208
    Abstract: A system for managing network connected devices, comprising at least one hardware processor adapted to produce a plurality of unique device descriptors, each describing one of a plurality of network connected devices, by: for each of a plurality of device descriptors, each having a plurality of supported actions, and one or more domain device identifiers, each identifier associating the device descriptor with one of a plurality of management domains: for each of the plurality of management domains not associated with the device descriptor: instructing execution on a network connected device described by the device descriptor a domain identification query according to the descriptor's plurality of supported actions, to determine a new domain device identifier; identifying in the plurality of device descriptors a second device descriptor having a domain device identifier equal to the new domain device identifier; and merging the device descriptor with the second device descriptor.
    Type: Grant
    Filed: October 3, 2018
    Date of Patent: May 12, 2020
    Assignee: Axonius Solutions Ltd.
    Inventors: Avidor Bartov, Ofir Yefet, Mark Segal, Itay Weiss, Ofri Shur, Dean Sysman, Shmuel Ur
  • Publication number: 20200112541
    Abstract: A system for managing network connected devices, comprising at least one hardware processor adapted to produce a plurality of unique device descriptors, each describing one of a plurality of network connected devices, by: for each of a plurality of device descriptors, each having a plurality of supported actions, and one or more domain device identifiers, each identifier associating the device descriptor with one of a plurality of management domains: for each of the plurality of management domains not associated with the device descriptor: instructing execution on a network connected device described by the device descriptor a domain identification query according to the descriptor's plurality of supported actions, to determine a new domain device identifier; identifying in the plurality of device descriptors a second device descriptor having a domain device identifier equal to the new domain device identifier; and merging the device descriptor with the second device descriptor.
    Type: Application
    Filed: October 3, 2018
    Publication date: April 9, 2020
    Applicant: Axonius Solutions Ltd.
    Inventors: Avidor BARTOV, Ofir YEFET, Mark SEGAL, Itay WEISS, Ofri SHUR, Dean SYSMAN, Shmuel UR
  • Publication number: 20190311117
    Abstract: A computer implemented method of detecting execution of unregistered code in a protected networked system, comprising maintaining a pages registry record in a storage of an endpoint in a protected networked system, the pages registry record comprising a registration signature for each of a plurality of registered executable pages, monitoring a plurality of executable pages at a page management level using an adjusted page fault handler of an operating system kernel executed by one or more processors of the endpoint, detecting one or more unregistered executable pages by identifying incompliance of a runtime signature calculated in runtime for the unregistered executable page(s) with respective registration signature stored in the pages registry record and initiating one or more actions in case of the detection of the unregistered executable page(s).
    Type: Application
    Filed: June 14, 2017
    Publication date: October 10, 2019
    Applicant: Cymmetria, Inc.
    Inventors: Dean SYSMAN, Imri GOLDBERG, Itamar SHER, Jonathan PERRY, Shmuel UR
  • Patent number: 10270807
    Abstract: A computer implemented method of detecting unauthorized access to a protected network by monitoring a dynamically updated deception environment, comprising launching, on one or more decoy endpoints, one or more decoy operating system (OS) managing one or more of a plurality of deception applications mapping a plurality of applications executed in a protected network, updating dynamically a usage indication for a plurality of deception data objects deployed in the protected network to emulate usage of the plurality of deception data objects for accessing the deception application(s) wherein the plurality of deception data objects are configured to trigger an interaction with the deception application(s) when used, detecting usage of data contained in the deception data object(s) by monitoring the interaction and identifying one or more potential unauthorized operations based on analysis of the detection.
    Type: Grant
    Filed: July 20, 2016
    Date of Patent: April 23, 2019
    Assignee: Cymmetria, Inc.
    Inventors: Dean Sysman, Gadi Evron, Imri Goldberg, Ran Harel, Shmuel Ur
  • Publication number: 20180309787
    Abstract: A computer implemented method of detecting unauthorized access to a protected network by detecting a usage of dynamically updated deception communication, comprising deploying, in a protected network, a plurality of decoy endpoints configured to transmit one or more communication deception data objects encoded according to one or more communication protocols used in the protected network, instructing a first decoy endpoint of the plurality of decoy endpoints to transmit the communication deception data object(s) to a second decoy endpoint of the plurality of decoy endpoints, monitoring the protected network to detect a usage of data contained in the one or more communication deception data object, detecting one or more potential unauthorized operations based on analysis of the detection and initiating one or more actions according to the detection.
    Type: Application
    Filed: July 31, 2017
    Publication date: October 25, 2018
    Inventors: Gadi EVRON, Dean SYSMAN, Imri GOLDBERG, Shmuel UR, Itamar SHER
  • Publication number: 20180212995
    Abstract: A computer implemented method of detecting unauthorized access to a protected network by monitoring a dynamically updated deception environment, comprising launching, on one or more decoy endpoints, one or more decoy operating system (OS) managing one or more of a plurality of deception applications mapping a plurality of applications executed in a protected network, updating dynamically a usage indication for a plurality of deception data objects deployed in the protected network to emulate usage of the plurality of deception data objects for accessing the deception application(s) wherein the plurality of deception data objects are configured to trigger an interaction with the deception application(s) when used, detecting usage of data contained in the deception data object(s) by monitoring the interaction and identifying one or more potential unauthorized operations based on analysis of the detection.
    Type: Application
    Filed: July 20, 2016
    Publication date: July 26, 2018
    Applicant: Cymmetria , Inc.
    Inventors: Dean SYSMAN, Gadi EVRON, Imri GOLDBERG, Ran HAREL, Shmuel UR
  • Publication number: 20170359376
    Abstract: A method for deploying threat specific deception campaigns for updating a score given to a malicious activity threat by performing an analysis of processes executed by computing nodes of a monitored computer network. When an analysis outcome is indicative of a malicious activity threat to the monitored computer network from process(es) executed on one or more of the computing node(s): setting a score to the malicious activity threat according to potential damage characteristic(s) of the malicious activity threat when the score is above a first threshold launch a threat specific deception campaign by using at least one deception application executed by the computing node(s) for gathering additional data and updating the score according to an analysis of the additional data, and when the score/updated score is above a second threshold generate instructions for alerting an operator and/or reacting to the malicious activity on the at computing node(s).
    Type: Application
    Filed: June 14, 2017
    Publication date: December 14, 2017
    Inventors: Gadi EVRON, Dean Sysman, Imri Goldberg, Shmuel Ur
  • Publication number: 20170134423
    Abstract: A computer implemented method of detecting unauthorized access to a protected network by monitoring a dynamically updated deception environment, comprising launching, on one or more decoy endpoints, one or more decoy operating system (OS) managing one or more of a plurality of deception applications mapping a plurality of applications executed in a protected network, updating dynamically a usage indication for a plurality of deception data objects deployed in the protected network to emulate usage of the plurality of deception data objects for accessing the deception application(s) wherein the plurality of deception data objects are configured to trigger an interaction with the deception application(s) when used, detecting usage of data contained in the deception data object(s) by monitoring the interaction and identifying one or more potential unauthorized operations based on analysis of the detection.
    Type: Application
    Filed: January 25, 2017
    Publication date: May 11, 2017
    Inventors: Dean Sysman, Gadi Evron, Imri Goldberg, Itamar Sher, Shmuel Ur