Patents by Inventor Doron Elgressy
Doron Elgressy has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 11671461Abstract: An apparatus collects data from a data network for the purpose of detection and interception of security incidents therein. The apparatus identifies at least one event in the data network. The apparatus then inspects the event to identify its properties and metadata associated therewith. Based on the inspection, the apparatus identifies at least a type of the event, an operation and a resource associated with the event, and a device associated with the event. The metadata is the matched to a unified index stored in a database communicatively coupled to the apparatus via a network. Based on the match the apparatus determines whether the event is potentially a security incident. In case a determination of a potential security incident is made, the apparatus queries a set of set of policy rules to determine a type of action required respective of the metadata. The apparatus then performs the required action.Type: GrantFiled: September 16, 2022Date of Patent: June 6, 2023Assignee: PROOFPOINT ISRAEL LTDInventors: Doron Elgressy, Yair Grindlinger, Boris Gorin
-
Patent number: 11489850Abstract: An apparatus collects data from a data network for the purpose of detection and interception of security incidents therein. The apparatus identifies at least one event in the data network. The apparatus then inspects the event to identify its properties and metadata associated therewith. Based on the inspection, the apparatus identifies at least a type of the event, an operation and a resource associated with the event, and a device associated with the event. The metadata is the matched to a unified index stored in a database communicatively coupled to the apparatus via a network. Based on the match the apparatus determines whether the event is potentially a security incident. In case a determination of a potential security incident is made, the apparatus queries a set of set of policy rules to determine a type of action required respective of the metadata. The apparatus then performs the required action.Type: GrantFiled: January 17, 2020Date of Patent: November 1, 2022Assignee: PROOFPOINT ISRAEL LTDInventors: Doron Elgressy, Yair Grindlinger, Boris Gorin
-
Publication number: 20200153845Abstract: An apparatus collects data from a data network for the purpose of detection and interception of security incidents therein. The apparatus identifies at least one event in the data network. The apparatus then inspects the event to identify its properties and metadata associated therewith. Based on the inspection, the apparatus identifies at least a type of the event, an operation and a resource associated with the event, and a device associated with the event. The metadata is the matched to a unified index stored in a database communicatively coupled to the apparatus via a network. Based on the match the apparatus determines whether the event is potentially a security incident. In case a determination of a potential security incident is made, the apparatus queries a set of set of policy rules to determine a type of action required respective of the metadata. The apparatus then performs the required action.Type: ApplicationFiled: January 17, 2020Publication date: May 14, 2020Inventors: Doron Elgressy, Yair Grindlinger, Boris Gorin
-
Patent number: 10581876Abstract: An apparatus collects data from a data network for the purpose of detection and interception of security incidents therein. The apparatus identifies at least one event in the data network. The apparatus then inspects the event to identify its properties and metadata associated therewith. Based on the inspection, the apparatus identifies at least a type of the event, an operation and a resource associated with the event, and a device associated with the event. The metadata is the matched to a unified index stored in a database communicatively coupled to the apparatus via a network. Based on the match the apparatus determines whether the event is potentially a security incident. In case a determination of a potential security incident is made, the apparatus queries a set of set of policy rules to determine a type of action required respective of the metadata. The apparatus then performs the required action.Type: GrantFiled: October 5, 2016Date of Patent: March 3, 2020Assignee: PROOFPOINT ISRAEL LTDInventors: Doron Elgressy, Yair Grindlinger, Boris Gorin
-
Publication number: 20180041525Abstract: An apparatus collects data from a data network for the purpose of detection and interception of security incidents therein. The apparatus identifies at least one event in the data network. The apparatus then inspects the event to identify its properties and metadata associated therewith. Based on the inspection, the apparatus identifies at least a type of the event, an operation and a resource associated with the event, and a device associated with the event. The metadata is the matched to a unified index stored in a database communicatively coupled to the apparatus via a network. Based on the match the apparatus determines whether the event is potentially a security incident. In case a determination of a potential security incident is made, the apparatus queries a set of set of policy rules to determine a type of action required respective of the metadata. The apparatus then performs the required action.Type: ApplicationFiled: October 5, 2016Publication date: February 8, 2018Applicant: FIRELAYERS LTD.Inventors: Doron ELGRESSY, Yair GRINDLINGER, Boris GORIN
-
Publication number: 20080201777Abstract: Method and agent for preventing a hostile use of computer resources by an application running on a workstation. A list of services that are not allowed for access by unspecified applications is provided, and when such unspecified application runs on the workstation, the application is prevented from accessing any resource directly. Any direct or indirect request for access to specific services is analyzed, to determine whether such request is allowable according to the list. The workstation processes the request if it is allowable. The unspecified application is prevented from accessing the requested resource if the request is not allowable. The resource may be any local or remote resource, such as, memory allocation, files, directories, operations with files and directories, such as copy, delete or compress, or any other operation leading to a permanent change in the workstation or its periphery.Type: ApplicationFiled: April 29, 2008Publication date: August 21, 2008Inventors: Doron Elgressy, Fabian Ben Aderet
-
Patent number: 7383569Abstract: Method and agent for preventing a hostile use of computer resources by an application running on a workstation. A list of services that are not allowed for access by unspecified applications is determined, and when such unspecified application runs on the workstation, direct access to the application is prevented from any resource. Any direct or indirect request for access to specific services is analyzed, to determine whether such request is allowable according to the list. The workstation processes the request if it is allowable. The unspecified application is prevented from accessing the requested resource if the request is not allowable. The resource may be any local or remote resource, such as, memory allocation, files, directories, operations with files and directories, such as copy, delete or compress, or any other operation leading to a permanent change in the workstation or its periphery.Type: GrantFiled: February 25, 1999Date of Patent: June 3, 2008Assignee: Computer Associates Think, Inc.Inventors: Doron Elgressy, Fabian Ben Aderet
-
Patent number: 7305703Abstract: A method for enforcing a security policy for selectively preventing the downloading and execution of undesired Executable Objects in an individual workstation, comprising the steps of, (1) providing a security agent suitable to be installed in an individual workstation, said security agent being provided with means for introducing at least one marker in one or more data packet transmitted by a workstation to a server through a gateway, said at least one marker indicating that a security agent is installed in the transmitting workstation; (2) providing means in or coupled to the gateway for analyzing the first one or more data packet(s) received from a transmitting workstation initiating communication to a remote server, to determine whether said first one or more data packet(s) comprise at least one marker indicating that a suitable security agent is installed in the transmitting workstation; (3) If at least one marker indicating that a suitable security agent is installed in the transmitting workstation is dType: GrantFiled: March 14, 2003Date of Patent: December 4, 2007Assignee: Computer Associates Think, Inc.Inventors: Doron Elgressy, Asher Jospe
-
Patent number: 7146641Abstract: A method of preventing undesirable activities of Executable Objects via an application, comprising denying to the same application, or one or more of its threads, access to a secured resource if the application, or one or more of its threads, has previously exhibited Internet behavior and has not met a specific condition for accessing the secured resource, and denying the application, or one or more of its threads, Internet behavior if, at a time access is sought to the Internet, the application, or one or more of its threads is accessing a secured resource.Type: GrantFiled: March 19, 2001Date of Patent: December 5, 2006Assignee: Computer Associates Think, Inc.Inventors: Doron Elgressy, Fabian Ben Aderet
-
Patent number: 6918043Abstract: A method for selectively preventing the downloading and execution of undesired Executable Objects in a computer. The method comprises when an Executable Object is detected at a gateway, analyzing the header of the Executable Object, determining the resources of the computer that the Executable Object needs to utilize, comparing the resources of the computer that the Executable Object needs to utilize with a Security Policy and if the resources of the computer that the Executable Object needs to utilize are included in the list of the resources prohibited for use by the Security Policy, preventing the Executable Object from passing through the gateway, thereby preventing it from reaching the computer which has initiated its downloading.Type: GrantFiled: July 8, 2002Date of Patent: July 12, 2005Assignee: Computer Associates Think, Inc.Inventors: Doron Elgressy, Asher Jospe
-
Publication number: 20030177355Abstract: A method for enforcing a security policy for selectively preventing the downloading and execution of undesired Executable Objects in an individual workstation, comprising the steps of, (1) providing a security agent suitable to be installed in an individual workstation, said security agent being provided with means for introducing at least one marker in one or more data packet transmitted by a workstation to a server through a gateway, said at least one marker indicating that a security agent is installed in the transmitting workstation; (2) providing means in or coupled to the gateway for analyzing the first one or more data packet(s) received from a transmitting workstation initiating communication to a remote server, to determine whether said first one or more data packet(s) comprise at least one marker indicating that a suitable security agent is installed in the transmitting workstation; (3) If at least one marker indicating that a suitable security agent is installed in the transmitting workstation is dType: ApplicationFiled: March 14, 2003Publication date: September 18, 2003Inventors: Doron Elgressy, Asher Jospe
-
Patent number: 6553498Abstract: A method for enforcing a security policy for selectively preventing the downloading and execution of undesired Executable Objects in an individual workstation, comprising the steps of, (1) providing a security agent suitable to be installed in an individual workstation, said security agent being provided with means for introducing at least one marker in one or more data packet transmitted by a workstation to a server through a gateway, said at least one marker indicating that a security agent is installed in the transmitting workstation; (2) providing means in or coupled to the gateway for analyzing the first one or more data packet(s) received from a transmitting workstation initiating communication to a remote server, to determine whether said first one or more data packet(s) comprise at least one marker indicating that a suitable security agent is installed in the transmitting workstation; (3) If at least one marker indicating that a suitable security agent is installed in the transmitting workstation is dType: GrantFiled: July 26, 2000Date of Patent: April 22, 2003Assignee: Computer Associates Think, Inc.Inventors: Doron Elgressy, Asher Jospe
-
Publication number: 20030056117Abstract: A method for selectively preventing the downloading and execution of undesired Executable Objects in a computer. The method comprises when an Executable Object is detected at a gateway, analyzing the header of the Executable Object, determining the resources of the computer that the Executable Object needs to utilize, comparing the resources of the computer that the Executable Object needs to utilize with a Security Policy and if the resources of the computer that the Executable Object needs to utilize are included in the list of the resources prohibited for use by the Security Policy, preventing the Executable Object from passing through the gateway, thereby preventing it from reaching the computer which has initiated its downloading.Type: ApplicationFiled: July 8, 2002Publication date: March 20, 2003Inventors: Doron Elgressy, Asher Jospe
-
Publication number: 20020178384Abstract: A method for processing Executable Objects, comprising: (a) providing analysis means capable of non-interfering analysis of data packets transmitted on a communication line between a browser and an HTTP server on the web, said communication line being established through a gateway; (b) analyzing the handshake between said browser and said server, to detect a “GET_” command sent by the user and an HTTP code sent in response by said server; (c) when such an HTTP code is detected, analyzing the data packets transmitted by said server to said browser, by: (c.1) providing ordering means to order data packets received in non-sequential order, and to forward them in sequential order to header checking means; (c.2) checking the data packets so as to analyze the contents of the header of the Executable Object, and to identify the resources of the system that it needs to employ; (c.3) transmitting to said gateway data representing the resources of the system that the Executable Object needs to utilize; (c.Type: ApplicationFiled: July 22, 2002Publication date: November 28, 2002Inventors: Doron Elgressy, Asher Jospe
-
Publication number: 20020129278Abstract: A method of preventing undesirable activities of Executable Objects via an application, comprising denying to the same application, or one or more of its threads, access to a secured resource if the application, or one or more of its threads, has previously exhibited Internet behavior and has not met a specific condition for accessing the secured resource, and denying the application, or one or more of its threads, Internet behavior if, at a time access is sought to the Internet, the application, or one or more of its threads is accessing a secured resource.Type: ApplicationFiled: March 19, 2001Publication date: September 12, 2002Inventors: Doron Elgressy, Fabian Ben Aderet
-
Patent number: 6449723Abstract: A method for selectively preventing the downloading and execution of undesired Executable Objects in a computer includes analyzing a header of a an Executable Object which is detected at a gateway, determining the resources of a computer that the Executable Object needs to utilize and comparing the resources of the computer that the Executable Object needs to utilize with a user's Security Policy representing the resources, or a combination of resources, that the user allows or does not allow an executable object to utilize within its network. The Executable Object is allowed to pass through the gateway and to reach the computer which has initiated its downloading, if the resources of the computer that the Executable Object needs to utilize are included in the list of the resources allowed for use by the Security Policy.Type: GrantFiled: October 30, 1998Date of Patent: September 10, 2002Assignee: Computer Associates Think, Inc.Inventors: Doron Elgressy, Asher Jospe
-
Patent number: 6336140Abstract: A method for processing Executable Objects, comprising: (a) providing analysis means capable of non-interfering analysis of data packets transmitted on a communication line between a browser and an HTTP server on the web, said communication line being established through a gateway; (b) analyzing the handshake between said browser and said server, to detect a “GET_” command sent by the user and an HTTP code sent in response by said server; (c) when such an HTTP code is detected, analyzing the data packets transmitted by said server to said browser, by: (c.1) providing ordering means to order data packets received in non-sequential order, and to forward them in sequential order to header checking means; (c.2) checking the data packets so as to analyze the contents of the header of the Executable Object, and to identify the resources of the system that it needs to employ; (c.3) transmitting to said gateway data representing the resources of the system that the Executable Object needs to utilize; (c.Type: GrantFiled: October 30, 1998Date of Patent: January 1, 2002Assignee: Computer Associates Think, Inc.Inventors: Doron Elgressy, Asher Jospe
-
Publication number: 20010049795Abstract: A method for processing Executable Objects, comprising: (a) providing analysis means capable of non-interfering analysis of data packets transmitted on a communication line between a browser and an HTTP server on the web, said communication line being established through a gateway; (b) analyzing the handshake between said browser and said server, to detect a “GET_” command sent by the user and an HTTP code sent in response by said server; (c) when such an HTTP code is detected, analyzing the data packets transmitted by said server to said browser, by: (c.1) providing ordering means to order data packets received in non-sequential order, and to forward them in sequential order to header checking means; (c.2) checking the data packets so as to analyze the contents of the header of the Executable Object, and to identify the resources of the system that it needs to employ; (c.3) transmitting to said gateway data representing the resources of the system that the Executable Object needs to utilize; (c.Type: ApplicationFiled: July 17, 2001Publication date: December 6, 2001Inventors: Doron Elgressy, Asher Jospe
-
Patent number: 6098173Abstract: A method for enforcing a security policy for selectively preventing the downloading and execution of undesired Executable Objects in an individual workstation, comprising the steps of, (1) providing a security agent suitable to be installed in an individual workstation, said security agent being provided with means for introducing at least one marker in one or more data packet transmitted by a workstation to a server through a gateway, said at least one marker indicating that a security agent is installed in the transmitting workstation; (2) providing means in or coupled to the gateway for analyzing the first one or more data packet(s) received from a transmitting workstation initiating communication to a remote server, to determine whether said first ore or more data packet(s) comprise at least one marker indicating that a suitable security agent is installed in the transmitting workstation; (3) If at least one marker indicating that a suitable security agent is installed in the transmitting workstation is dType: GrantFiled: November 3, 1998Date of Patent: August 1, 2000Assignee: Security-7 (Software) Ltd.Inventors: Doron Elgressy, Asher Jospe