Patents by Inventor Dragos Boia
Dragos Boia has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Publication number: 20220382542Abstract: The estimation and visualization of a degree of change between a further edited state of code and a selected version of the code. For each of some counted added or deleted portions (e.g., code lines) of code, the system estimates that the added (or deleted) portion complies with a non-review characteristic. The added (or deleted) code lines that comply with a non-review characteristic are excluded from the estimation of the degree of change. Thus, the estimation excludes consideration of added or deleted portions that need no substantial review, while considering more substantial added or deleted portions in the estimations. The estimation is then visualize giving the developer or the reviewer a better idea of the scale of changes that has really been made since the selected version of the code.Type: ApplicationFiled: August 9, 2022Publication date: December 1, 2022Inventors: Hardik GOEL, Arno MIHM, Dragos BOIA, Jacek Andrzej CZERWONKA, Maksim SHMELEV
-
Patent number: 11429378Abstract: The estimation and visualization of a degree of change between a further edited state of code and a selected version of the code. For each of some counted added or deleted portions (e.g., code lines) of code, the system estimates that the added (or deleted) portion complies with a non-review characteristic. The added (or deleted) code lines that comply with a non-review characteristic are excluded from the estimation of the degree of change. Thus, the estimation excludes consideration of added or deleted portions that need no substantial review, while considering more substantial added or deleted portions in the estimations. The estimation is then visualize giving the developer or the reviewer a better idea of the scale of changes that has really been made since the selected version of the code.Type: GrantFiled: May 10, 2021Date of Patent: August 30, 2022Assignee: Microsoft Technology Licensing, LLCInventors: Hardik Goel, Arno Mihm, Dragos Boia, Jacek Andrzej Czerwonka, Maksim Shmelev
-
Patent number: 10110622Abstract: Systems and methods for automated selection of payloads for use in a security scan of a web application by a security scanner are described herein. More specifically, the systems and methods test potential payloads for a security scan of a given web application on a test application with known security vulnerabilities, evaluate valid response returned by this test application, determine functionally equivalent responses, group payloads based the equivalence of their valid responses, and select one or more payloads from each created group for use in the security scan of the given web application.Type: GrantFiled: February 13, 2015Date of Patent: October 23, 2018Assignee: MICROSOFT TECHNOLOGY LICENSING, LLCInventors: Dragos Boia, Barry Markey, Donald Ankney, Viresh Ramdatmisier
-
Publication number: 20180007077Abstract: Vulnerability testing tasks can be received and distributed, via a work scheduler, to computer test environments. Each of the test environments can have a detector computing component running in the environment. Each detector component can respond to receiving one of the tasks from the work scheduler by conducting a vulnerability test on an endpoint of a target, detecting results of the vulnerability test, generating output indicating the results of the vulnerability test, and sending the output to an output processor. The work scheduler can initiate dynamic scaling of the test environments by activating and deactivating test environments in response to determining that the test environments are overloaded or underloaded, respectively. Also an overall time-based limit on testing for a target can be enforced via the work scheduler.Type: ApplicationFiled: June 29, 2016Publication date: January 4, 2018Applicant: Microsoft Technology Licensing, LLCInventors: Dragos Boia, Alisson Sol, Jiong Qiu, Erik Tayler, Johnathan Irwin, Leena Sheth
-
Patent number: 9853940Abstract: To protect network-based services, offering computer implemented functionality, from attacks, a passive web application firewall reactively identifies vulnerabilities, enabling such vulnerabilities to be quickly ameliorated, without intercepting communications or introducing other suboptimal aspects of traditional web application firewalls. Communications directed to the network-based services are logged and such logs are scanned for entries evidencing attacks, such as based on predetermined attack syntax. Further evaluation of the entries identified as evidencing attacks identifies a subset of those entries that correspond to likely successful attacks. Such further evaluation includes attacking the network-based service in an equivalent manner. Attacks that are found to be successful identify vulnerabilities, and a notification of such vulnerabilities is provided to facilitate amelioration of such vulnerabilities.Type: GrantFiled: September 24, 2015Date of Patent: December 26, 2017Assignee: Microsoft Technology Licensing, LLCInventors: Robert C. Fruth, Viresh Ramdatmisier, Barry Markey, Robert Fish, Erik Tayler, Dragos Boia, Donald Ankney
-
Publication number: 20170093795Abstract: To protect network-based services, offering computer implemented functionality, from attacks, a passive web application firewall reactively identifies vulnerabilities, enabling such vulnerabilities to be quickly ameliorated, without intercepting communications or introducing other suboptimal aspects of traditional web application firewalls. Communications directed to the network-based services are logged and such logs are scanned for entries evidencing attacks, such as based on predetermined attack syntax. Further evaluation of the entries identified as evidencing attacks identifies a subset of those entries that correspond to likely successful attacks. Such further evaluation includes attacking the network-based service in an equivalent manner. Attacks that are found to be successful identify vulnerabilities, and a notification of such vulnerabilities is provided to facilitate amelioration of such vulnerabilities.Type: ApplicationFiled: September 24, 2015Publication date: March 30, 2017Inventors: Robert C. Fruth, Viresh Ramdatmisier, Barry Markey, Robert Fish, Erik Tayler, Dragos Boia, Donald Ankney
-
Publication number: 20160241582Abstract: Systems and methods for automated selection of payloads for use in a security scan of a web application by a security scanner are described herein. More specifically, the systems and methods test potential payloads for a security scan of a given web application on a test application with known security vulnerabilities, evaluate valid response returned by this test application, determine functionally equivalent responses, group payloads based the equivalence of their valid responses, and select one or more payloads from each created group for use in the security scan of the given web application.Type: ApplicationFiled: February 13, 2015Publication date: August 18, 2016Applicant: MICROSOFT TECHNOLOGY LICENSING, LLCInventors: Dragos Boia, Barry Markey, Donald Ankney, Viresh Ramdatmisier