Patents by Inventor Eran YANAY

Eran YANAY has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).

  • Publication number: 20240330456
    Abstract: A system and method for inspecting a resource in an on-premises environment for a cybersecurity threat are disclosed. According to an embodiment, the method includes initiating a network communication between an on-premises environment and an inspection environment; scanning the on-premises environment for a workload, the workload including a disk; generating an inspectable disk based on the disk; providing access to an inspector deployed in the inspection environment to inspect the inspectable disk for a cybersecurity object; and releasing a resource allocated to the inspectable disk in response to detecting that inspection of the inspectable disk is complete.
    Type: Application
    Filed: May 5, 2023
    Publication date: October 3, 2024
    Applicant: Wiz, Inc.
    Inventors: Elad GABAY, Liron LEVIN, Michael KLETSELMAN, Isaac SCHNITZER, Eran YANAY, Roy REZNIK
  • Publication number: 20220029988
    Abstract: Systems and methods for zero trust network security. A method includes sending a unique intermediate certificate authority (CA) certificate to each of a plurality of entities, wherein each entity of the plurality of entities is installed on a respective node of a plurality of nodes in a network environment; and causing deployment of an agent on each of the plurality of nodes, each agent corresponding to the entity installed on the same node as the agent is configured to enforce at least one network firewall policy based on the intermediate CA certificate sent to the corresponding entity.
    Type: Application
    Filed: July 27, 2020
    Publication date: January 27, 2022
    Applicant: Twistlock, Ltd.
    Inventors: Liron LEVIN, Eran YANAY, Dima STOPEL
  • Publication number: 20220021648
    Abstract: Methods and systems for identity-based firewall policy evaluation and for encoding entity identifiers for use in identity-based firewall policy evaluation. A method includes intercepting a packet from a sender entity to a recipient entity; determining whether the sender entity is permitted to communicate with the recipient entity according to a firewall policy, wherein the firewall policy indicates a plurality of entity identifiers, wherein each entity identifier is unique among the plurality of entity identifiers, wherein the rules for communications among the plurality of entities include a list of pairs of entities which are permitted to communicate with each other; forwarding the packet to the recipient entity when it is determined that the sender entity is permitted to communicate with the recipient entity; and performing at least one mitigation action when it is determined that the recipient entity is not permitted to communicate with the sender entity.
    Type: Application
    Filed: July 16, 2020
    Publication date: January 20, 2022
    Applicant: Twistlock, Ltd.
    Inventors: Liron LEVIN, Eran YANAY, Dima STOPEL
  • Publication number: 20220019452
    Abstract: A system and method for scanning of virtual machine images. The method includes creating a virtual machine instance of a virtual machine based on a virtual machine image of the virtual machine and an application programming interface (API) of an environment in which the virtual machine is to be deployed, wherein the virtual machine image has an entry point such that the virtual machine instance executes the entry point; and replacing the entry point of the virtual machine instance with a lightweight script, wherein the lightweight script is configured to retrieve a static scanner executable, to execute the static scanner executable, and to send results of the scanning.
    Type: Application
    Filed: July 16, 2020
    Publication date: January 20, 2022
    Applicant: Twistlock, Ltd.
    Inventors: Liron LEVIN, Eran YANAY, Gilad ASTRIN, Dima STOPEL
  • Publication number: 20200193015
    Abstract: A system and method for securing execution of software containers using security profiles. The method includes exporting a container image to a host device from a container image source, wherein the container image includes resources utilized to execute a corresponding application container; generating a security profile for the container image, wherein the generated security profile indicates at least a list of permissible filesystem actions, wherein each permissible filesystem action is an action performed with respect to at least one filesystem resource; monitoring an operation of a runtime execution of the application container; and detecting a violation of the security profile based on the monitored operation.
    Type: Application
    Filed: February 20, 2020
    Publication date: June 18, 2020
    Applicant: Twistlock, Ltd.
    Inventors: Liron LEVIN, Dima STOPEL, Eran YANAY
  • Publication number: 20190058722
    Abstract: A system and method for traffic enforcement in containerized environments. The method includes analyzing contents of a container image to determine a type of application to be executed by a first container, wherein the first container is a runtime instance of the container image; determining, based on the type of application to be executed by the first container, a filtering profile for the first container, wherein the filtering profile defines a configuration for inspecting and filtering traffic directed to the first container; and filtering, based on the filtering profile, malicious traffic directed to the first container.
    Type: Application
    Filed: October 22, 2018
    Publication date: February 21, 2019
    Applicant: Twistlock, Ltd.
    Inventors: Liron LEVIN, Dima STOPEL, John MORELLO, Eran YANAY
  • Publication number: 20180278639
    Abstract: A system and method for dynamically adapting traffic inspection and filtering in containerized environments. The method includes monitoring the containerized environment to identify deployment of a software container in the containerized environment; inspecting traffic redirected from the software container, wherein the inspecting includes detecting malicious activity of the software container; and filtering the traffic based on at least one filtering rule when the malicious activity is detected, wherein the at least one filtering rule is defined in a filtering profile for the software container, wherein the filtering profile is determined for the software container when a new container image of the software container is detected in the containerized environment.
    Type: Application
    Filed: May 29, 2018
    Publication date: September 27, 2018
    Applicant: Twistlock, Ltd.
    Inventors: Ben BERNSTEIN, John MORELLO, Dima STOPEL, Liron LEVIN, Eran YANAY
  • Publication number: 20180144123
    Abstract: A system and method for securing execution of software containers using security profiles. The method includes receiving an event indicating that a container image requires profiling, wherein the container image includes resources utilized to execute a corresponding application container; generating a security profile for the container image when the event is received, wherein the generated security profile indicates at least networking ports that are allowed for at least one of: access to the application container, and access by the application container; monitoring an operation of a runtime execution of the application container; and detecting a violation of the security profile based on the monitored operation.
    Type: Application
    Filed: December 29, 2017
    Publication date: May 24, 2018
    Applicant: Twistlock, Ltd.
    Inventors: Liron LEVIN, Dima STOPEL, Eran YANAY
  • Publication number: 20180129803
    Abstract: A system and method for securing execution of software containers using security profiles. The method includes receiving an event indicating that a container image requires profiling, wherein the container image includes resources utilized to execute a corresponding application container; generating a security profile for the container image when the event is received, wherein the generated security profile indicates at least a list of permissible filesystem actions, wherein each permissible filesystem action is an action performed with respect to at least one filesystem resource; monitoring an operation of a runtime execution of the application container; and detecting a violation of the security profile based on the monitored operation.
    Type: Application
    Filed: January 9, 2018
    Publication date: May 10, 2018
    Applicant: Twistlock, Ltd.
    Inventors: Liron LEVIN, Dima STOPEL, Eran YANAY