Patents by Inventor Evgeni Aizikovich

Evgeni Aizikovich has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).

  • Patent number: 12155681
    Abstract: Disclosed embodiments relate to systems and methods for securely and privately auditing web sessions. Techniques include receiving encrypted browser session data; storing the encrypted browser session data at a server; receiving an audit request associated with the stored encrypted browser session data; retrieving the stored encrypted browser session data based on the audit request; and transmitting the encrypted browser session data to an auditor endpoint device to enable access to the browser session data by the auditor endpoint device.
    Type: Grant
    Filed: May 2, 2022
    Date of Patent: November 26, 2024
    Assignee: CyberArk Software Ltd.
    Inventors: Arthur Bendersky, Evgeni Aizikovich
  • Publication number: 20230140559
    Abstract: Disclosed embodiments relate to systems and methods for securely and privately auditing web sessions. Techniques include receiving encrypted browser session data; storing the encrypted browser session data at a server; receiving an audit request associated with the stored encrypted browser session data; retrieving the stored encrypted browser session data based on the audit request; and transmitting the encrypted browser session data to an auditor endpoint device to enable access to the browser session data by the auditor endpoint device.
    Type: Application
    Filed: May 2, 2022
    Publication date: May 4, 2023
    Applicant: CyberArk Software Ltd.
    Inventors: Arthur Bendersky, Evgeni Aizikovich
  • Patent number: 11321472
    Abstract: Disclosed embodiments relate to systems and methods for securely and privately auditing web sessions. Techniques include receiving, from a browser extension executing on a user endpoint device, encrypted browser session data and an encrypted session key, storing the encrypted browser session data and the encrypted session key; receiving, from an auditor endpoint device, an audit request associated with the stored encrypted browser session data; retrieving the stored encrypted browser session data and the stored encrypted session key based on the audit request; and transmitting at least some of the encrypted browser session data and the encrypted session key to the auditor endpoint device to enable access to the browser session data by the auditor endpoint device.
    Type: Grant
    Filed: October 29, 2021
    Date of Patent: May 3, 2022
    Assignee: CyberArk Software Ltd.
    Inventor: Evgeni Aizikovich
  • Patent number: 10985924
    Abstract: Disclosed embodiments relate to verifying identities based on identity-inherent data that is inaccessible to the system. Techniques include receiving, from a client, an encrypted token, the encrypted token having been encrypted at the client using a cryptographic key created at the client based on identity-inherent data of an identity of the client; wherein the identity-inherent data of the identity is not itself received by the system, and wherein the cryptographic key is accessible only to the client; and storing the encrypted token in association with a hash of a decrypted version of the encrypted token to allow for comparing the stored hash with a created hash and determining whether to verify the identity based on a result of the comparing.
    Type: Grant
    Filed: August 4, 2020
    Date of Patent: April 20, 2021
    Assignee: CYBERARK SOFTWARE LTD.
    Inventors: Evgeni Aizikovich, Boris Spivak, Michael Yavnilovich, Tal Kandel, Hadas Elkabir
  • Publication number: 20210028941
    Abstract: Disclosed embodiments relate to verifying identities based on identity-inherent data that is inaccessible to the system. Techniques include receiving, from a client, an encrypted token, the encrypted token having been encrypted at the client using a cryptographic key created at the client based on identity-inherent data of an identity of the client; wherein the identity-inherent data of the identity is not itself received by the system, and wherein the cryptographic key is accessible only to the client; and storing the encrypted token in association with a hash of a decrypted version of the encrypted token to allow for comparing the stored hash with a created hash and determining whether to verify the identity based on a result of the comparing.
    Type: Application
    Filed: August 4, 2020
    Publication date: January 28, 2021
    Applicant: CyberArk Software Ltd.
    Inventors: Evgeni AIZIKOVICH, Boris Spivak, Michael Yavnilovich, Tal Kandel, Hadas Elkabir
  • Patent number: 10862689
    Abstract: Disclosed embodiments relate to verifying identities based on identity-inherent data that is inaccessible to the system. Techniques include receiving, from a client, an encrypted token, the encrypted token having been encrypted at the client using a cryptographic key created at the client based on identity-inherent data of an identity of the client; wherein the identity-inherent data of the identity is not itself received by the system, and wherein the cryptographic key is accessible only to the client; and storing the encrypted token in association with a hash of a decrypted version of the encrypted token to allow for comparing the stored hash with a created hash and determining whether to verify the identity based on a result of the comparing.
    Type: Grant
    Filed: July 23, 2019
    Date of Patent: December 8, 2020
    Assignee: CYBERARK SOFTWARE LTD.
    Inventors: Evgeni Aizikovich, Boris Spivak, Michael Yavnilovich, Tal Kandel, Hadas Elkabir
  • Patent number: 10411894
    Abstract: Disclosed embodiments relate to systems and methods for authenticating users of personal computing devices using encoded versions of the temporary and unique codes. Techniques include receiving a first cryptographic key having been created by a personal computing device and corresponding to a second cryptographic key maintained on the personal computing device; associating a user identifier with the first cryptographic key; accessing a temporary and unique code; accessing an encoded version of the temporary and unique code; making available to the personal computing device the encoded version of the temporary and unique code; receiving, from the personal computing device, a signed version of the temporary and unique code, the signed version having been signed by the second cryptographic key; verifying, using the first cryptographic key, the signed version of the temporary and unique code; and determining, based on the verifying, whether to authenticate the user of the personal computing device.
    Type: Grant
    Filed: May 17, 2019
    Date of Patent: September 10, 2019
    Assignee: CYBERARK SOFTWARE LTD.
    Inventors: Michael Yavnilovich, Evgeni Aizikovich, Boris Spivak
  • Publication number: 20190207784
    Abstract: Disclosed embodiments include engaging in a control session between a tunneling control service located in a first network and a tunneling control agent located in a second network, identifying a request, from a requesting resource in the first network, to establish a secure remote connection with a target resource in the second network, the target resource having a network address in the second network, sending, from the tunneling control service in the first network to the tunneling control agent in the second network, a request to establish a reverse tunnel between the first network and the second network, transmitting a request for a reverse tunnel connection between a tunneling server in the first network and a tunneling agent in the second network, the tunneling agent being configured to redirect traffic from the reverse tunnel to the target resource at the network address in the second network, and transmitting data traffic from the requesting resource in the first network through the reverse tunnel to
    Type: Application
    Filed: January 3, 2018
    Publication date: July 4, 2019
    Applicant: CyberArk Software Ltd.
    Inventor: Evgeni Aizikovich
  • Publication number: 20190182242
    Abstract: Disclosed embodiments include receiving, at a first identity provider configured to authenticate a plurality of network clients, a request from a first network client to establish a connection with an access-restricted network resource, the first network client having been redirected to the first identity provider from a service provider; sending, from the first identity provider to the first network client, a redirect message automatically directing the first network client to authenticate itself at a second identity provider that is separate from the first identity provider; receiving, from the second identity provider, a result of the first network client authenticating itself at the second identity provider; and sending, from the first identity provider and to the service provider, an authentication message based on the result, the authentication message determining whether the first network client is authenticated and is permitted to establish the connection with the access-restricted network resource.
    Type: Application
    Filed: December 11, 2017
    Publication date: June 13, 2019
    Inventor: Evgeni Aizikovich
  • Patent number: 10250677
    Abstract: Systems and methods are provided for decentralized network address control, including a computer-implemented method for decentralized load balancing for a plurality of network resources. The method can include determining a load characteristic for the first network resource. The load characteristic can be determined by a first load balancing application associated with a first network resource. The method can further include sending a report to a network address resolution resource, based on the determined load characteristic. The network address resolution resource can be configured to also receive reports from other load balancing applications associated with other network resources based on determined load characteristics for the other network resources. Both the first network resource and the other network resources can be associated with a common network resource name.
    Type: Grant
    Filed: May 2, 2018
    Date of Patent: April 2, 2019
    Assignee: CyberArk Software Ltd.
    Inventor: Evgeni Aizikovich