Patents by Inventor Gabriel D. Landau
Gabriel D. Landau has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Systems and methods for detecting and filtering function calls within processes for malware behavior
Patent number: 11604674Abstract: Systems and methods for monitoring a process a provided. An example method commences with providing a management platform. The management platform is configured to receive user rules for processing at least one function call within the process. A high-level script can be used based on the user rules to develop and install at least one library to execute synchronously within the process. The at least one library can be configured to monitor the process for at least one function call and capture argument values of the function call before the argument values are passed to a function. The at least one library can filter the function call based at least in part on the argument values. The method can continue with selectively creating an API event for execution by a dedicated worker thread. The execution of the API event is performed asynchronously with regard to the process.Type: GrantFiled: September 4, 2020Date of Patent: March 14, 2023Assignee: Elasticsearch B.V.Inventors: Gabriel D. Landau, Joseph W. Desimone -
Publication number: 20220075646Abstract: Systems and methods for monitoring a process a provided. An example method commences with providing a management platform. The management platform is configured to receive user rules for processing at least one function call within the process. A high-level script can be used based on the user rules to develop and install at least one library to execute synchronously within the process. The at least one library can be configured to monitor the process for at least one function call and capture argument values of the function call before the argument values are passed to a function. The at least one library can filter the function call based at least in part on the argument values. The method can continue with selectively creating an API event for execution by a dedicated worker thread. The execution of the API event is performed asynchronously with regard to the process.Type: ApplicationFiled: September 4, 2020Publication date: March 10, 2022Inventors: Gabriel D. Landau, Joseph W. Desimone
-
Patent number: 10121010Abstract: In one embodiment, a malicious code prevention module identifies potentially malicious instructions in volatile memory of a computing device and replaces them with innocuous instructions. In another embodiment, the malicious code prevention module identifies a potentially malicious thread within an operating system and replaces the first instruction in the thread with a new instruction that terminates the thread. Malicious code prevention module prevents malicious code from inflicting any harm on the computing device and its contents.Type: GrantFiled: May 12, 2016Date of Patent: November 6, 2018Assignee: Endgame, Inc.Inventors: Gabriel D. Landau, Nicholas Eli Fritts
-
Publication number: 20170329973Abstract: In one embodiment, a malicious code prevention module identifies potentially malicious instructions in volatile memory of a computing device and replaces them with innocuous instructions. In another embodiment, the malicious code prevention module identifies a potentially malicious thread within an operating system and replaces the first instruction in the thread with a new instruction that terminates the thread. Malicious code prevention module prevents malicious code from inflicting any harm on the computing device and its contents.Type: ApplicationFiled: May 12, 2016Publication date: November 16, 2017Inventors: Gabriel D. LANDAU, Nicholas Eli FRITTS
-
Patent number: 9785785Abstract: Systems and methods are provided for creating and using a sharable file-level key to secure data files. The file-level key is generated based on a workgroup key associated with the data file and unique information associated with the data file. The file-level key may be used to encrypt and split data. Systems and methods are also provided for sharing data without replicating the data on an end user machine. Data is encrypted and split across an external/consumer network and an enterprise/producer network. Access to the data is provided using a computing image generated by a server in the enterprise/producer network and then distributed to end users of the external/consumer network. This computing image may include preloaded files that provide pointers to the data. No access or replication of the data on the enterprise/producer network is needed in order for a user of the external/consumer network to access the data.Type: GrantFiled: December 30, 2015Date of Patent: October 10, 2017Assignee: Security First Corp.Inventors: Mark S. O'Hare, Rick L. Orsini, Gabriel D. Landau, Matthew Staker, William Yakamovich
-
Patent number: 9516002Abstract: Two approaches are provided for distributing trust among certificate authorities. Each approach may be used to secure data in motion. One approach provides methods and systems in which a secure data parser is used to distribute trust in a set of certificate authorities during initial negotiation (e.g., the key establishment phase) of a connection between two devices. Another approach of the present invention provides methods and systems in which the secure data parser is used to disperse packets of data into shares. A set of tunnels is established within a communication channel using a set of certificate authorities, keys developed during the establishment of the tunnels are used to encrypt shares of data for each of the tunnels, and the shares of data are transmitted through each of the tunnels. Accordingly, trust is distributed among a set of certificate authorities in the structure of the communication channel itself.Type: GrantFiled: April 15, 2014Date of Patent: December 6, 2016Assignee: Security First Corp.Inventors: Mark S. O'Hare, Rick L. Orsini, Stephen C. Bono, Gabriel D. Landau, Seth James Nielson
-
Publication number: 20160196440Abstract: Systems and methods are provided for creating and using a sharable file-level key to secure data files. The file-level key is generated based on a workgroup key associated with the data file and unique information associated with the data file. The file-level key may be used to encrypt and split data. Systems and methods are also provided for sharing data without replicating the data on an end user machine. Data is encrypted and split across an external/consumer network and an enterprise/producer network. Access to the data is provided using a computing image generated by a server in the enterprise/producer network and then distributed to end users of the external/consumer network. This computing image may include preloaded files that provide pointers to the data. No access or replication of the data on the enterprise/producer network is needed in order for a user of the external/consumer network to access the data.Type: ApplicationFiled: December 30, 2015Publication date: July 7, 2016Inventors: Mark S. O'Hare, Rick L. Orsini, Gabriel D. Landau, Matthew Staker, William Yakamovich
-
Publication number: 20160062655Abstract: The present invention relates to a system and method for improved memory allocation in a computer system. The system and method reduces or eliminates vulnerabilities that would otherwise exist due to use-after-free situations involving memory, thereby enhancing the security of the computer system.Type: ApplicationFiled: August 28, 2014Publication date: March 3, 2016Inventors: Gabriel D. LANDAU, Zach Riggle, Cody Pierce
-
Publication number: 20160056956Abstract: A secure data parser is provided that may be integrated into any suitable system for securely storing and communicating data. The secure data parser may split or share a data set into multiple portions that are stored or communicated distinctly. Encryption of the original data, the portions of data, or both may be employed for additional security. The secure data parser may be used to protect data in motion by splitting an original data set into portions of data that may be communicated using one or more communications paths. Secure workgroup communication is supported through the secure distribution and management of a workgroup key for use with the secure data parser.Type: ApplicationFiled: November 3, 2015Publication date: February 25, 2016Inventors: Mark S. O'Hare, Rick L. Orsini, Stephen C. Bono, Matthew D. Green, Gabriel D. Landau, Roger S. Davenport
-
Patent number: 9264224Abstract: Systems and methods are provided for creating and using a sharable file-level key to secure data files. The file-level key is generated based on a workgroup key associated with the data file and unique information associated with the data file. The file-level key may be used to encrypt and split data. Systems and methods are also provided for sharing data without replicating the data on an end user machine. Data is encrypted and split across an external/consumer network and an enterprise/producer network. Access to the data is provided using a computing image generated by a server in the enterprise/producer network and then distributed to end users of the external/consumer network. This computing image may include preloaded files that provide pointers to the data. No access or replication of the data on the enterprise/producer network is needed in order for a user of the external/consumer network to access the data.Type: GrantFiled: April 8, 2014Date of Patent: February 16, 2016Assignee: Security First Corp.Inventors: Mark S. O'Hare, Rick L. Orsini, Gabriel D. Landau, Matthew Staker, William Yakamovich
-
Patent number: 9215218Abstract: A secure data parser is provided that may be integrated into any suitable system for securely storing and communicating data. The secure data parser may split or share a data set into multiple portions that are stored or communicated distinctly. Encryption of the original data, the portions of data, or both may be employed for additional security. The secure data parser may be used to protect data in motion by splitting an original data set into portions of data that may be communicated using one or more communications paths. Secure workgroup communication is supported through the secure distribution and management of a workgroup key for use with the secure data parser.Type: GrantFiled: February 14, 2014Date of Patent: December 15, 2015Assignee: Security First Corp.Inventors: Mark S. O'Hare, Rick L. Orsini, Stephen C. Bono, Matthew D. Green, Gabriel D. Landau, Roger S. Davenport
-
Patent number: 8898464Abstract: A secure data parser is provided that may be integrated into any suitable system for securely storing and communicating data. The secure data parser may split or share a data set into multiple portions that are stored or communicated distinctly. Encryption of the original data, the portions of data, or both may be employed for additional security. The secure data parser may be used to protect data in motion by splitting an original data set into portions of data that may be communicated using one or more communications paths. Secure workgroup communication is supported through the secure distribution and management of a workgroup key for use with the secure data parser.Type: GrantFiled: June 5, 2013Date of Patent: November 25, 2014Assignee: Security First Corp.Inventors: Stephen C. Bono, Matthew D. Green, Gabriel D. Landau, Rick L. Orsini, Mark S. O'Hare, Roger S. Davenport
-
Publication number: 20140310516Abstract: Two approaches are provided for distributing trust among certificate authorities. Each approach may be used to secure data in motion. One approach provides methods and systems in which a secure data parser is used to distribute trust in a set of certificate authorities during initial negotiation (e.g., the key establishment phase) of a connection between two devices. Another approach of the present invention provides methods and systems in which the secure data parser is used to disperse packets of data into shares. A set of tunnels is established within a communication channel using a set of certificate authorities, keys developed during the establishment of the tunnels are used to encrypt shares of data for each of the tunnels, and the shares of data are transmitted through each of the tunnels. Accordingly, trust is distributed among a set of certificate authorities in the structure of the communication channel itself.Type: ApplicationFiled: June 27, 2014Publication date: October 16, 2014Inventors: Mark S. O'Hare, Rick L. Orsini, Stephen C. Bono, Gabriel D. Landau, Seth James Nielson
-
Publication number: 20140304503Abstract: Two approaches are provided for distributing trust among certificate authorities. Each approach may be used to secure data in motion. One approach provides methods and systems in which a secure data parser is used to distribute trust in a set of certificate authorities during initial negotiation (e.g., the key establishment phase) of a connection between two devices. Another approach of the present invention provides methods and systems in which the secure data parser is used to disperse packets of data into shares. A set of tunnels is established within a communication channel using a set of certificate authorities, keys developed during the establishment of the tunnels are used to encrypt shares of data for each of the tunnels, and the shares of data are transmitted through each of the tunnels. Accordingly, trust is distributed among a set of certificate authorities in the structure of the communication channel itself.Type: ApplicationFiled: April 15, 2014Publication date: October 9, 2014Applicant: SECURITY FIRST CORP.Inventors: Mark S. O'Hare, Rick L. Orsini, Stephen C. Bono, Gabriel D. Landau, Seth James Nielson
-
Publication number: 20140298012Abstract: Systems and methods are provided for creating and using a sharable file-level key to secure data files. The file-level key is generated based on a workgroup key associated with the data file and unique information associated with the data file. The file-level key may be used to encrypt and split data. Systems and methods are also provided for sharing data without replicating the data on an end user machine. Data is encrypted and split across an external/consumer network and an enterprise/producer network. Access to the data is provided using a computing image generated by a server in the enterprise/producer network and then distributed to end users of the external/consumer network. This computing image may include preloaded files that provide pointers to the data. No access or replication of the data on the enterprise/producer network is needed in order for a user of the external/consumer network to access the data.Type: ApplicationFiled: April 8, 2014Publication date: October 2, 2014Applicant: SECURITY FIRST CORP.Inventors: Rick L. Orsini, Mark S. O'Hare, Gabriel D. Landau, Matthew Staker, William Yakamovich
-
Publication number: 20140281542Abstract: A secure data parser is provided that may be integrated into any suitable system for securely storing and communicating data. The secure data parser may split or share a data set into multiple portions that are stored or communicated distinctly. Encryption of the original data, the portions of data, or both may be employed for additional security. The secure data parser may be used to protect data in motion by splitting an original data set into portions of data that may be communicated using one or more communications paths. Secure workgroup communication is supported through the secure distribution and management of a workgroup key for use with the secure data parser.Type: ApplicationFiled: February 14, 2014Publication date: September 18, 2014Applicant: SECURITY FIRST CORP.Inventors: Stephen C. Bono, Matthew D. Green, Gabriel D. Landau, Rick L. Orsini, Mark S. O'Hare, Roger S. Davenport
-
Publication number: 20140201538Abstract: Systems and methods are provided for securing data. A processing device receives a data set and identifies a first subset of data from a first dimension of a multi-dimensional representation of the data set. The processing device encrypts the first subset of data using a first encryption technique to yield a first encrypted subset of data and replaces the first subset of data in the multi-dimensional representation of the data set with the first subset of encrypted data. The processing device then identifies a second subset of data from a second dimension of the multi-dimensional representation of the data set, with the second subset of data including at least a portion of the first subset of encrypted data, and encrypts the second subset of data using a second encryption technique to yield a second encrypted subset of data.Type: ApplicationFiled: January 27, 2014Publication date: July 17, 2014Applicant: Security First Corp.Inventors: Mark S. O'Hare, Rick L. Orsini, Stephen C. Bono, Gabriel D. Landau, Seth James Nielson
-
Patent number: 8769270Abstract: Systems and methods are provided for creating and using a sharable file-level key to secure data files. The sharable file-level key is generated based on a workgroup key associated with the data file, as well as unique information associated with the data file. The sharable file-level key may be used to encrypt and split data using a Secure Parser. Systems and methods are also provided for sharing data without replicating the data on the machine of the end user. Data is encrypted and split across an external/consumer network and an enterprise/producer network. Access to the data is provided using a computing image generated by a server in the enterprise/producer network and then distributed to end users of the external/consumer network. This computing image may include preloaded files that provide pointers to the data that was encrypted and split. No access or replication of the data on the enterprise/producer network is needed in order for a user of the external/consumer network to access the data.Type: GrantFiled: September 20, 2011Date of Patent: July 1, 2014Assignee: Security First Corp.Inventors: Rick L. Orsini, Mark S. O'Hare, Gabriel D. Landau, Matthew Staker, William Yakamovich
-
Patent number: 8745372Abstract: Systems and methods are provided for distributing trust among a set of certificate authorities. One approach provides methods and systems in which the secure data parser is used to distribute trust in a set of certificate authorities during initial negotiation of a connection between two devices. Another approach provides methods and systems in which the secure data parser is used to disperse packets of data into shares. A set of tunnels is established within a communication channel using a set of certificate authorities, keys developed during the establishment of the tunnels are used to encrypt shares of data, and the shares of data are transmitted through each of the tunnels.Type: GrantFiled: November 24, 2010Date of Patent: June 3, 2014Assignee: Security First Corp.Inventors: Rick L. Orsini, Mark S. O'Hare, Stephen C. Bono, Gabriel D. Landau, Seth James Nielson
-
Patent number: 8745379Abstract: Two approaches are provided for distributing trust among a set of certificate authorities. Each approach may be used to secure data in motion. One approach provides methods and systems in which the secure data parser is used to distribute trust in a set of certificate authorities during initial negotiation (e.g., the key establishment phase) of a connection between two devices. Another approach provides methods and systems in which the secure data parser is used to disperse packets of data into shares. A set of tunnels is established within a communication channel using a set of certificate authorities, keys developed during the establishment of the tunnels are used to encrypt shares of data for each of the tunnels, and the shares of data are transmitted through each of the tunnels. Accordingly, trust is distributed among a set of certificate authorities in the structure of the communication channel itself.Type: GrantFiled: August 20, 2012Date of Patent: June 3, 2014Assignee: Security First Corp.Inventors: Rick L. Orsini, Mark S. O'Hare, Stephen C. Bono, Gabriel D. Landau, Seth James Nielson