Patents by Inventor Guy Harpak
Guy Harpak has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Publication number: 20260205448Abstract: A data stream generated by a user operating a human-computer interface (HCI) is obfuscated, or “scrambled,” for keylogging prevention. Obfuscating the data stream generated by the user comprises, by a web browser, setting a hook for intercepting keypress events. Keypress events comprise user input events into the first HCI or virtual keypress events. Based on capturing a keypress event corresponding to a first keypress code that triggers the hook, the web browser scrambles the first keypress code to generate a second keypress code that differs from the first keypress code. Scrambling the first keypress code comprises changing, salting, or skipping the first keypress code to generate the second keypress code.Type: ApplicationFiled: February 17, 2026Publication date: July 16, 2026Inventors: Ofer Ben-Noon, Guy Harpak, Eran Rom, Nir Adler, Gilad Roth, Yan Aksenfeld, Gal Moshe Shalev, Ido Salomon, Alona Miga Blend, Yonatan Meir Shimonovich, Shlomi Zrahia, Yinon Englesman, Eliazar Edward Sikuriansky, Chen Siedner
-
Patent number: 12452306Abstract: A method for providing secure access to digital resources, the method comprising: monitoring communications between a website and a user using a web browser comprised in a user equipment (UE) that is useable to access the digital resources; processing the monitored communications to determine: a set (WVF) of website vulnerability features comprising features which as a result of the user connecting to the website render a digital resource of the digital resources with which the user communicates vulnerable to cyber damage; and a set of user browsing behaviour features (BHF) comprising features that characterize the user browsing behaviour and internet use pattern which render the digital resource vulnerable to cyber damage; determining based on the website vulnerability factors and the user profile a security risk indicator (SRI) having a value that provides an estimate of a cyber damage risk to the digital resource resulting from the user connecting to the website and the digital resource; and based on the SType: GrantFiled: August 23, 2022Date of Patent: October 21, 2025Assignee: Palo Alto Networks, Inc.Inventors: Ofer Ben-Noon, Ohad Bobrov, Ido Salomon, Gilad Roth, Guy Harpak
-
Patent number: 12445493Abstract: A method for providing secure access to cloud computing resources comprising: monitoring communications in sessions between a cloud computing resource, CCaaS, of cloud computing resources and users using web browsers comprised in user equipment, UE, to access the CCaaS; processing the monitored communications to accumulate data for at least one component or any combination of more than one of a set, CCaaS-KPI, of key performance indicators, KPIs, that characterize operation of the CCaaS during the sessions, a set, UE-KPI, of key performance indicators characterizing operation of the user equipment, UE, during the sessions, a set, U-KPI, characterizing actions of users accessing the CCaaS during the sessions, and/or a set, SMETA, of session metadata components that provide indexing and descriptive data for the sessions; processing the accumulated data to determine patterns characterizing normal interaction of users with the CCaaS; and using the normal patterns to detect an anomaly in a user session in which thType: GrantFiled: December 15, 2022Date of Patent: October 14, 2025Assignee: Palo Alto Networks, Inc.Inventors: Ofer Ben-Noon, Ohad Bobrov, Ido Salomon, Gilad Roth, Guy Harpak
-
Patent number: 12413624Abstract: A communications system for providing secure access to a digital resource of a group of digital resources accessible via the internet, the system comprising: a data processing hub accessible via an IP (internet protocol) address; and a plurality of user equipment (UEs) useable to communicate via the internet, each configured to have a cyber secure isolated environment (CISE) isolated from ambient software in the UE, and comprising a secure web browser (SWB); wherein the hub and CISE are configured so that digital resources in motion and at rest in CISE are visible to the hub.Type: GrantFiled: April 22, 2022Date of Patent: September 9, 2025Assignee: Palo Alto Networks, Inc.Inventors: Ofer Ben-Noon, Ohad Bobrov, Gilad Roth, Guy Harpak, Ido Salomon
-
Publication number: 20250175486Abstract: A method for securing browsing activity of a user using user equipment (UE) having a web browser, the method comprising: vetting data comprised in or associated with at least one or any combination of more than one of a user profile, the UE and/or web browser, and/or a set of website risk vulnerabilities that may affect cyber damage risk related to browsing; and based on the vetting determining: a type and degree of isolation to be provided for the UE; and a temporal configuration for monitoring browsing activity of the user.Type: ApplicationFiled: May 16, 2024Publication date: May 29, 2025Inventors: Ofer Ben-Noon, Ohad Bobrov, Guy Harpak, Eran Rom, Ido Salomon
-
Publication number: 20250150512Abstract: A method for monitoring activity of a user interacting with a digital resource of a group of digital resources accessible via a communications network, the method comprising: providing the user with a user equipment (UE) comprising a web browser configured to make motion of resources in the web browser visible to a processing hub associated with the group of digital resources; configuring responsive to a user profile comprising a user key performance indicator a monitoring mode for the web browser in accordance with which the browser operates to acquire monitoring data characterizing the user activity while interacting with a resource of the group of resources using the web browser; and determining whether a temporal configuration characterizing time dependence of the monitoring mode during a monitoring period of interest is a duty cycle monitoring mode or a continuous monitoring mode.Type: ApplicationFiled: May 16, 2024Publication date: May 8, 2025Inventors: Ofer Ben-Noon, Ohad Bobrov, Guy Harpak, Eran Rom, Ido Salomon
-
Publication number: 20230122247Abstract: A method for providing secure access to cloud computing resources comprising: monitoring communications in sessions between a cloud computing resource, CCaaS, of cloud computing resources and users using web browsers comprised in user equipment, UE, to access the CCaaS; processing the monitored communications to accumulate data for at least one component or any combination of more than one of a set, CCaaS-KPI, of key performance indicators, KPIs, that characterize operation of the CCaaS during the sessions, a set, UE-KPI, of key performance indicators characterizing operation of the user equipment, UE, during the sessions, a set, U-KPI, characterizing actions of users accessing the CCaaS during the sessions, and/or a set, SMETA, of session metadata components that provide indexing and descriptive data for the sessions; processing the accumulated data to determine patterns characterizing normal interaction of users with the CCaaS; and using the normal patterns to detect an anomaly in a user session in which thType: ApplicationFiled: December 15, 2022Publication date: April 20, 2023Inventors: Ofer Ben-Noon, Ohad Bobrov, Ido Salomon, Gilad Roth, Guy Harpak
-
Publication number: 20220417277Abstract: A method for providing secure access to digital resources, the method comprising: monitoring communications between a website and a user using a web browser comprised in a user equipment (UE) that is useable to access the digital resources; processing the monitored communications to determine: a set (WVF) of website vulnerability features comprising features which as a result of the user connecting to the website render a digital resource of the digital resources with which the user communicates vulnerable to cyber damage; and a set of user browsing behaviour features (BHF) comprising features that characterize the user browsing behaviour and internet use pattern which render the digital resource vulnerable to cyber damage; determining based on the website vulnerability factors and the user profile a security risk indicator (SRI) having a value that provides an estimate of a cyber damage risk to the digital resource resulting from the user connecting to the website and the digital resource; and based on the SType: ApplicationFiled: August 23, 2022Publication date: December 29, 2022Inventors: Ofer Ben-Noon, Ohad Bobrov, Ido Salomon, Gilad Roth, Guy Harpak
-
Publication number: 20220366050Abstract: A communications system for providing secure access to a digital resource of a group of digital resources accessible via the internet, the system comprising: a data processing hub accessible via an IP (internet protocol) address; and a plurality of user equipment (UEs) useable to communicate via the internet, each configured to have a cyber secure isolated environment (CISE) isolated from ambient software in the UE, and comprising a secure web browser (SWB); wherein the hub and CISE are configured so that digital resources in motion and at rest in CISE are visible to the hub.Type: ApplicationFiled: April 22, 2022Publication date: November 17, 2022Inventors: Ofer Ben-Noon, Ohad Bobrov, Gilad Roth, Guy Harpak, Ido Salomon