Patents by Inventor Guy Podjarny
Guy Podjarny has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 11755460Abstract: Flaws in dependencies of deployed applications are identified. In one embodiment, a list of dependencies used by a deployed application that is deployed on the deployment platform is obtained. Each dependency of the list of dependencies is mapped with a flaws database, wherein the flaws database comprising an indication of known flaws for different dependencies and different versions thereof. Based on such mapping, one or more flaws in the deployed application are determined. The determination is performed externally to the deployment platform and without executing a monitoring process thereon.Type: GrantFiled: March 19, 2020Date of Patent: September 12, 2023Assignee: SNYK LIMITEDInventors: Guy Podjarny, Assaf Hefetz
-
Patent number: 10979485Abstract: Described herein are methods, apparatus and systems for selectively delivering content through one of two communication channels, one being origin to client and the other being from or through a CDN to client. Thus a client may choose to request content from a CDN and/or from an origin server. This disclosure sets forth techniques for, among other things, distinguishing between which channel to use for a given object, using the CDN-client channel to obtain the performance benefit of doing so, and reverting to the origin-client channel where content may be private, sensitive, corrupted, or otherwise considered to be unsuitable from delivery from and/or through the CDN.Type: GrantFiled: September 16, 2020Date of Patent: April 13, 2021Assignee: Akamai Technologies, Inc.Inventors: Charles E. Gero, Guy Podjarny
-
Publication number: 20200412791Abstract: Described herein are methods, apparatus and systems for selectively delivering content through one of two communication channels, one being origin to client and the other being from or through a CDN to client. Thus a client may choose to request content from a CDN and/or from an origin server. This disclosure sets forth techniques for, among other things, distinguishing between which channel to use for a given object, using the CDN-client channel to obtain the performance benefit of doing so, and reverting to the origin-client channel where content may be private, sensitive, corrupted, or otherwise considered to be unsuitable from delivery from and/or through the CDN.Type: ApplicationFiled: September 16, 2020Publication date: December 31, 2020Applicant: Akamai Technologies Inc.Inventors: Charles E. Gero, Guy Podjarny
-
Publication number: 20200412800Abstract: Stream-based data deduplication is provided in a multi-tenant shared infrastructure but without requiring “paired” endpoints having synchronized data dictionaries. Data objects processed by the dedupe functionality are treated as objects that can be fetched as needed. As such, a decoding peer does not need to maintain a symmetric library for the origin. Rather, if the peer does not have the chunks in cache that it needs, it follows a conventional content delivery network procedure to retrieve them. In this way, if dictionaries between pairs of sending and receiving peers are out-of-sync, relevant sections are then re-synchronized on-demand. The approach does not require that libraries maintained at a particular pair of sender and receiving peers are the same. Rather, the technique enables a peer, in effect, to “backfill” its dictionary on-the-fly. On-the-wire compression techniques are provided to reduce the amount of data transmitted between the peers.Type: ApplicationFiled: September 15, 2020Publication date: December 31, 2020Inventors: F. Thomson Leighton, Andrew F. Champagne, Charles E. Gero, Guy Podjarny
-
Patent number: 10785280Abstract: Described herein are methods, apparatus and systems for selectively delivering content through one of two communication channels, one being origin to client and the other being from or through a CDN to client. Thus a client may choose to request content from a CDN and/or from an origin server. This disclosure sets forth techniques for, among other things, distinguishing between which channel to use for a given object, using the CDN-client channel to obtain the performance benefit of doing so, and reverting to the origin-client channel where content may be private, sensitive, corrupted, or otherwise considered to be unsuitable from delivery from and/or through the CDN.Type: GrantFiled: January 4, 2018Date of Patent: September 22, 2020Assignee: Akami Technologies Inc.Inventors: Charles E. Gero, Guy Podjarny
-
Patent number: 10778760Abstract: Stream-based data deduplication is provided in a multi-tenant shared infrastructure but without requiring “paired” endpoints having synchronized data dictionaries. Data objects processed by the dedupe functionality are treated as objects that can be fetched as needed. As such, a decoding peer does not need to maintain a symmetric library for the origin. Rather, if the peer does not have the chunks in cache that it needs, it follows a conventional content delivery network procedure to retrieve them. In this way, if dictionaries between pairs of sending and receiving peers are out-of-sync, relevant sections are then re-synchronized on-demand. The approach does not require that libraries maintained at a particular pair of sender and receiving peers are the same. Rather, the technique enables a peer, in effect, to “backfill” its dictionary on-the-fly. On-the-wire compression techniques are provided to reduce the amount of data transmitted between the peers.Type: GrantFiled: February 5, 2019Date of Patent: September 15, 2020Assignee: Akamai Technologies, Inc.Inventors: F. Thomson Leighton, Andrew F. Champagne, Charles E. Gero, Guy Podjarny
-
Publication number: 20200272556Abstract: Flaws in dependencies of deployed applications are identified. In one embodiment, a list of dependencies used by a deployed application that is deployed on the deployment platform is obtained. Each dependency of the list of dependencies is mapped with a flaws database, wherein the flaws database comprising an indication of known flaws for different dependencies and different versions thereof. Based on such mapping, one or more flaws in the deployed application are determined. The determination is performed externally to the deployment platform and without executing a monitoring process thereon.Type: ApplicationFiled: March 19, 2020Publication date: August 27, 2020Inventors: Guy Podjarny, Assaf Hefetz
-
Patent number: 10742666Abstract: A system and method for static detection and categorization of information-flow downgraders includes transforming a program stored in a memory device by statically analyzing program variables to yield a single assignment to each variable in an instruction set. The instruction set is translated to production rules with string operations. A context-free grammar is generated from the production rules to identify a finite set of strings. An information-flow downgrader function is identified by checking the finite set of strings against one or more function specifications.Type: GrantFiled: February 4, 2016Date of Patent: August 11, 2020Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: Yinnon Haviv, Roee Hay, Marco Pistoia, Guy Podjarny, Adi Sharabani, Takaaki Tateishi, Omer Tripp, Omri Weisman
-
Patent number: 10691577Abstract: Flaws in dependencies of deployed applications are identified. In one embodiment, a list of dependencies used by a deployed application that is deployed on the deployment platform is obtained. Each dependency of the list of dependencies is mapped with a flaws database, wherein the flaws database comprising an indication of known flaws for different dependencies and different versions thereof. Based on such mapping, one or more flaws in the deployed application are determined. The determination is performed externally to the deployment platform and without executing a monitoring process thereon.Type: GrantFiled: March 1, 2018Date of Patent: June 23, 2020Assignee: SNYK LIMITEDInventors: Guy Podjarny, Assaf Hefetz
-
Patent number: 10673897Abstract: An apparatus for two-tier deep analysis of hypertext transport protocol data, monitors Web traffic, receives a packet of Web traffic from a network to form a received packet, wherein the received packet represents Web traffic, and stores the Web traffic temporarily to form stored Web traffic. The apparatus further determines whether the Web traffic is suspicious using a first tier analysis and responsive to a determination that the Web traffic is suspicious, consumes the stored Web traffic using a deep analysis module. The apparatus further determines whether the stored Web traffic is a case of misuse using a second tier analysis and responsive to a determination that the stored Web traffic is a case of misuse, feeding back data about a malicious connection to an intrusion protection system before returning to monitor the Web traffic.Type: GrantFiled: August 19, 2011Date of Patent: June 2, 2020Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: Hosam Aly, Craig R. Conboy, Iosif Viorel Onut, Guy Podjarny
-
Patent number: 10673898Abstract: A computer-implemented process for two-tier deep analysis of hypertext transport protocol data, monitors Web traffic, receives a packet of Web traffic from a network to form a received packet, wherein the received packet represents Web traffic, and stores the Web traffic temporarily to form stored Web traffic. The computer-implemented process further determines whether the Web traffic is suspicious using a first tier analysis and responsive to a determination that the Web traffic is suspicious, consumes the stored Web traffic using a deep analysis module. The computer-implemented process further determines whether the stored Web traffic is a case of misuse using a second tier analysis and responsive to a determination that the stored Web traffic is a case of misuse, feeding back data about a malicious connection to an intrusion protection system before returning to monitor the Web traffic.Type: GrantFiled: March 21, 2012Date of Patent: June 2, 2020Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: Hosam Aly, Craig R. Conboy, Iosif Viorel Onut, Guy Podjarny
-
Publication number: 20190173942Abstract: Stream-based data deduplication is provided in a multi-tenant shared infrastructure but without requiring “paired” endpoints having synchronized data dictionaries. Data objects processed by the dedupe functionality are treated as objects that can be fetched as needed. As such, a decoding peer does not need to maintain a symmetric library for the origin. Rather, if the peer does not have the chunks in cache that it needs, it follows a conventional content delivery network procedure to retrieve them. In this way, if dictionaries between pairs of sending and receiving peers are out-of-sync, relevant sections are then re-synchronized on-demand. The approach does not require that libraries maintained at a particular pair of sender and receiving peers are the same. Rather, the technique enables a peer, in effect, to “backfill” its dictionary on-the-fly. On-the-wire compression techniques are provided to reduce the amount of data transmitted between the peers.Type: ApplicationFiled: February 5, 2019Publication date: June 6, 2019Inventors: F. Thomson Leighton, Andrew F. Champagne, Charles E. Gero, Guy Podjarny
-
Patent number: 10296567Abstract: Described herein are systems, method and devices for modifying web pages to enhance their performance. In certain non-limiting embodiments, improved resource consolidation techniques are described, which are sometimes referred to herein as ‘progressive’ consolidation. Such techniques can be used to consolidate page resources in a way that allows a client browser or other application to process each of the consolidated resources after it arrives, even if all the client has not fully retrieved all of the consolidated resources yet. The teachings hereof can be used, for example, to modify a markup language document (HTML) to consolidate CSS, JavaScript, images, or other resources referenced therein.Type: GrantFiled: September 1, 2017Date of Patent: May 21, 2019Assignee: Akamai Technologies, Inc.Inventors: Guy Podjarny, Christopher R. Dumoulin
-
Patent number: 10200467Abstract: Stream-based data deduplication is provided in a multi-tenant shared infrastructure but without requiring “paired” endpoints having synchronized data dictionaries. Data objects processed by the dedupe functionality are treated as objects that can be fetched as needed. As such, a decoding peer does not need to maintain a symmetric library for the origin. Rather, if the peer does not have the chunks in cache that it needs, it follows a conventional content delivery network procedure to retrieve them. In this way, if dictionaries between pairs of sending and receiving peers are out-of-sync, relevant sections are then re-synchronized on-demand. The approach does not require that libraries maintained at a particular pair of sender and receiving peers are the same. Rather, the technique enables a peer, in effect, to “backfill” its dictionary on-the-fly. On-the-wire compression techniques are provided to reduce the amount of data transmitted between the peers.Type: GrantFiled: August 15, 2016Date of Patent: February 5, 2019Assignee: Akamai Technologies, Inc.Inventors: F. Thomson Leighton, Andrew F. Champagne, Charles E. Gero, Guy Podjarny
-
Patent number: 10110695Abstract: Front-end optimization (FEO) configuration information is leveraged to identify “key” resources required to load other pages on a site, and to automatically cause key resources to be prefetched to a server, and to the browser. In this approach, an FEO analyzer uses knowledge of configured optimization templates to determine the key resources required to load pages for each template. The key resources for pages belonging to other optimization templates are then selectively prefetched by other pages. In a preferred approach, the FEO analyzer provides an edge server cache process a list of key resources and instructions to prefetch the key resources, as well as instructions to rewrite the HTML of the page to include instructions for the browser to prefetech the key resources. On the client, key resources are prefetched if missing from a cache on the browser. Key resources preferably are stored in the browser's HTML5 local storage cache.Type: GrantFiled: June 19, 2018Date of Patent: October 23, 2018Assignee: Akamai Technologies, Inc.Inventors: Craig Conboy, Guy Podjarny, Christopher P. Daley
-
Patent number: 10108595Abstract: A method and system for modifying web pages, including dynamic web pages, based on automated analysis wherein web pages are transformed based on transformation instructions in nearly real-time, and wherein analysis is performed and transformation instructions based on the analysis are prepared prior to a request for the web page. The system has two primary components, an analyzer which asynchronously and repeatedly analyzes web pages creating and updating transformation instructions relating to the web pages, and a transformer which intercepts traffic to a web server in response to a request for the web page, receives the returned web pages, and transforms them based on stored transformation instructions.Type: GrantFiled: June 6, 2016Date of Patent: October 23, 2018Assignee: Akamai Technologies, Inc.Inventor: Guy Podjarny
-
Publication number: 20180302492Abstract: Front-end optimization (FEO) configuration information is leveraged to identify “key” resources required to load other pages on a site, and to automatically cause key resources to be prefetched to a server, and to the browser. In this approach, an FEO analyzer uses knowledge of configured optimization templates to determine the key resources required to load pages for each template. The key resources for pages belonging to other optimization templates are then selectively prefetched by other pages. In a preferred approach, the FEO analyzer provides an edge server cache process a list of key resources and instructions to prefetch the key resources, as well as instructions to rewrite the HTML of the page to include instructions for the browser to prefetech the key resources. On the client, key resources are prefetched if missing from a cache on the browser. Key resources preferably are stored in the browser's HTML5 local storage cache.Type: ApplicationFiled: June 19, 2018Publication date: October 18, 2018Inventors: Craig Conboy, Guy Podjarny, Christopher P. Daley
-
Publication number: 20180260301Abstract: Flaws in dependencies of deployed applications are identified. In one embodiment, a list of dependencies used by a deployed application that is deployed on the deployment platform is obtained. Each dependency of the list of dependencies is mapped with a flaws database, wherein the flaws database comprising an indication of known flaws for different dependencies and different versions thereof. Based on such mapping, one or more flaws in the deployed application are determined. The determination is performed externally to the deployment platform and without executing a monitoring process thereon.Type: ApplicationFiled: March 1, 2018Publication date: September 13, 2018Inventors: Guy Podjarny, Assaf Hefetz
-
Patent number: 10057324Abstract: Described herein are methods, apparatus and systems for selectively delivering content through one of two communication channels, one being origin to client and the other being from or through a CDN to client. Thus a client may choose to request content from a CDN and/or from an origin server. This disclosure sets forth techniques for, among other things, distinguishing between which channel to use for a given object, using the CDN-client channel to obtain the performance benefit of doing so, and reverting to the origin-client channel where content may be private, sensitive, corrupted, or otherwise considered to be unsuitable from delivery from and/or through the CDN.Type: GrantFiled: July 7, 2017Date of Patent: August 21, 2018Assignee: Akamai Technologies Inc.Inventors: Charles E. Gero, Guy Podjarny
-
Patent number: 10003666Abstract: Front-end optimization (FEO) configuration information is leveraged to identify “key” resources required to load other pages on a site, and to automatically cause key resources to be prefetched to a server, and to the browser. In this approach, an FEO analyzer uses knowledge of configured optimization templates to determine the key resources required to load pages for each template. The key resources for pages belonging to other optimization templates are then selectively prefetched by other pages. In a preferred approach, the FEO analyzer provides an edge server cache process a list of key resources and instructions to prefetch the key resources, as well as instructions to rewrite the HTML of the page to include instructions for the browser to prefetech the key resources. On the client, key resources are prefetched if missing from a cache on the browser. Key resources preferably are stored in the browser's HTML5 local storage cache.Type: GrantFiled: October 22, 2016Date of Patent: June 19, 2018Assignee: Akamai Technologies, Inc.Inventors: Craig Conboy, Guy Podjarny, Christopher P. Daley