Patents by Inventor Kunal Anand
Kunal Anand has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 11729176Abstract: A runtime application self protection (RASP) plug-in logic monitors for, and prevents, outbound network connections that are initiated by server application logic and that are not intended by the application logic. The RASP plug-in has access to information generally available only to the application logic and identifies specific vulnerabilities within the application logic that can be patched. The vulnerabilities are identified by (i) data identifying the portion(s) of the application logic that is the source of the vulnerability and (ii) data identifying the authenticated user, if any, that is the source of the attack. The RASP plug-in catches and identifies specific attacks on the application logic in real-world, production operation.Type: GrantFiled: October 17, 2019Date of Patent: August 15, 2023Assignee: Imperva Inc.Inventors: Kunal Anand, Richard Meester, Joseph Rozner, Martin Ryan
-
Patent number: 11593502Abstract: A method by one or more computing devices for detecting application user anomalies in audit logs of database operations performed on one or more databases. The method includes obtaining a first audit log of database operations, wherein the first audit log indicates (1) which application users of an application caused which of the database operations to be performed and (2) which functions of the application caused which of the database operations to be performed, generating, for each of the application users indicated in the first audit log, a profile of that application user that indicates which of the functions that application user is expected to touch, and detecting an anomaly in response to a determination that a second audit log indicates that an application user touched a function that is not one of the functions indicated in the profile of the application user.Type: GrantFiled: April 26, 2021Date of Patent: February 28, 2023Assignee: Imperva, Inc.Inventors: Itsik Mantin, Craig Burlingame, Brian Anderson, Kunal Anand, Ran Rosin, Peter Klimek, Joseph Moore
-
Publication number: 20220400077Abstract: Techniques are disclosed for deploying, by a packet processing system in a cloud computing environment, microservice instances in the cloud computing environment comprising a plurality of computing devices executing a plurality of Kubernetes clusters comprising one or more containers. The packet processing system is configured to selectively steer data traffic between multiple versions of microservice instances executing in the cloud computing environment.Type: ApplicationFiled: September 8, 2021Publication date: December 15, 2022Inventors: Kunal Anand EKAWDE, Michael Anthony BROWN
-
Publication number: 20220382596Abstract: Techniques are disclosed for providing method for providing an event timer for event synchronization across Kubernetes clusters. The event timer is configured to provide event synchronization on behalf of microservice instances in the cloud computing environment. In response to a request for an event timer for a timed event, it is determined whether the requested event timer has been started for a second microservice instance. If the requested event timer has been started, a state of the requested event timer is sent to the first microservice instance If the requested event timer has not been started, the requested event timer is instantiated, and a state of the instantiated event timer is stored in a database. The instantiated event timer is independent of the first and second microservice instances. In response to an expiration of the event timer, a single callback for processing of the event is generated.Type: ApplicationFiled: August 30, 2021Publication date: December 1, 2022Inventors: Kunal Anand EKAWDE, Abhay BALAPPANAVAR, Michael Anthony BROWN, Ronald Mark PARKER, Anupama RAGHAVAN, Dhananjaya EADALA, Rama Krishna Prasad MANGALAPARTHI, Mark Gordon LIBBY
-
Patent number: 11461484Abstract: A method by one or more runtime agents protecting a web application for capturing contextual information for data accesses. The method includes determining first metadata associated with a web application layer request sent by a web application firewall to the web application, determining second metadata associated with the web application layer request based on information available to the web application, serializing the first metadata and the second metadata to generate serialized metadata, and adding the serialized metadata to a database query that is to be submitted by the web application to the database server, wherein execution of the database query that includes the serialized metadata by the database server is to cause the database activity monitor to store the serialized metadata and third metadata associated with the database query determined by the database activity monitor in a data storage.Type: GrantFiled: December 30, 2019Date of Patent: October 4, 2022Assignee: Imperva, Inc.Inventors: Kunal Anand, Brian Anderson, Joe Moore, Ran Rosin, Itsik Mantin, Peter Klimek, Craig Burlingame
-
Patent number: 11405212Abstract: A runtime application self protection (RASP) plug-in monitors for, and prevents, invocation of unacceptably weak cryptographic processing requested by an application. Since the RASP plug-in is linked to the application, the RASP plug-in has access to information regarding an execution state of the application logic, including interaction with shared libraries, to determine what component of the application requests use of unacceptable cryptographic techniques. Such enables owners/operators of an application to easily detect requests for unacceptable cryptographic techniques, even if such requests originate in a portion of the application that is not under the control of the owners/operators.Type: GrantFiled: October 17, 2019Date of Patent: August 2, 2022Assignee: IMPERVA, INC.Inventor: Kunal Anand
-
Publication number: 20220019658Abstract: Systems and methods for analyzing SQL queries for constraint violations for injection attacks. Tokenizing a SQL query generates a token stream. A parse tree is constructed by iterating over lexical nodes of the token stream. The parse tree is compared to a SQL schema and access configuration for a database in order to analyze the SQL query for constraint violations. Evaluation flaws are also detected. A step-wise, bottom-up approach is employed to walk through the parse tree to detect types and to ascertain from those types whether the condition for SQL execution is static or dynamic. SQL request security engine logic refers to predetermined protective action data and takes the particular type of action specified by the predetermined protective action data. Security is further enhanced by limiting service of requests to requests of one or more specific, accepted data types. Each request is parsed into individual data elements, each an associated key-value pair.Type: ApplicationFiled: July 28, 2021Publication date: January 20, 2022Inventor: Kunal Anand
-
Publication number: 20210312068Abstract: A method by one or more computing devices for detecting application user anomalies in audit logs of database operations performed on one or more databases. The method includes obtaining a first audit log of database operations, wherein the first audit log indicates (1) which application users of an application caused which of the database operations to be performed and (2) which functions of the application caused which of the database operations to be performed, generating, for each of the application users indicated in the first audit log, a profile of that application user that indicates which of the functions that application user is expected to touch, and detecting an anomaly in response to a determination that a second audit log indicates that an application user touched a function that is not one of the functions indicated in the profile of the application user.Type: ApplicationFiled: April 26, 2021Publication date: October 7, 2021Applicant: Imperva, Inc.Inventors: Itsik MANTIN, Craig BURLINGAME, Brian ANDERSON, Kunal ANAND, Ran ROSIN, Peter KLIMEK, Joseph MOORE
-
Patent number: 11100218Abstract: Systems and methods for analyzing SQL queries for constraint violations for injection attacks. Tokenizing a SQL query generates a token stream. A parse tree is constructed by iterating over lexical nodes of the token stream. The parse tree is compared to a SQL schema and access configuration for a database in order to analyze the SQL query for constraint violations. Evaluation flaws are also detected. A step-wise, bottom-up approach is employed to walk through the parse tree to detect types and to ascertain from those types whether the condition for SQL execution is static or dynamic. SQL request security engine logic refers to predetermined protective action data and takes the particular type of action specified by the predetermined protective action data. Security is further enhanced by limiting service of requests to requests of one or more specific, accepted data types. Each request is parsed into individual data elements, each an associated key-value pair.Type: GrantFiled: June 22, 2018Date of Patent: August 24, 2021Assignee: PREVOTY, INC.Inventor: Kunal Anand
-
Publication number: 20210200884Abstract: A method by one or more runtime agents protecting a web application for capturing contextual information for data accesses. The method includes determining first metadata associated with a web application layer request sent by a web application firewall to the web application, determining second metadata associated with the web application layer request based on information available to the web application, serializing the first metadata and the second metadata to generate serialized metadata, and adding the serialized metadata to a database query that is to be submitted by the web application to the database server, wherein execution of the database query that includes the serialized metadata by the database server is to cause the database activity monitor to store the serialized metadata and third metadata associated with the database query determined by the database activity monitor in a data storage.Type: ApplicationFiled: December 30, 2019Publication date: July 1, 2021Applicant: Imperva, Inc.Inventors: Kunal ANAND, Brian ANDERSON, Joe MOORE, Ran ROSIN, Itsik MANTIN, Peter KLIMEK, Craig BURLINGAME
-
Patent number: 11023607Abstract: A method for detecting anomalies in audit logs of database operations performed on databases. The method includes obtaining a first audit log of database operations performed on one or more databases, generating, for each of a plurality of attribute values associated with a designated attribute appearing in the first audit log, a profile of that attribute value that indicates expected attribute characteristics of one or more attributes when that attribute value is associated with the designated attribute, obtaining a second audit log of further database operations performed on the one or more databases, and detecting an anomaly responsive to a determination that a log entry in the second audit log includes an attribute value associated with the designated attribute but attributes in the log entry deviate from the expected attribute characteristics of the one or more attributes indicated by the profile of the attribute value associated with the designated attribute.Type: GrantFiled: April 3, 2020Date of Patent: June 1, 2021Assignee: Imperva, Inc.Inventors: Itsik Mantin, Craig Burlingame, Brian Anderson, Kunal Anand, Ran Rosin, Peter Klimek, Joseph Moore
-
Publication number: 20200213322Abstract: A runtime application self protection (RASP) plug-in logic monitors for, and prevents, outbound network connections that are initiated by server application logic and that are not intended by the application logic. The RASP plug-in has access to information generally available only to the application logic and identifies specific vulnerabilities within the application logic that can be patched. The vulnerabilities are identified by (i) data identifying the portion(s) of the application logic that is the source of the vulnerability and (ii) data identifying the authenticated user, if any, that is the source of the attack. The RASP plug-in catches and identifies specific attacks on the application logic in real-world, production operation.Type: ApplicationFiled: October 17, 2019Publication date: July 2, 2020Inventors: Kunal Anand, Richard Meester, II, Joseph Rozner, Martin Ryan
-
Publication number: 20200213120Abstract: A runtime application self protection (RASP) plug-in monitors for, and prevents, invocation of unacceptably weak cryptographic processing requested by an application. Since the RASP plug-in is linked to the application, the RASP plug-in has access to information regarding an execution state of the application logic, including interaction with shared libraries, to determine what component of the application requests use of unacceptable cryptographic techniques. Such enables owners/operators of an application to easily detect requests for unacceptable cryptographic techniques, even if such requests originate in a portion of the application that is not under the control of the owners/operators.Type: ApplicationFiled: October 17, 2019Publication date: July 2, 2020Inventor: Kunal Anand
-
Publication number: 20180307831Abstract: Systems and methods for analyzing SQL queries for constraint violations for injection attacks. Tokenizing a SQL query generates a token stream. A parse tree is constructed by iterating over lexical nodes of the token stream. The parse tree is compared to a SQL schema and access configuration for a database in order to analyze the SQL query for constraint violations. Evaluation flaws are also detected. A step-wise, bottom-up approach is employed to walk through the parse tree to detect types and to ascertain from those types whether the condition for SQL execution is static or dynamic. SQL request security engine logic refers to predetermined protective action data and takes the particular type of action specified by the predetermined protective action data. Security is further enhanced by limiting service of requests to requests of one or more specific, accepted data types. Each request is parsed into individual data elements, each an associated key-value pair.Type: ApplicationFiled: June 22, 2018Publication date: October 25, 2018Inventor: Kunal Anand
-
Patent number: 10025936Abstract: Methods and apparatuses for detecting an evaluation flaw in a SQL query, the SQL query configured to access data in a database table are disclosed. The method includes creating a parse tree from the SQL query and evaluating the parse tree to ascertain whether a condition of the SQL query results in a type or value that is independent of contents of the database table. For type evaluation, if, responsive to the evaluating, the condition is found, designating the SQL query at risk for having the tautology in the SQL query. For value evaluation, if, responsive to the evaluating, the condition is found, determining whether the condition is always true or whether the condition is always false; and if, responsive to the determining, the condition is found to be always true or always false, designating the SQL query at risk for having the evaluation flaw in the SQL query.Type: GrantFiled: September 16, 2016Date of Patent: July 17, 2018Assignee: PREVOTY, INC.Inventors: Kunal Anand, Michael Crampon, Richard Meester, Joseph Rozner, Joshua Chase
-
Patent number: 10002254Abstract: Methods and apparatuses for detecting an evaluation flaw in a SQL query, the SQL query configured to access data in a database table are disclosed. The method includes creating a parse tree from the SQL query and evaluating the parse tree to ascertain whether a condition of the SQL query results in a type or value that is independent of contents of the database table. For type evaluation, if, responsive to the evaluating, the condition is found, designating the SQL query at risk for having the tautology in the SQL query. For value evaluation, if, responsive to the evaluating, the condition is found, determining whether the condition is always true or whether the condition is always false; and if, responsive to the determining, the condition is found to be always true or always false, designating the SQL query at risk for having the evaluation flaw in the SQL query.Type: GrantFiled: September 16, 2016Date of Patent: June 19, 2018Assignee: PREVOTY, INC.Inventors: Kunal Anand, Michael Crampon, Richard Meester, Joseph Rozner, Joshua Chase
-
Patent number: 9927281Abstract: A level measuring device for radar transmitter calibration, and method of use is herein disclosed. The level measuring device can comprise a radar transmitter, a fluid column, process flanges, and a visible level gauge. The radar transmitter can mount above the fluid column. The fluid column can comprise a chamber capable of holding a fluid. The process flanges can be in fluid connection with the fluid column at a first side of the fluid column. The process flanges can be connectable to a vessel. The visible level gauge can attach to a second side of the fluid column. The visible level gauge can comprise one or more sight glasses that can allow visible light between the chamber and outside the chamber.Type: GrantFiled: October 13, 2017Date of Patent: March 27, 2018Inventors: Kunal Anand, Rengacharry Rajan
-
Patent number: 9800684Abstract: The present invention relates to systems and methods for statistical caching. Inputs are captured via an appropriate network protocol. The input includes statistical data and a corresponding cache key. The values for each cache key within a cache are compacted using the input. The compacting involves determining if the corresponding cache key is already set within the cache, and if the cache key is present, aggregating the statistical data with the value stored within the cache to generate an updated value. The updated cache may be periodically synchronized with a final data store. Additionally, each operation performed by the statistical cache may be recorded in a transaction log for fault tolerance.Type: GrantFiled: January 19, 2015Date of Patent: October 24, 2017Assignee: Prevoty, Inc.Inventor: Kunal Anand
-
Publication number: 20170068820Abstract: Methods and apparatuses for detecting an evaluation flaw in a SQL query, the SQL query configured to access data in a database table are disclosed. The method includes creating a parse tree from the SQL query and evaluating the parse tree to ascertain whether a condition of the SQL query results in a type or value that is independent of contents of the database table. For type evaluation, if, responsive to the evaluating, the condition is found, designating the SQL query at risk for having the tautology in the SQL query. For value evaluation, if, responsive to the evaluating, the condition is found, determining whether the condition is always true or whether the condition is always false; and if, responsive to the determining, the condition is found to be always true or always false, designating the SQL query at risk for having the evaluation flaw in the SQL query.Type: ApplicationFiled: September 16, 2016Publication date: March 9, 2017Inventors: Kunal Anand, Michael Crampon, Richard Meester, Joseph Rozner, Joshua Chase
-
Publication number: 20170068819Abstract: Methods and apparatuses for detecting an evaluation flaw in a SQL query, the SQL query configured to access data in a database table are disclosed. The method includes creating a parse tree from the SQL query and evaluating the parse tree to ascertain whether a condition of the SQL query results in a type or value that is independent of contents of the database table. For type evaluation, if, responsive to the evaluating, the condition is found, designating the SQL query at risk for having the tautology in the SQL query. For value evaluation, if, responsive to the evaluating, the condition is found, determining whether the condition is always true or whether the condition is always false; and if, responsive to the determining, the condition is found to be always true or always false, designating the SQL query at risk for having the evaluation flaw in the SQL query.Type: ApplicationFiled: September 16, 2016Publication date: March 9, 2017Inventors: Kunal Anand, Michael Crampon, Richard Meester, Joseph Rozner, Joshua Chase