Patents by Inventor NIDHI GOVINDRAM KEJRIWAL
NIDHI GOVINDRAM KEJRIWAL has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 11695793Abstract: A method includes: identifying, by a runtime instrumentation agent of a web server, a plurality of attack surfaces of a web application executed on the web server; generating, by the runtime instrumentation agent, a plurality of hash values, where each hash value is generated based on one of the plurality of attack surfaces; and transmitting, by the runtime instrumentation agent, the plurality of hash values to an attack server external to the web server, where the attack server is to determine whether to scan each attack surface based on the plurality of hash values.Type: GrantFiled: October 31, 2017Date of Patent: July 4, 2023Assignee: MICRO FOCUS LLCInventors: Ming Sum Sam Ng, Sasi Siddharth Muthurajan, Nidhi Govindram Kejriwal, Gerald E. Sullivan, II, Alexander Hoole
-
Publication number: 20230185922Abstract: Testing software applications often requires a balancing of thoroughness versus the time and computing resources available to perform such tests. By performing a static analysis on candidate software source code and, from the static analysis, configuring a dynamic analysis component to execute the tests, allows for extraneous tests to be omitted. For example, performing certain vulnerability attacks on a function may be futile if the attack requires a string input but the function only accepts integers. By combining static and dynamic analysis, unnecessary tests may be omitted and the results of each analysis process correlated to identify actual vulnerabilities or falsely indicted vulnerabilities reported by one of the static or dynamic analysis component.Type: ApplicationFiled: December 15, 2021Publication date: June 15, 2023Applicant: MICRO FOCUS LLCInventors: Gerald E. Sullivan, Justin Michael Alwine, Peter Thomas Blay, Nidhi Govindram Kejriwal
-
Patent number: 10891381Abstract: Examples relate to detecting vulnerabilities in a web application. One example enables identifying a set of inputs in a web application input form. The set of inputs may be categorized based on a set of predetermined conditions. The set of inputs may be scored based on the categorization. A subset of the set of inputs may be determined to be a set of parameters of interest for the web application based on the scored set of inputs.Type: GrantFiled: November 13, 2015Date of Patent: January 12, 2021Assignee: MICRO FOCUS LLCInventors: Jeremy Brooks, Sasi Siddharth Muthurajan, Nidhi Govindram Kejriwal
-
Publication number: 20190132348Abstract: A method includes: identifying, by a runtime instrumentation agent of a web server, a plurality of attack surfaces of a web application executed on the web server; generating, by the runtime instrumentation agent, a plurality of hash values, where each hash value is generated based on one of the plurality of attack surfaces; and transmitting, by the runtime instrumentation agent, the plurality of hash values to an attack server external to the web server, where the attack server is to determine whether to scan each attack surface based on the plurality of hash values.Type: ApplicationFiled: October 31, 2017Publication date: May 2, 2019Inventors: Ming Sum Sam Ng, Sasi Siddharth Muthurajan, Nidhi Govindram Kejriwal, Gerald E. Sullivan, II, Alexander Hoole
-
Publication number: 20180349613Abstract: Examples relate to automated multi-credential assessment in a system. One example enables auditing an application by sending a first request for an action to be performed in the application, the first request based on a first privilege level, where the first privilege level corresponds with a first level of access to the application, and sending a second request for the action to be performed in the application, where the second request based on a second privilege level different from the first privilege level. The second privilege level may corresponds with a second level of access to the application different from the first level of access. The first request and second request may be performed, and the results of the performed first request and second request may be combined. The combined results may be made available.Type: ApplicationFiled: November 13, 2015Publication date: December 6, 2018Inventors: Gerald Sullivan, Sasi Siddharth Muthurajan, Nidhi Govindram Kejriwal, Jeremy Brooks
-
Publication number: 20180330099Abstract: Examples relate to detecting vulnerabilities in a web application. One example enables identifying a set of inputs in a web application input form. The set of inputs may be categorized based on a set of predetermined conditions. The set of inputs may be scored based on the categorization. A subset of the set of inputs may be determined to be a set of parameters of interest for the web application based on the scored set of inputs.Type: ApplicationFiled: November 13, 2015Publication date: November 15, 2018Inventors: Jeremy Brooks, Sasi Siddharth Muthurajan, Nidhi Govindram Kejriwal
-
Patent number: 9846781Abstract: Example embodiments disclosed herein relate to unused parameters. A request to a web page of an application under test is made. It is determined whether the web page includes one or more unused parameter fields. Another request to the web page of the application under test is made using one or more parameters corresponding to the unused parameter fields.Type: GrantFiled: April 19, 2013Date of Patent: December 19, 2017Assignee: EntIT Software LLCInventors: Nidhi GovindRam Kejriwal, Ronald Joseph Sechman, Sasi Siddharth Muthurajan
-
Publication number: 20160034690Abstract: Example embodiments disclosed herein relate to unused parameters. A request to a web page of an application under test is made. It is determined whether the web page includes one or more unused parameter fields. Another request to the web page of the application under test is made using one or more parameters corresponding to the unused parameter fields.Type: ApplicationFiled: April 19, 2013Publication date: February 4, 2016Applicant: Hewlett-Packard Development Company, L.P.Inventors: Nidhi GovindRam Kejriwal, Ronald Joseph Sechman, Sasi Siddharth Muthurajan
-
Patent number: 8789178Abstract: An apparatus and system for scoring and grading websites and method of operation. An apparatus receives one or more Uniform Resource Identifiers (URI), requests and receives a resource such as a webpage, and observes the behaviors of an enhanced browser emulator as controlled by javascript provided by the webpage. The enhanced browser emulator tracks behaviors which when aggregated imply malicious intent.Type: GrantFiled: June 3, 2011Date of Patent: July 22, 2014Assignee: Barracuda Networks, Inc.Inventors: Nidhi Govindram Kejriwal, Paul Judge
-
Publication number: 20110289582Abstract: An apparatus and system for scoring and grading websites and method of operation. An apparatus receives one or more Uniform Resource Identifiers (URI), requests and receives a resource such as a webpage, and observes the behaviors of an enhanced browser emulator as controlled by javascript provided by the webpage. The enhanced browser emulator tracks behaviors which when aggregated imply malicious intent.Type: ApplicationFiled: June 3, 2011Publication date: November 24, 2011Applicant: BARRACUDA NETWORKS, INC.Inventors: NIDHI GOVINDRAM KEJRIWAL, PAUL JUDGE
-
Publication number: 20110030060Abstract: A method provides Dynamic Analysis to identify URL provisioning malicious javascripts comprising tracing frequently used javascript feature used to either inject malicious javascript in html response or redirecting user to the website that is serving malicious contents. An apparatus embodiment operates in the cloud in the middle where it identifies javascript in the response traffic and then requests the other corresponding javascript and can make a determination before delivering the original content to the user.Type: ApplicationFiled: August 3, 2010Publication date: February 3, 2011Applicant: BARRACUDA NETWORKS, INC.Inventor: NIDHI GOVINDRAM KEJRIWAL