Patents by Inventor Ohad Tanami

Ohad Tanami has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).

  • Unified workload runtime protection
    Patent number: 11966466
    Abstract: A protection system is provided for delivering runtime security to a task including a workload container. The protection system uses a sidecar to limit access of the workload container to a standard library of the operating system running the workload container by modifying the task so that the sidecar is executed before the workload container. The sidecar places a guard loader into a shared volume and binds the workload container, such that calls to the workload container are passed to an agent binary. The agent binary compares requested calls from the workload container to a policy to approve and/or deny the requested calls. If the requested call is approved, then the requested call is passed to the standard library.
    Type: Grant
    Filed: January 10, 2022
    Date of Patent: April 23, 2024
    Assignee: Check Point Serverless Security Ltd.
    Inventors: Ohad Tanami, Itay Harush, Piyush Anand Deshpande, Devdatta Krishna Deshpande
  • SYSTEM AND METHOD FOR PERFORMING HIERARCHICAL AND INCREMENTAL WORKLOAD SCANNING
    Publication number: 20230401319
    Abstract: A computer executed method is presented for identifying security issues in a workload. The method identifies instance(s) of the workload and scans each instance for security vulnerabilities using hierarchical and incremental scanning. The hierarchical and incremental scan of each instance is performed by identifying as a base machine image a machine image that has previously been scanned for security vulnerabilities and that the instance originated from. The differences between the instance and the base machine image are then identified and scanned for security vulnerabilities.
    Type: Application
    Filed: June 8, 2022
    Publication date: December 14, 2023
    Inventors: Ohad Tanami, Itay Harush
  • UNIFIED WORKLOAD RUNTIME PROTECTION
    Publication number: 20230222211
    Abstract: A protection system is provided for delivering runtime security to a task including a workload container. The protection system uses a sidecar to limit access of the workload container to a standard library of the operating system running the workload container by modifying the task so that the sidecar is executed before the workload container. The sidecar places a guard loader into a shared volume and binds the workload container, such that calls to the workload container are passed to an agent binary. The agent binary compares requested calls from the workload container to a policy to approve and/or deny the requested calls. If the requested call is approved, then the requested call is passed to the standard library.
    Type: Application
    Filed: January 10, 2022
    Publication date: July 13, 2023
    Inventors: Ohad Tanami, Itay Harush, Piyush Anand Deshpande, Devdatta Krishna Deshpande