Patents by Inventor Or HELLER

Or HELLER has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).

  • Publication number: 20250193178
    Abstract: A system and method for signatureless validation of objects in a computing environment, including artifacts, objects, files, virtual images, and the like. The method includes: detecting a request to deploy an instance based on a software artifact in the computing environment; generating a first fingerprint based on the software artifact in response to detecting the request to deploy the instance; querying a fingerprint database, including a plurality of validated fingerprints, to determine if the first fingerprint is stored therein; deploying the instance in response to validating the first fingerprint; and blocking deployment of the instance in response to determining the first fingerprint is not of the plurality of validated fingerprints.
    Type: Application
    Filed: December 12, 2023
    Publication date: June 12, 2025
    Applicant: Wiz, Inc.
    Inventors: Lir LOCKER, Bar MAGNEZI, Amir LANDE BLAU, Yaniv Joseph OLIVER, Or HELLER
  • Publication number: 20250141913
    Abstract: A system and method for inspecting a resource deployed in a cloud computing environment for a cybersecurity threat is presented. The method includes detecting a virtual instance deployed in a cloud computing environment, the virtual instance associated with an original disk; generating a cloned disk directly based on the original disk, wherein the original disk is provisioned storage from a cloud storage system; generating a cloned disk descriptor associated with the cloned disk, the cloned disk descriptor pointing to the provisioned storage; inspecting the cloned disk for a cybersecurity object, the cybersecurity object indicating a cybersecurity risk; and releasing the cloned disk in response to completing inspection of the cloned disk.
    Type: Application
    Filed: December 30, 2024
    Publication date: May 1, 2025
    Applicant: Wiz, Inc.
    Inventors: Daniel Hershko SHEMESH, Yarin MIRAN, Roy REZNIK, Ami LUTTWAK, Yinon COSTICA, Avihai BERKOVITZ, George PISHA, Yaniv Joseph OLIVER, Udi REITBLAT, Or HELLER, Raaz HERZBERG, Osher HAZAN, Niv Roit BEN DAVID
  • Patent number: 12244634
    Abstract: A system and method for detecting a permission escalation event in a computing environment is disclosed. The method includes: generating a cloned disk based on an original disk of a resource deployed in a computing environment; detecting an identifier of a first principal on the cloned disk; detecting a second principal in the computing environment, the first principal authorized to assume the first principal; storing a representation of the computing environment in a security database, including: a first principal node representing the first principal, and a second principal node representing the second principal, further associated with a permission; querying the representation to determine a permission of the first principal; determining that the second principal includes a permission which the first principal does not include based on a result of querying the representation; and generating a permission escalation event.
    Type: Grant
    Filed: April 26, 2024
    Date of Patent: March 4, 2025
    Assignee: Wiz, Inc.
    Inventors: Daniel Hershko Shemesh, Yarin Miran, Roy Reznik, Ami Luttwak, Yinon Costica, Avihai Berkovitz, George Pisha, Yaniv Joseph Oliver, Udi Reitblat, Or Heller, Raaz Herzberg, Osher Hazan, Niv Roit Ben David
  • Publication number: 20240275812
    Abstract: A system and method for detecting a permission escalation event in a computing environment is disclosed. The method includes: generating a cloned disk based on an original disk of a resource deployed in a computing environment; detecting an identifier of a first principal on the cloned disk; detecting a second principal in the computing environment, the first principal authorized to assume the first principal; storing a representation of the computing environment in a security database, including: a first principal node representing the first principal, and a second principal node representing the second principal, further associated with a permission; querying the representation to determine a permission of the first principal; determining that the second principal includes a permission which the first principal does not include based on a result of querying the representation; and generating a permission escalation event.
    Type: Application
    Filed: April 26, 2024
    Publication date: August 15, 2024
    Applicant: Wiz, Inc.
    Inventors: Daniel Hershko SHEMESH, Yarin MIRAN, Roy REZNIK, Ami LUTTWAK, Yinon COSTICA, Avihai BERKOVITZ, George PISHA, Yaniv Joseph OLIVER, Udi REITBLAT, Or HELLER, Raaz HERZBERG, Osher HAZAN, Niv Roit BEN DAVID
  • Publication number: 20240137382
    Abstract: A system and method for detecting a permission escalation event in a computing environment is disclosed. The method includes: generating a cloned disk based on an original disk of a resource deployed in a computing environment; detecting an identifier of a first principal on the cloned disk; detecting a second principal in the computing environment, the first principal authorized to assume the first principal; storing a representation of the computing environment in a security database, including: a first principal node representing the first principal, and a second principal node representing the second principal, further associated with a permission; querying the representation to determine a permission of the first principal; determining that the second principal includes a permission which the first principal does not include based on a result of querying the representation; and generating a permission escalation event.
    Type: Application
    Filed: December 29, 2023
    Publication date: April 25, 2024
    Applicant: Wiz, Inc.
    Inventors: Daniel Hershko SHEMESH, Yarin MIRAN, Roy REZNIK, Ami LUTTWAK, Yinon COSTICA, Avihai BERKOVITZ, George PISHA, Yaniv Joseph OLIVER, Udi REITBLAT, Or HELLER, Raaz HERZBERG, Osher HAZAN, Niv Roit BEN DAVID
  • Publication number: 20230221983
    Abstract: A system and method detects a vulnerable code object in configuration code for deploying instances in a cloud computing environment. The method includes: accessing a configuration code, including a plurality of code objects, where a code object of the plurality of code objects corresponds to a deployed principal; detecting in a log a plurality of access events, each access event associated with a first principal deployed in the cloud computing environment based on a first code object of the plurality of code objects; determining a first set of permissions associated with the first code object. The method also includes determining a second set of permissions based on the plurality of access events. The method also includes detecting a difference between the second set of permissions and the first set of permissions; and generating an updated code object based on the first code object and the detected difference.
    Type: Application
    Filed: December 29, 2022
    Publication date: July 13, 2023
    Applicant: Wiz, Inc.
    Inventors: Or HELLER, Raaz HERZBERG, Yaniv Joseph OLIVER, Osher HAZAN, Niv Roit BEN DAVID, Ami LUTTWAK, Roy REZNIK