Patents by Inventor Roy Rotem
Roy Rotem has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 11736496Abstract: A data security system, including a security manager computer making network application programming interface (API) calls to a cloud-based service that performs data exchange transactions among end users, the API calls remotely controlling the cloud-based service so that the security manager computer accesses transactions that have entered the cloud-based service, whereby an end user may forward a transaction received through the cloud-based service to a central authority as being a potentially harmful or deceptive transaction, and a data inspector operative to analyze a transaction as being indeed harmful or deceptive, by applying machine learning, wherein the security manager computer controls the cloud-based service so as to transmit to the security manager transactions forwarded to the central authority, instead of or in addition to transmitting these transactions to the central authority, for analysis by the data inspector.Type: GrantFiled: February 16, 2021Date of Patent: August 22, 2023Assignee: AVANAN, INC.Inventors: Roy Rotem, Gil Friedrich
-
Patent number: 11647047Abstract: A data security system, including a security manager computer making network application programming interface (API) calls to a cloud-based service that (i) performs data exchange transactions for end users, and (ii) includes a mechanism for an end user to invoke in order to report a transaction received by the end user to a central authority as being a potentially harmful or deceptive transaction, the API calls remotely controlling the cloud-based service so that the security manager computer accesses transactions that have entered the cloud-based service, and a data inspector operative to analyze a transaction as being harmful or deceptive, by applying machine learning, wherein the security manager computer controls the cloud-based service so as to transmit transactions reported by the mechanism to the security manager, instead of or in addition to the central authority, for analysis by the data inspector.Type: GrantFiled: January 6, 2021Date of Patent: May 9, 2023Assignee: AVANAN INC.Inventors: Roy Rotem, Gil Friedrich
-
Publication number: 20220200991Abstract: Disclosed is a method of transparently detecting authentication status of endpoint devices in a network. This method may be used for differentiating guest or rogue endpoints from enterprise endpoints.Type: ApplicationFiled: October 8, 2021Publication date: June 23, 2022Inventors: Gil Friedrich, Roy Rotem
-
Patent number: 11146559Abstract: Disclosed is a method of transparently detecting authentication status of endpoint devices in a network. This method may be used for differentiating guest or rogue endpoints from enterprise endpoints.Type: GrantFiled: January 13, 2014Date of Patent: October 12, 2021Assignee: ForeScout Technologies, Inc.Inventors: Gil Friedrich, Roy Rotem
-
Publication number: 20210258326Abstract: A data security system, including a security manager computer making network application programming interface (API) calls to a cloud-based service that performs data exchange transactions among end users, the API calls remotely controlling the cloud-based service so that the security manager computer accesses transactions that have entered the cloud-based service, whereby an end user may forward a transaction received through the cloud-based service to a central authority as being a potentially harmful or deceptive transaction, and a data inspector operative to analyze a transaction as being indeed harmful or deceptive, by applying machine learning, wherein the security manager computer controls the cloud-based service so as to transmit to the security manager transactions forwarded to the central authority, instead of or in addition to transmitting these transactions to the central authority, for analysis by the data inspector.Type: ApplicationFiled: February 16, 2021Publication date: August 19, 2021Inventors: Roy Rotem, Gil Friedrich
-
Publication number: 20210211464Abstract: A data security system, including a security manager computer making network application programming interface (API) calls to a cloud-based service that (i) performs data exchange transactions for end users, and (ii) includes a mechanism for an end user to invoke in order to report a transaction received by the end user to a central authority as being a potentially harmful or deceptive transaction, the API calls remotely controlling the cloud-based service so that the security manager computer accesses transactions that have entered the cloud-based service, and a data inspector operative to analyze a transaction as being harmful or deceptive, by applying machine learning, wherein the security manager computer controls the cloud-based service so as to transmit transactions reported by the mechanism to the security manager, instead of or in addition to the central authority, for analysis by the data inspector.Type: ApplicationFiled: January 6, 2021Publication date: July 8, 2021Inventors: Roy Rotem, Gil Friedrich
-
Patent number: 10509917Abstract: A data security system, including a security manager computer making network API calls to a service that performs data-exchange transactions for end users, the API calls remotely controlling the service so that the security manager computer accesses an outgoing transaction that has already entered the cloud-based service, by generating one or more security platform rules that are applied by the service and cause the service to automatically transmit the outgoing transaction to an inspection location prior to transmission of the outgoing transaction to a destination, and a data inspector operative to inspect data of the outgoing transaction in the inspection location for data leakage, wherein the security manager computer further controls the service so as to transmit the outgoing transaction to the destinations when the data inspector clears the data, and to perform a remedial action regarding the outgoing transaction when the data inspector does not clear the data.Type: GrantFiled: August 22, 2017Date of Patent: December 17, 2019Assignee: Avanan Inc.Inventors: Roy Rotem, Gil Friedrich, Avraham Zelovich
-
Patent number: 10498835Abstract: A system for shadow IT discovery, including a message monitor monitoring an enterprise messaging service that provides communication between users belonging to the enterprise and cloud services, and discovering a message relating to a specific cloud service, a message analyzer analyzing the message discovered by the message monitor to determine (i) the nature of the specific cloud service, and (ii) one or more enterprise users who use the specific cloud service, and a reporter reporting the results of the message analyzer to an administrator of the enterprise.Type: GrantFiled: November 2, 2016Date of Patent: December 3, 2019Assignee: Avanan Inc.Inventors: Roy Rotem, Avraham Zelovich, Gil Friedrich
-
Patent number: 10372931Abstract: A data security system, including a security manager remotely controlling, via a network application programming interface, a cloud-based service that performs data-exchange transactions for end users, operative to cause the service to prevent end user access to incoming transactions so that the security manager accesses the incoming transactions prior to end users being able to access the incoming transactions, and a data inspector operative to inspect data of incoming transactions for security clearance by invoking one or more content scanners, wherein the security manager is further operative to cause the service to restore end user access to the incoming transactions, when the security inspector clears the data, and to cause the service to perform a remedial action vis-à-vis the incoming transactions, when the security inspector does not the data.Type: GrantFiled: December 1, 2016Date of Patent: August 6, 2019Assignee: Avanan Inc.Inventors: Roy Rotem, Gil Friedrich, Avraham Zelovich
-
Publication number: 20170351875Abstract: A data security system, including a security manager computer making network API calls to a service that performs data-exchange transactions for end users, the API calls remotely controlling the service so that the security manager computer accesses an outgoing transaction that has already entered the cloud-based service, by generating one or more security platform rules that are applied by the service and cause the service to automatically transmit the outgoing transaction to an inspection location prior to transmission of the outgoing transaction to a destination, and a data inspector operative to inspect data of the outgoing transaction in the inspection location for data leakage, wherein the security manager computer further controls the service so as to transmit the outgoing transaction to the destinations when the data inspector clears the data, and to perform a remedial action regarding the outgoing transaction when the data inspector does not clear the data.Type: ApplicationFiled: August 22, 2017Publication date: December 7, 2017Inventors: Roy Rotem, Gil Friedrich, Avraham Zelovich
-
Publication number: 20170185793Abstract: A data security system, including a security manager remotely controlling, via a network application programming interface, a cloud-based service that performs data-exchange transactions for end users, operative to cause the service to prevent end user access to incoming transactions so that the security manager accesses the incoming transactions prior to end users being able to access the incoming transactions, and a data inspector operative to inspect data of incoming transactions for security clearance by invoking one or more content scanners, wherein the security manager is further operative to cause the service to restore end user access to the incoming transactions, when the security inspector clears the data, and to cause the service to perform a remedial action vis-à-vis the incoming transactions, when the security inspector does not the data.Type: ApplicationFiled: December 1, 2016Publication date: June 29, 2017Inventors: Roy Rotem, Gil Friedrich, Avraham Zelovich
-
Publication number: 20170134506Abstract: A system for shadow IT discovery, including a message monitor monitoring an enterprise messaging service that provides communication between users belonging to the enterprise and cloud services, and discovering a message relating to a specific cloud service, a message analyzer analyzing the message discovered by the message monitor to determine (i) the nature of the specific cloud service, and (ii) one or more enterprise users who use the specific cloud service, and a reporter reporting the results of the message analyzer to an administrator of the enterprise.Type: ApplicationFiled: November 2, 2016Publication date: May 11, 2017Inventors: Roy Rotem, Avraham Zelovich, Gil Friedrich
-
Publication number: 20140130131Abstract: Disclosed is a method of transparently detecting authentication status of endpoint devices in a network. This method may be used for differentiating guest or rogue endpoints from enterprise endpoints.Type: ApplicationFiled: January 13, 2014Publication date: May 8, 2014Applicant: ForeScout Technologies, Inc.Inventors: Gil Friedrich, Roy Rotem
-
Patent number: 8639800Abstract: Disclosed is a method of transparently detecting authentication status of endpoint devices in a network. This method may be used for differentiating guest or rogue endpoints from enterprise endpoints.Type: GrantFiled: February 14, 2008Date of Patent: January 28, 2014Assignee: Forescout Technologies, Inc.Inventors: Gil Friedrich, Roy Rotem
-
Publication number: 20100106824Abstract: Disclosed is a method of transparently detecting authentication status of endpoint devices in a network. This method may be used for differentiating guest or rogue endpoints from enterprise endpoints.Type: ApplicationFiled: February 14, 2008Publication date: April 29, 2010Inventors: Gil Friedrich, Roy Rotem
-
Publication number: 20020194045Abstract: A computer-assisted method, system, medium of allocating resources within an organization. For instance, the method includes the steps of receiving a request containing at least one business change relating to allocating the resources within the organization, and generating at least one task to implement the requested business change. The method may also include the steps of identifying at least one of a person capable of handling the at least one task and a software module configured to perform the at least one task and issuing at least one instruction to the at least one of a person capable of handling the at least one task and a software module configured to perform the at least one task. These steps may allocate the resources within the organization in accordance with the at least one business change.Type: ApplicationFiled: April 30, 2002Publication date: December 19, 2002Inventors: Izhar Shay, Amir Weinstein, David A. Lavenda, Chaim Amram, Roy Rotem