Patents by Inventor Sharon Datner

Sharon Datner has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).

  • Publication number: 20260189602
    Abstract: Methods, systems, and computer program products obtain electronically stored records generated by one or more computers and indicative of one or more alerts raised in response to a computer security incident. A processor extracts data informative of one or more of: (i) presence or absence of specific alert types, (ii) a number of different alert types raised in response to the incident, and (iii) a number of times a given alert type or combination of alert types was raised in a specified previous time period, executes a scoring model on the extracted data to generate a maliciousness score for the incident, computes contribution values for portions of the extracted data indicating respective contributions to the maliciousness score, selects a portion having a greatest contribution value, and selects and initiates a protective action of one of isolating a computing device, terminating a process, quarantining a file, or restricting user access.
    Type: Application
    Filed: February 23, 2026
    Publication date: July 2, 2026
    Inventors: Tuvia Newman, Yinnon Meshi, Gal Itzhak, Sharon Datner
  • Patent number: 12615282
    Abstract: Methods, storage systems and computer program products implement embodiments of the present invention that include initially defining a set of protective actions. Upon detecting, by a security server on a network, an incident including one or more alerts indicating malicious activity by one or more computing devices on the network, extracting a set of features indicating measurable characteristics of the incident are extracted from the alerts. Based on the alerts, respective counts for the features for the detected incident are computed and based on the features and their respective counts, a score indicating a magnitude of malicious activity for the detected incident is computed. A given feature having a highest impact on the score is identified, and a given protective action is selected based on the score, the identified feature and its respective count. Finally, the selected protective action is initiated with respect to at least some of the devices.
    Type: Grant
    Filed: July 23, 2023
    Date of Patent: April 28, 2026
    Assignee: Palo Alto Networks, Inc.
    Inventors: Tuvia Newman, Yinnon Meshi, Gal Itzhak, Sharon Datner
  • Publication number: 20250030729
    Abstract: Methods, storage systems and computer program products implement embodiments of the present invention that include initially defining a set of protective actions. Upon detecting, by a security server on a network, an incident including one or more alerts indicating malicious activity by one or more computing devices on the network, extracting a set of features indicating measurable characteristics of the incident are extracted from the alerts. Based on the alerts, respective counts for the features for the detected incident are computed and based on the features and their respective counts, a score indicating a magnitude of malicious activity for the detected incident is computed. A given feature having a highest impact on the score is identified, and a given protective action is selected based on the score, the identified feature and its respective count. Finally, the selected protective action is initiated with respect to at least some of the devices.
    Type: Application
    Filed: July 23, 2023
    Publication date: January 23, 2025
    Inventors: Tuvia Newman, Yinnon Meshi, Gal Itzhak, Sharon Datner