Patents by Inventor Swapnil Bhalode
Swapnil Bhalode has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Publication number: 20230038796Abstract: Various embodiments comprise systems and methods to generate privacy audit reports for web applications. In some examples a computing system comprises a data extraction component, a risk assessment component, and an exposure component. The data extraction component crawls a web application and identifies data, data exposure points, and security policies implemented by the web application. The risk assessment component generates a risk score for the web application based on the amount data, the data sensitivity, the amount and type of data exposure points, and the security policies. The risk assessment component generates the privacy audit report for the web application. The privacy audit report comprises the risk score, an inventory of data types, an inventory of the data exposure points, and a graphical representation of historical risk scores. The exposure component transfers the privacy audit report for delivery to an operator of the web application.Type: ApplicationFiled: August 4, 2022Publication date: February 9, 2023Inventors: Sandeep Bhatkar, Swapnil Bhalode, Siddhesh Yawalkar, Hemant Puri, Deepika Dhruv Gajaria, Surabhi Sinha, Nicholas Maxwell, Michael S. Rogers
-
Publication number: 20220345497Abstract: Techniques to facilitate adaptive sampling of security policy violations are disclosed herein. In at least one implementation, a variable sampling rate for sampling a fixed amount of security policy violation reports per unit time based on a violation rate is determined. The variable sampling rate is applied to sample the fixed amount of the security policy violation reports per unit time. When the violation rate exceeds a threshold, the variable sampling rate is switched to a fixed sampling rate for sampling a variable amount of the security policy violation reports per unit time. The fixed sampling rate is applied to sample the variable amount of the security policy violation reports per unit time.Type: ApplicationFiled: April 26, 2022Publication date: October 27, 2022Inventors: Sandeep Bhatkar, Hemant Puri, Aanand Krishnan, Swapnil Bhalode, Siddhesh Yawalkar
-
Patent number: 11336676Abstract: Techniques to facilitate operation of a centralized trust authority for web application components are disclosed herein. In at least one implementation, a plurality of web resources used to construct web applications is received. Over a secure application programming interface (API), component registration information associated with each of the plurality of web resources is received, provided by producers of the web resources. The plurality of web resources is analyzed to determine unique identities and security attributes for each of the web resources. A plurality of security risk factors is identified for each of the plurality of web resources based on the component registration information and the security attributes determined for each of the web resources. A security profile is generated for each of the plurality of web resources based on the security risk factors identified for each of the web resources.Type: GrantFiled: November 12, 2019Date of Patent: May 17, 2022Assignee: Tala Security, Inc.Inventors: Aanand Krishnan, Swapnil Bhalode, Siddhesh Yawalkar, Sanjay Sawhney, Hemant Puri
-
Patent number: 11314862Abstract: Disclosed herein are enhancements for operating a communication network to detect malware in scripts of web applications. In one implementation, a method for modeling the structure of embedded unclassified scripts to compare the abstract dynamism of similar scripts. The method may determine structure of unclassified end user browser script by building abstract structure using code from unclassified end user browser script; compare determined structure of unclassified end user browser script with a plurality of generalized abstract structures; if the determined structure of unclassified end user browser script matches within a predetermined threshold of any of the plurality of generalized abstract structures, then the unclassified end user browser script is classified as benign, otherwise the determined structure is classified as malicious. This, in turn, provides a scalable and efficient way of identifying benign, malicious, known and unknown scripts from a script available in full or in part.Type: GrantFiled: April 16, 2018Date of Patent: April 26, 2022Assignee: Tala Security, Inc.Inventors: Sanjay Sawhney, Swapnil Bhalode, Andrew Joseph Davidson, Somesh Jha, Vaibhav Rastogi
-
Publication number: 20220021691Abstract: Techniques to facilitate protection of web application components are disclosed herein. In at least one implementation, a plurality of web resources associated with a web applications is received. The plurality of web resources is processed to generate individual generalized code templates for each of the web resources by removing data constants and code formatting elements from the web resources. A set of the individual generalized code templates for each of the web resources is stored in a probabilistic data structure. A security web module comprising the probabilistic data structure having the set of the individual generalized code templates for each of the web resources stored therein is deployed to protect the web application.Type: ApplicationFiled: July 14, 2021Publication date: January 20, 2022Applicant: Tala Security, Inc.Inventors: Sandeep Bhatkar, Nicholas Maxwell, Aditya Kumar, Siddhesh Yawalkar, Nhan Nguyen, Ravi Bajpai, Swapnil Bhalode, Hemant Puri
-
Publication number: 20200153850Abstract: Techniques to facilitate operation of a centralized trust authority for web application components are disclosed herein. In at least one implementation, a plurality of web resources used to construct web applications is received. Over a secure application programming interface (API), component registration information associated with each of the plurality of web resources is received, provided by producers of the web resources. The plurality of web resources is analyzed to determine unique identities and security attributes for each of the web resources. A plurality of security risk factors is identified for each of the plurality of web resources based on the component registration information and the security attributes determined for each of the web resources. A security profile is generated for each of the plurality of web resources based on the security risk factors identified for each of the web resources.Type: ApplicationFiled: November 12, 2019Publication date: May 14, 2020Inventors: Aanand Krishnan, Swapnil Bhalode, Siddhesh Yawalkar, Sanjay Sawhney, Hemant Puri
-
Publication number: 20200137126Abstract: Techniques to facilitate creation of security profiles for web application components are disclosed herein. In at least one implementation, a plurality of web resources used to construct web applications is received. The plurality of web resources is analyzed to generate normalized fingerprints for each of the web resources. A plurality of security risk factors is determined for each of the plurality of web resources based on the normalized fingerprints generated for each of the web resources. A reputation score is generated for each of the plurality of web resources based on the security risk factors determined for each of the web resources.Type: ApplicationFiled: October 30, 2019Publication date: April 30, 2020Inventors: Siddhesh Yawalkar, Swapnil Bhalode, Brian Blair, Jason Yang, Vaibhav Rastogi
-
Patent number: 10592676Abstract: Techniques to facilitate security for a software application are disclosed herein. In at least one implementation, static analysis is performed on code resources associated with the software application to generate static analysis results. Dynamic analysis is performed on a running instance of the software application to generate dynamic analysis results. An application information model of the software application is generated based on the static analysis results and the dynamic analysis results. Security policies for the software application are determined based on the application information model.Type: GrantFiled: October 27, 2017Date of Patent: March 17, 2020Assignee: Tala Security, Inc.Inventors: Sanjay Sawhney, Aanand Mahadevan Krishnan, Somesh Jha, Andrew Joseph Davidson, Swapnil Bhalode
-
Publication number: 20180300480Abstract: Disclosed herein are enhancements for operating a communication network to detect malware in scripts of web applications. In one implementation, a method for modeling the structure of embedded unclassified scripts to compare the abstract dynamism of similar scripts. The method may determine structure of unclassified end user browser script by building abstract structure using code from unclassified end user browser script; compare determined structure of unclassified end user browser script with a plurality of generalized abstract structures; if the determined structure of unclassified end user browser script matches within a predetermined threshold of any of the plurality of generalized abstract structures, then the unclassified end user browser script is classified as benign, otherwise the determined structure is classified as malicious. This, in turn, provides a scalable and efficient way of identifying benign, malicious, known and unknown scripts from a script available in full or in part.Type: ApplicationFiled: April 16, 2018Publication date: October 18, 2018Inventors: Sanjay Sawhney, Swapnil Bhalode, Andrew Joseph Davidson, Somesh Jha, Vaibhav Rastogi
-
Publication number: 20180121659Abstract: Techniques to facilitate security for a software application are disclosed herein. In at least one implementation, static analysis is performed on code resources associated with the software application to generate static analysis results. Dynamic analysis is performed on a running instance of the software application to generate dynamic analysis results. An application information model of the software application is generated based on the static analysis results and the dynamic analysis results. Security policies for the software application are determined based on the application information model.Type: ApplicationFiled: October 27, 2017Publication date: May 3, 2018Inventors: Sanjay Sawhney, Aanand Mahadevan Krishnan, Somesh Jha, Andrew Joseph Davidson, Swapnil Bhalode
-
Patent number: 8954725Abstract: Methods, systems, and computer-readable media are disclosed for packet sanitization. A particular method intercepts a packet of a packet stream, where the packet stream is transmitted in accordance with a particular protocol. The packet is analyzed based on a specification associated with the particular protocol. Based on the analysis, a data value of a field of the packet is replaced with a sanitized data value to create a sanitized packet. The sanitized packet may be injected into the packet stream or may optionally be forwarded to a signature module that checks the sanitized packet for malicious content. When malicious content is found, the sanitized packet may be dropped, the sanitized packet may be logged, the sanitized packet may be redirected, or a notification regarding the sanitized packet may be sent to an administrator.Type: GrantFiled: May 8, 2009Date of Patent: February 10, 2015Assignee: Microsoft Technology Licensing, LLCInventors: Abhishek Singh, Tanmay A. Ganacharya, Scott Lambert, Nikola J. Livic, Swapnil Bhalode
-
Publication number: 20100287613Abstract: Methods, systems, and computer-readable media are disclosed for packet sanitization. A particular method intercepts a packet of a packet stream, where the packet stream is transmitted in accordance with a particular protocol. The packet is analyzed based on a specification associated with the particular protocol. Based on the analysis, a data value of a field of the packet is replaced with a sanitized data value to create a sanitized packet. The sanitized packet may be injected into the packet stream or may optionally be forwarded to a signature module that checks the sanitized packet for malicious content. When malicious content is found, the sanitized packet may be dropped, the sanitized packet may be logged, the sanitized packet may be redirected, or a notification regarding the sanitized packet may be sent to an administrator.Type: ApplicationFiled: May 8, 2009Publication date: November 11, 2010Applicant: Microsoft CorporationInventors: Abhishek Singh, Tanmay A. Ganacharya, Scott Lambert, Nikola J. Livic, Swapnil Bhalode