Patents by Inventor Tamara LEIDERFARB

Tamara LEIDERFARB has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).

  • Publication number: 20210336973
    Abstract: The disclosed subject matter includes a system, which when installed in a specific host, such as an end point, or end point computer, will model its behavior over time, score new activities in real time and calculate outliers, by creating and analyzing vectors. The vectors are formed of feature values, extracted from executable processes, and the analysis includes the determining and evaluating the distance between a current vector and a cluster of vectors.
    Type: Application
    Filed: April 27, 2020
    Publication date: October 28, 2021
    Inventors: Tamara LEIDERFARB, Lior Arzi, Ilana Danan
  • Publication number: 20210234878
    Abstract: Methods and systems provide a vulnerabilities list and an open devices list based on results from scanning by scanners not associated with a host computer or resource.
    Type: Application
    Filed: January 26, 2021
    Publication date: July 29, 2021
    Inventors: Tamara LEIDERFARB, Nir NAAMAN
  • Patent number: 10972488
    Abstract: Computerized methods and systems determine an entry point or source of an attack on an endpoint, such as a machine, e.g., a computer, node of a network, system or the like. These computerized methods and systems utilize an attack execution/attack or start root, to build an attack tree, which shows the attack on the end point and the damage caused by the attack, as it propagates through the machine, network, system, or the like.
    Type: Grant
    Filed: September 15, 2019
    Date of Patent: April 6, 2021
    Assignee: CHECK POINT SOFTWARE TECHNOLOGIES LTD.
    Inventors: Anandabrata Pal, Lior Arzi, Tamara Leiderfarb
  • Patent number: 10880316
    Abstract: Computerized methods and systems determine an initial execution of an attack on an endpoint. An indicator of the attack is obtained by analysis of a first process on the endpoint. A sequence of processes that includes the first process associates the initial execution of the attack with the first process. Each respective process in the sequence of processes is created or executed by at least one of the initial execution or a process in the sequence of processes. The initial execution is identified based on linking from the first process to the initial execution through a combination of executions and creations of the processes in the sequence of processes.
    Type: Grant
    Filed: December 9, 2015
    Date of Patent: December 29, 2020
    Assignee: CHECK POINT SOFTWARE TECHNOLOGIES LTD.
    Inventors: Anandabrata Pal, Tamara Leiderfarb, Lior Arzi
  • Publication number: 20200084230
    Abstract: Computerized methods and systems determine an entry point or source of an attack on an endpoint, such as a machine, e.g., a computer, node of a network, system or the like. These computerized methods and systems utilize an attack execution/attack or start root, to build an attack tree, which shows the attack on the end point and the damage caused by the attack, as it propagates through the machine, network, system, or the like.
    Type: Application
    Filed: September 15, 2019
    Publication date: March 12, 2020
    Inventors: Anandabrata PAL, Lior ARZI, Tamara LEIDERFARB
  • Patent number: 10511616
    Abstract: Disclosed are methods and systems for detecting malware and potential malware based on using generalized attack trees (generalized attack tree graphs). The generalized attack trees are based on attack trees (attack tree graphs), whose objects, such as links and vertices, have been analyzed, and some of these objects have been generalized, resulting in the generalized attack tree of the invention.
    Type: Grant
    Filed: November 6, 2018
    Date of Patent: December 17, 2019
    Assignee: CHECK POINT SOFTWARE TECHNOLOGIES LTD.
    Inventors: Tamara Leiderfarb, Lior Arzi, Anandabrata Pal
  • Patent number: 10462160
    Abstract: Computerized methods and systems identify events associated with an attack initiated on an endpoint client. A listing of processes executed or created on the endpoint during the attack is obtained. The listing of processes includes a first process and at least one subsequent process executed or created by the first process. The computerized methods and systems analyze for the occurrence of at least one event during a time interval associated with the attack. The computerized methods and systems determine whether the listing of processes includes a process that when executed caused the occurrence of the at least one event. If the listing of processes excludes process that when executed caused the occurrence of the at least one event, the at least one event and the causing process are stored, for example, in a database or memory.
    Type: Grant
    Filed: October 13, 2016
    Date of Patent: October 29, 2019
    Assignee: CHECK POINT SOFTWARE TECHNOLOGIES LTD.
    Inventors: Lior Arzi, Tamara Leiderfarb, Anandabrata Pal
  • Patent number: 10440036
    Abstract: Computerized methods and systems determine an entry point or source of an attack on an endpoint, such as a machine, e.g., a computer, node of a network, system or the like. These computerized methods and systems utilize an attack execution/attack or start root, to build an attack tree, which shows the attack on the end point and the damage caused by the attack, as it propagates through the machine, network, system, or the like.
    Type: Grant
    Filed: December 9, 2015
    Date of Patent: October 8, 2019
    Assignee: CHECKPOINT SOFTWARE TECHNOLOGIES LTD
    Inventors: Anandabrata Pal, Lior Arzi, Tamara Leiderfarb
  • Patent number: 10291634
    Abstract: Computerized methods and systems determine summary events from an attack on an endpoint. The detection and determination of these summary events is performed by a machine, e.g., a computer, node of a network, system or the like.
    Type: Grant
    Filed: December 8, 2016
    Date of Patent: May 14, 2019
    Assignee: CHECKPOINT SOFTWARE TECHNOLOGIES LTD.
    Inventors: Lior Arzi, Anandabrata Pal, Tamara Leiderfarb
  • Publication number: 20190075125
    Abstract: Disclosed are methods and systems for detecting malware and potential malware based on using generalized attack trees (generalized attack tree graphs). The generalized attack trees are based on attack trees (attack tree graphs), whose objects, such as links and vertices, have been analyzed, and some of these objects have been generalized, resulting in the generalized attack tree of the invention.
    Type: Application
    Filed: November 6, 2018
    Publication date: March 7, 2019
    Inventors: Tamara LEIDERFARB, Lior ARZI, Anandabrata PAL
  • Patent number: 10193906
    Abstract: Disclosed are methods and systems for detecting malware and potential malware based on using generalized attack trees (generalized attack tree graphs). The generalized attack trees are based on attack trees (attack tree graphs), whose objects, such as links and vertices, have been analyzed, and some of these objects have been generalized, resulting in the generalized attack tree of the invention.
    Type: Grant
    Filed: December 9, 2016
    Date of Patent: January 29, 2019
    Assignee: CHECKPOINT SOFTWARE TECHNOLOGIES LTD.
    Inventors: Tamara Leiderfarb, Lior Arzi, Anandabrata Pal
  • Publication number: 20170171240
    Abstract: Computerized methods and systems identify events associated with an attack initiated on an endpoint client. A listing of processes executed or created on the endpoint during the attack is obtained. The listing of processes includes a first process and at least one subsequent process executed or created by the first process. The computerized methods and systems analyze for the occurrence of at least one event during a time interval associated with the attack. The computerized methods and systems determine whether the listing of processes includes a process that when executed caused the occurrence of the at least one event. If the listing of processes excludes process that when executed caused the occurrence of the at least one event, the at least one event and the causing process are stored, for example, in a database or memory.
    Type: Application
    Filed: October 13, 2016
    Publication date: June 15, 2017
    Inventors: Lior ARZI, Tamara LEIDERFARB, Anandabrata PAL
  • Publication number: 20170171230
    Abstract: Disclosed are methods and systems for detecting malware and potential malware based on using generalized attack trees (generalized attack tree graphs). The generalized attack trees are based on attack trees (attack tree graphs), whose objects, such as links and vertices, have been analyzed, and some of these objects have been generalized, resulting in the generalized attack tree of the invention.
    Type: Application
    Filed: December 9, 2016
    Publication date: June 15, 2017
    Inventors: Tamara LEIDERFARB, Lior ARZI, Anandabrata PAL
  • Publication number: 20170171224
    Abstract: Computerized methods and systems determine an initial execution of an attack on an endpoint. An indicator of the attack is obtained by analysis of a first process on the endpoint. A sequence of processes that includes the first process associates the initial execution of the attack with the first process. Each respective process in the sequence of processes is created or executed by at least one of the initial execution or a process in the sequence of processes. The initial execution is identified based on linking from the first process to the initial execution through a combination of executions and creations of the processes in the sequence of processes.
    Type: Application
    Filed: December 9, 2015
    Publication date: June 15, 2017
    Inventors: ANANDABRATA PAL, Tamara LEIDERFARB, Lior ARZI
  • Publication number: 20170171229
    Abstract: Computerized methods and systems determine summary events from an attack on an endpoint. The detection and determination of these summary events is performed by a machine, e.g., a computer, node of a network, system or the like.
    Type: Application
    Filed: December 8, 2016
    Publication date: June 15, 2017
    Inventors: Lior ARZI, Anandabrata PAL, Tamara LEIDERFARB
  • Publication number: 20170171225
    Abstract: Computerized methods and systems determine an entry point or source of an attack on an endpoint, such as a machine, e.g., a computer, node of a network, system or the like. These computerized methods and systems utilize an attack execution/attack or start root, to build an attack tree, which shows the attack on the end point and the damage caused by the attack, as it propagates through the machine, network, system, or the like.
    Type: Application
    Filed: December 9, 2015
    Publication date: June 15, 2017
    Inventors: ANANDABRATA PAL, Lior Arzi, Tamara Leiderfarb