Patents by Inventor Vaibhav Kulkarni
Vaibhav Kulkarni has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Publication number: 20230385413Abstract: The disclosure herein describes executing unknown processes while preventing sandbox-evading malware therein from performing malicious behavior. A process execution event associated with an executable is detected, wherein the executable is to be executed in a production environment. The executable is determined to be an unknown executable (e.g., an executable that has not been analyzed for malware) using signature data in the process execution event. A function call hook interface of a sandbox simulator is activated, and a process of the executable is executed in the production environment. Any function calls from the executing process are intercepted by the activated function call hook interface, and sandbox-style responses to the intercepted function call are generated using sandbox response data of the sandbox simulator. The generated sandbox responses are provided to the executing process, whereby malware included in the executable behaves as if the executing process is executing in a sandbox environment.Type: ApplicationFiled: May 26, 2022Publication date: November 30, 2023Inventors: Rayanagouda Bheemanagouda PATIL, Kedar Bhalchandra CHAUDHARI, Clemens KOLBITSCH, Laxmikant Vithal GUNDA, Vaibhav KULKARNI
-
Patent number: 11831610Abstract: A system and method for using private native security groups and private native firewall policy rules for a private cloud computing environment and a public cloud computing environment uses a public cloud gateway for routing data traffic between at least a cloud network created in the public cloud computing environment and the private cloud computing environment. For each of some private native firewall policy rules that has any of newly created private native security groups as one of source and destination, a cloud native security group (CNSG) rule object with an CNSG outbound rule object and an CNSG inbound rule object for the public cloud is created and at least one of the CNSG outbound rule object and the CNSG inbound rule object is updated so that the private native firewall policy rule can be used in the cloud network.Type: GrantFiled: July 26, 2020Date of Patent: November 28, 2023Assignee: VMWARE, INC.Inventors: Vaibhav Kulkarni, Ganesan Chandrashekhar, Mukesh Hira, Akshay Katrekar, Prashant Mane, Rompicherla Sai Pavan Kumar, Sachin Kalkur, Amey Borkar
-
Patent number: 11689522Abstract: System and computer-implemented method for secure hybrid cloud connectivity between an application in a public cloud service and an on-premises service supported by an on-premises appliance includes launching a public cloud gateway appliance in the public cloud service. The public cloud gateway appliance is configured with security information associated with the on-premises appliance. The on-premises appliance is provided with contact information associated with the public cloud gateway appliance. A communication channel is established, using an outbound port, from the on-premises appliance to the public cloud gateway appliance that is secured based on the security information associated with the on-premises appliance and the contact information associated with the public cloud gateway appliance.Type: GrantFiled: September 2, 2020Date of Patent: June 27, 2023Assignee: VMWARE, INC.Inventors: Vaibhav Kulkarni, Mukesh Hira, Akshay Katrekar, Suyash Vishwas Gogte, Prem Shankar Sharma, Nikolay Semenov, Saqib Raza
-
Publication number: 20230110049Abstract: A method for detecting malware in a distributed malware detection system comprising a plurality of endpoints, is provided. The method generally includes inspecting, at a first endpoint of the plurality of endpoints, a file classified as an unknown file; based on the inspecting, determining, at the first endpoint, a first verdict for the file, the first verdict indicating the file is benign or malicious; determining whether an aggregate number of verdicts for the file from the plurality of endpoints, including the first verdict, meets a first threshold; and selectively reclassifying the file as benign or malicious based on whether the aggregate number of verdicts for the file meets the first threshold.Type: ApplicationFiled: October 13, 2021Publication date: April 13, 2023Inventors: Anand Jaysingh BHALERAO, Vaibhav KULKARNI, Taher BARODAWALA
-
Publication number: 20220353190Abstract: Some embodiments of the invention provide a method for micro-segmenting traffic flows in a software defined wide area network (SD-WAN). At a first edge forwarding node of a first multi-machine site in the SD-WAN, the method receives, from a particular forwarding element, a first packet of a packet flow originating from a second multi-machine site that is external to the SD-WAN, the packet flow destined for a particular machine at the first multi-machine site. The method uses deep packet inspection (DPI) on the first packet to identify contextual information not provided by the particular forwarding element about the first packet and the packet flow. Based on the identified contextual information, the method applies one or more policies to the first packet before forwarding the first packet to the particular machine.Type: ApplicationFiled: January 6, 2022Publication date: November 3, 2022Inventors: Navaneeth Krishnan Ramaswamy, Vaibhav Kulkarni
-
Publication number: 20220006805Abstract: System and computer-implemented method for secure hybrid cloud connectivity between an application in a public cloud service and an on-premises service supported by an on-premises appliance includes launching a public cloud gateway appliance in the public cloud service. The public cloud gateway appliance is configured with security information associated with the on-premises appliance. The on-premises appliance is provided with contact information associated with the public cloud gateway appliance. A communication channel is established, using an outbound port, from the on-premises appliance to the public cloud gateway appliance that is secured based on the security information associated with the on-premises appliance and the contact information associated with the public cloud gateway appliance.Type: ApplicationFiled: September 2, 2020Publication date: January 6, 2022Inventors: VAIBHAV KULKARNI, MUKESH HIRA, AKSHAY KATREKAR, SUYASH VISHWAS GOGTE, PREM SHANKAR SHARMA, NIKOLAY SEMENOV, SAQIB RAZA
-
Publication number: 20210385194Abstract: A system and method for using private native security groups and private native firewall policy rules for a private cloud computing environment and a public cloud computing environment uses a public cloud gateway for routing data traffic between at least a cloud network created in the public cloud computing environment and the private cloud computing environment. For each of some private native firewall policy rules that has any of newly created private native security groups as one of source and destination, a cloud native security group (CNSG) rule object with an CNSG outbound rule object and an CNSG inbound rule object for the public cloud is created and at least one of the CNSG outbound rule object and the CNSG inbound rule object is updated so that the private native firewall policy rule can be used in the cloud network.Type: ApplicationFiled: July 26, 2020Publication date: December 9, 2021Inventors: VAIBHAV KULKARNI, GANESAN CHANDRASHEKHAR, MUKESH HIRA, AKSHAY KATREKAR, PRASHANT MANE, ROMPICHERLA SAI PAVAN KUMAR, SACHIN KALKUR, AMEY BORKAR
-
Patent number: 10979416Abstract: A system and method for managing a trusted connection within a public cloud comprises transmitting a first token and a second token from a cloud service manager to a public cloud controller, initializing a public cloud manager in response to receipt of the first token and the second token, and generate a cloud certificate, and transmitting the cloud certificate and the second token from the public cloud manager to a management plane. The method further comprises establishing a trusted connection between the public cloud controller and the management plane in response to receipt of the cloud certificate and the second token by the management plane.Type: GrantFiled: May 9, 2018Date of Patent: April 13, 2021Assignee: Nicira, Inc.Inventors: Vaibhav Kulkarni, Narendra Sharma, Aditya Gokhale, Ganesan Chandrashekhar, Vivek Agarwal, Akshay Katrekar, Rompicherla Sai Pavan Kumar
-
Patent number: 10887350Abstract: Syncing compliance policies on a private cloud network and a public cloud network is disclosed. The technology accesses a hybrid cloud environment including: at least one private cloud network and at least one public cloud network. A private policy gateway appliance is coupled with the private cloud network and a public policy gateway appliance, in communication with the private policy gateway appliance, is coupled with the public cloud network. One or more policy rules for the hybrid cloud environment are provided to the private policy gateway appliance which then disseminates the one or more policy rules to the public policy gateway appliance, such that the one or more policy rules are synced for the at least one private cloud network and the at least one public cloud network.Type: GrantFiled: April 9, 2018Date of Patent: January 5, 2021Assignee: Nicira, Inc.Inventors: Vaibhav Kulkarni, Aditya Gokhale
-
Patent number: 10805330Abstract: Some embodiments provide a method for a public cloud manager that interacts with a management system of a public datacenter. The method receives a notification from a network controller that a second data compute node is compromised. The second data compute node operates on a host machine in the public datacenter and executes a forwarding element managed by network controller. The method interacts with application programming interfaces (APIs) of the public datacenter to quarantine the data compute node.Type: GrantFiled: June 20, 2019Date of Patent: October 13, 2020Assignee: NICIRA, INC.Inventors: Akshay Katrekar, Ganesan Chandrashekhar, Mukesh Hira, Su Wang, Vaibhav Kulkarni
-
Publication number: 20190312909Abstract: Syncing compliance policies on a private cloud network and a public cloud network is disclosed. The technology accesses a hybrid cloud environment including: at least one private cloud network and at least one public cloud network. A private policy gateway appliance is coupled with the private cloud network and a public policy gateway appliance, in communication with the private policy gateway appliance, is coupled with the public cloud network. One or more policy rules for the hybrid cloud environment are provided to the private policy gateway appliance which then disseminates the one or more policy rules to the public policy gateway appliance, such that the one or more policy rules are synced for the at least one private cloud network and the at least one public cloud network.Type: ApplicationFiled: April 9, 2018Publication date: October 10, 2019Applicant: NICIRA, INC.Inventors: Vaibhav KULKARNI, Aditya GOKHALE
-
Publication number: 20190306185Abstract: Some embodiments provide a method for a public cloud manager that interacts with a management system of a public datacenter. The method receives a notification from a network controller that a second data compute node is compromised. The second data compute node operates on a host machine in the public datacenter and executes a forwarding element managed by network controller. The method interacts with application programming interfaces (APIs) of the public datacenter to quarantine the data compute node.Type: ApplicationFiled: June 20, 2019Publication date: October 3, 2019Inventors: Akshay Katrekar, Ganesan Chandrashekhar, Mukesh Hira, Su Wang, Vaibhav Kulkarni
-
Publication number: 20190297072Abstract: A system and method for managing a trusted connection within a public cloud comprises transmitting a first token and a second token from a cloud service manager to a public cloud controller, initializing a public cloud manager in response to receipt of the first token and the second token, and generate a cloud certificate, and transmitting the cloud certificate and the second token from the public cloud manager to a management plane. The method further comprises establishing a trusted connection between the public cloud controller and the management plane in response to receipt of the cloud certificate and the second token by the management plane.Type: ApplicationFiled: May 9, 2018Publication date: September 26, 2019Inventors: Vaibhav Kulkarni, Narendra Sharma, Aditya Gokhale, Ganesan Chandrashekhar, Vivek Agarwal, Akshay Katrekar, Rompicherla Sai Pavan Kumar
-
Patent number: 10341371Abstract: Some embodiments provide a method for a public cloud manager that interacts with a management system of a public datacenter. The method receives a notification from a network controller that a second data compute node is compromised. The second data compute node operates on a host machine in the public datacenter and executes a forwarding element managed by network controller. The method interacts with application programming interfaces (APIs) of the public datacenter to quarantine the data compute node.Type: GrantFiled: December 1, 2016Date of Patent: July 2, 2019Assignee: NICIRA, INC.Inventors: Akshay Katrekar, Ganesan Chandrashekhar, Mukesh Hira, Su Wang, Vaibhav Kulkarni
-
Patent number: 10333959Abstract: Some embodiments provide a method for a public cloud manager operating within a first data compute node of a public cloud. The method receives, through a set of public cloud provider APIs, information regarding a new second data compute node created within the public cloud. The information includes a set of tags entered by a user when creating the data compute node. Based on the tags, the method notifies a network control system that manages a forwarding element operating in the data compute node regarding (i) the creation of the data compute node, (ii) a logical switch to which to attach the data compute node and (iii) a security group to which the data compute node belongs.Type: GrantFiled: December 1, 2016Date of Patent: June 25, 2019Assignee: NICIRA, INC.Inventors: Akshay Katrekar, Vaibhav Kulkarni, Ganesan Chandrashekhar, Mukesh Hira
-
Publication number: 20180063176Abstract: Some embodiments provide a method for a public cloud manager that interacts with a management system of a public datacenter. The method receives a notification from a network controller that a second data compute node is compromised. The second data compute node operates on a host machine in the public datacenter and executes a forwarding element managed by network controller. The method interacts with application programming interfaces (APIs) of the public datacenter to quarantine the data compute node.Type: ApplicationFiled: December 1, 2016Publication date: March 1, 2018Inventors: Akshay Katrekar, Ganesan Chandrashekhar, Mukesh Hira, Su Wang, Vaibhav Kulkarni
-
Publication number: 20180062923Abstract: Some embodiments provide a method for a public cloud manager operating within a first data compute node of a public cloud. The method receives, through a set of public cloud provider APIs, information regarding a new second data compute node created within the public cloud. The information includes a set of tags entered by a user when creating the data compute node. Based on the tags, the method notifies a network control system that manages a forwarding element operating in the data compute node regarding (i) the creation of the data compute node, (ii) a logical switch to which to attach the data compute node and (iii) a security group to which the data compute node belongs.Type: ApplicationFiled: December 1, 2016Publication date: March 1, 2018Inventors: Akshay Katrekar, Vaibhav Kulkarni, Ganesan Chandrashekhar, Mukesh Hira
-
Publication number: 20150260553Abstract: The present invention relates in general to vortex shedding flow meters with enhanced sensitivity for sensing and measuring vortex frequencies.Type: ApplicationFiled: June 1, 2015Publication date: September 17, 2015Inventors: Gregg Pulley, Vaibhav Kulkarni
-
Patent number: 9046395Abstract: The present invention relates in general to vortex shedding flow meters with enhanced sensitivity for sensing and measuring vortex frequencies.Type: GrantFiled: March 9, 2012Date of Patent: June 2, 2015Assignee: Spirax Sarco, Inc.Inventors: Gregg Pulley, Vaibhav Kulkarni
-
Publication number: 20120325014Abstract: The present invention relates in general to vortex shedding flow meters with enhanced sensitivity for sensing and measuring vortex frequencies.Type: ApplicationFiled: March 9, 2012Publication date: December 27, 2012Applicant: Spirax Sarco, Inc.Inventors: Gregg Pulley, Vaibhav Kulkarni