Patents by Inventor Yarin MIRAN

Yarin MIRAN has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).

  • Publication number: 20240372720
    Abstract: A system and method for inspecting encrypted disks for a cybersecurity object using a custom key are disclosed. The method includes detecting an encrypted disk in a cloud computing environment, the cloud computing environment including a security policy service; authorizing a key policy on the security policy service for a custom key of an inspector account, wherein the key policy is a policy authorized to decrypt the encrypted disk; generating a second encrypted disk based on the encrypted disk; inspecting the second encrypted disk for a cybersecurity object with the custom key; and releasing a resource allocated to the second encrypted disk in response to completing the inspection.
    Type: Application
    Filed: July 17, 2024
    Publication date: November 7, 2024
    Applicant: Wiz, Inc.
    Inventors: Daniel Hershko SHEMESH, Yarin MIRAN, Roy REZNIK, Ami LUTTWAK, Yinon COSTICA
  • Publication number: 20240314147
    Abstract: A method for scalable vulnerability detection is provided. The method includes selecting at least a workload of a plurality of workloads deployed in a first cloud environment for inspection, wherein the workload includes a first volume; generating in a remote cluster an inspection node, the inspection node including at least a first disk, wherein the remote cluster provisions inspection nodes in response to demand for inspection nodes; generating a persistent volume (PV) on which the at least a first disk is mounted, wherein the at least a first disk is generated from a snapshot of the first volume; and generating a persistent volume claim (PVC) of the PV for an inspector workload, wherein the inspector workload is configured to inspect the PV for an object, and wherein inspector workloads are provisioned in response to demand for inspector workloads.
    Type: Application
    Filed: May 23, 2024
    Publication date: September 19, 2024
    Applicant: Wiz, Inc.
    Inventors: Yarin MIRAN, Ami LUTTWAK, Roy REZNIK, Avihai BERKOVITZ, Moran COHEN, Yaniv SHAKED, Yaniv Joseph OLIVER
  • Patent number: 12095912
    Abstract: A system and method for inspecting encrypted disks for a cybersecurity object using a custom key are disclosed. The method includes detecting an encrypted disk in a cloud computing environment, the cloud computing environment including a security policy service; authorizing a key policy on the security policy service for a custom key of an inspector account, wherein the key policy is a policy authorized to decrypt the encrypted disk; generating a second encrypted disk based on the encrypted disk; inspecting the second encrypted disk for a cybersecurity object with the custom key; and releasing a resource allocated to the second encrypted disk in response to completing the inspection.
    Type: Grant
    Filed: December 26, 2023
    Date of Patent: September 17, 2024
    Assignee: Wiz, Inc.
    Inventors: Daniel Hershko Shemesh, Yarin Miran, Roy Reznik, Ami Luttwak, Yinon Costica, Yaniv Shaked, Eyal Moscovici
  • Patent number: 12079328
    Abstract: A system and method for inspecting a running container for a cybersecurity object in a cloud computing environment is disclosed. The method includes: generating a clone of a disk, wherein the disk is deployed in a cloud computing environment; detecting a software container on the generated clone of the disk; and inspecting the software container for a cybersecurity object, in response to determining that the container is a running container.
    Type: Grant
    Filed: October 10, 2023
    Date of Patent: September 3, 2024
    Assignee: Wiz, Inc.
    Inventors: Daniel Hershko Shemesh, Yarin Miran, Roy Reznik, Ami Luttwak, Yinon Costica, Niv Roit Ben David, Yaniv Shaked, Raaz Herzberg, Amir Lande Blau
  • Publication number: 20240289437
    Abstract: A system and method for inspecting a running container for a cybersecurity object in a cloud computing environment is disclosed. The method includes: generating a clone of a disk, wherein the disk is deployed in a cloud computing environment; detecting a software container on the generated clone of the disk; and inspecting the software container for a cybersecurity object, in response to determining that the container is a running container.
    Type: Application
    Filed: April 29, 2024
    Publication date: August 29, 2024
    Applicant: Wiz, Inc.
    Inventors: Daniel Hershko SHEMESH, Yarin MIRAN, Roy REZNIK, Ami LUTTWAK, Yinon COSTICA, Niv Roit BEN DAVID, Yaniv SHAKED, Raaz HERZBERG, Amir LANDE BLAU
  • Publication number: 20240275812
    Abstract: A system and method for detecting a permission escalation event in a computing environment is disclosed. The method includes: generating a cloned disk based on an original disk of a resource deployed in a computing environment; detecting an identifier of a first principal on the cloned disk; detecting a second principal in the computing environment, the first principal authorized to assume the first principal; storing a representation of the computing environment in a security database, including: a first principal node representing the first principal, and a second principal node representing the second principal, further associated with a permission; querying the representation to determine a permission of the first principal; determining that the second principal includes a permission which the first principal does not include based on a result of querying the representation; and generating a permission escalation event.
    Type: Application
    Filed: April 26, 2024
    Publication date: August 15, 2024
    Applicant: Wiz, Inc.
    Inventors: Daniel Hershko SHEMESH, Yarin MIRAN, Roy REZNIK, Ami LUTTWAK, Yinon COSTICA, Avihai BERKOVITZ, George PISHA, Yaniv Joseph OLIVER, Udi REITBLAT, Or HELLER, Raaz HERZBERG, Osher HAZAN, Niv Roit BEN DAVID
  • Patent number: 12061925
    Abstract: A system and method for inspecting managed workloads in a cloud computing environment for cybersecurity threats improves inspection of managed workload service repositories, by only inspecting bases of managed workload deployed in the cloud computing environment. The method includes discovering a managed workload deployed in a cloud computing environment; determining an identifier of the managed workload, wherein the identifier includes an indicator to a base repository in which a base is stored, and wherein the managed workload is currently deployed in the cloud computing environment, the base repository further storing a plurality of bases, wherein a portion of the plurality of bases do not correspond to a deployed workload; accessing the base repository to pull the base; and inspecting the base of the deployed managed workload for a cybersecurity threat.
    Type: Grant
    Filed: September 15, 2023
    Date of Patent: August 13, 2024
    Assignee: WIZ, INC.
    Inventors: Niv Roit Ben David, Yaniv Shaked, Yarin Miran, Raaz Herzberg, Amir Lande Blau
  • Publication number: 20240265115
    Abstract: An architecture of a multi-cloud inspector for any computing device type is provided. According to an embodiment, a method for implementing multi-cloud inspection includes accessing an object list, determining which objects to inspect, determining which inspectors to use, creating object copies, providing and running inspectors for each object copy, receiving inspection report summaries, generating an enriched dataset, and adding the enriched dataset to a security graph database.
    Type: Application
    Filed: March 26, 2024
    Publication date: August 8, 2024
    Applicant: Wiz, Inc.
    Inventors: Yaniv SHAKED, Ami LUTTWAK, Gal KOZOSHNIK, Roy REZNIK, Yarin MIRAN
  • Publication number: 20240244065
    Abstract: A system and method for detecting cybersecurity risk on a resource in a computing environment utilizes static analysis of a cloned resource and runtime data from the live resource. The method includes: configuring a resource deployed in a computing environment to deploy thereon a sensor, the sensor configured to detect runtime data; detecting runtime data from the sensor of the resource; generating an inspectable disk based on an original disk of the resource; initiating inspection based on the detected runtime data for a cybersecurity object on the inspectable disk; detecting the cybersecurity object on an inspectable disk; and initiating a mitigation action on the resource.
    Type: Application
    Filed: January 31, 2024
    Publication date: July 18, 2024
    Applicant: Wiz, Inc.
    Inventors: Daniel Hershko SHEMESH, Yarin MIRAN, Roy REZNIK, Ami LUTTWAK, Yinon COSTICA, Aviel FOGEL, Udi REITBLAT, Alon SCHINDEL
  • Patent number: 12028360
    Abstract: A method for scalable vulnerability detection is provided. The method includes selecting at least a workload of a plurality of workloads deployed in a first cloud environment for inspection, wherein the workload includes a first volume; generating in a remote cluster an inspection node, the inspection node including at least a first disk, wherein the remote cluster provisions inspection nodes in response to demand for inspection nodes; generating a persistent volume (PV) on which the at least a first disk is mounted, wherein the at least a first disk is generated from a snapshot of the first volume; and generating a persistent volume claim (PVC) of the PV for an inspector workload, wherein the inspector workload is configured to inspect the PV for an object, and wherein inspector workloads are provisioned in response to demand for inspector workloads.
    Type: Grant
    Filed: December 7, 2023
    Date of Patent: July 2, 2024
    Assignee: Wiz, Inc.
    Inventors: Yarin Miran, Ami Luttwak, Roy Reznik, Avihai Berkovitz, Moran Cohen, Yaniv Shaked, Yaniv Joseph Oliver
  • Patent number: 12003520
    Abstract: A method for scalable vulnerability detection is provided. The method includes selecting at least a workload of a plurality of workloads deployed in a first cloud environment for inspection, wherein the workload includes a first volume; generating in a remote cluster an inspection node, the inspection node including at least a first disk, wherein the remote cluster provisions inspection nodes in response to demand for inspection nodes; generating a persistent volume (PV) on which the at least a first disk is mounted, wherein the at least a first disk is generated from a snapshot of the first volume; and generating a persistent volume claim (PVC) of the PV for an inspector workload, wherein the inspector workload is configured to inspect the PV for an object, and wherein inspector workloads are provisioned in response to demand for inspector workloads.
    Type: Grant
    Filed: September 15, 2023
    Date of Patent: June 4, 2024
    Assignee: Wiz, Inc.
    Inventors: Yarin Miran, Ami Luttwak, Roy Reznik, Avihai Berkovitz, Moran Cohen, Yaniv Shaked, Yaniv Joseph Oliver
  • Patent number: 11995193
    Abstract: An architecture of a multi-cloud inspector for any computing device type is provided. According to an embodiment, a method for implementing multi-cloud inspection includes accessing an object list, determining which objects to inspect, determining which inspectors to use, creating object copies, providing and running inspectors for each object copy, receiving inspection report summaries, generating an enriched dataset, and adding the enriched dataset to a security graph database.
    Type: Grant
    Filed: September 28, 2023
    Date of Patent: May 28, 2024
    Assignee: WIZ, INC.
    Inventors: Yaniv Shaked, Ami Luttwak, Gal Kozoshnik, Roy Reznik, Yarin Miran
  • Publication number: 20240168792
    Abstract: A system and method for applying cybersecurity policies across multiple computing environments is presented.
    Type: Application
    Filed: December 29, 2023
    Publication date: May 23, 2024
    Applicant: Wiz, Inc.
    Inventors: Daniel Hershko SHEMESH, Yarin MIRAN, Roy REZNIK, Ami LUTTWAK, Yinon COSTICA, Raaz HERZBERG, Yaniv Joseph OLIVER, Osher HAZAN, Niv Roit BEN DAVID
  • Publication number: 20240146745
    Abstract: A system and method for technology stack discovery by performing active inspection of a cloud computing environment utilizing disk cloning is described. The method includes: generating an inspectable disk based on an original disk of a reachable resource, wherein the reachable resource is a cloud object deployed in the cloud computing environment, and accessible from a network which is external to the cloud computing environment; detecting a cybersecurity object on the inspectable disk, the cybersecurity object indicating a cybersecurity issue; selecting a network path including a network protocol to access the reachable resource; and actively inspecting the network path to detect the cybersecurity issue.
    Type: Application
    Filed: December 29, 2023
    Publication date: May 2, 2024
    Applicant: Wiz, Inc.
    Inventors: Matilda LIDGI, Shai KEREN, Raaz HERZBERG, Avi Tal LICHTENSTEIN, Ami LUTTWAK, Roy REZNIK, Daniel Hershko SHEMESH, Yarin MIRAN, Yinon COSTICA
  • Patent number: 11973770
    Abstract: A method for scalable vulnerability detection is provided. The method includes selecting at least a workload of a plurality of workloads deployed in a first cloud environment for inspection, wherein the workload includes a first volume; generating in a remote cluster an inspection node, the inspection node including at least a first disk, wherein the remote cluster provisions inspection nodes in response to demand for inspection nodes; generating a persistent volume (PV) on which the at least a first disk is mounted, wherein the at least a first disk is generated from a snapshot of the first volume; and generating a persistent volume claim (PVC) of the PV for an inspector workload, wherein the inspector workload is configured to inspect the PV for an object, and wherein inspector workloads are provisioned in response to demand for inspector workloads.
    Type: Grant
    Filed: November 22, 2021
    Date of Patent: April 30, 2024
    Assignee: Wiz, Inc.
    Inventors: Yarin Miran, Ami Luttwak, Roy Reznik, Avihai Berkovitz, Moran Cohen, Yaniv Shaked, Yaniv Joseph Oliver
  • Publication number: 20240135027
    Abstract: A system and method for agentless detection of sensitive data in a cloud computing environment is disclosed. The method includes: generating an inspectable disk from a clone of an original disk in a cloud computing environment; inspecting the inspectable disk for a cybersecurity object, the cybersecurity object indicating a sensitive data, the disk deployed in a cloud computing environment; extracting a data schema from the cybersecurity object, in response to detecting the cybersecurity object on the disk; generating a classification of the data schema; detecting in the disk a plurality of data files, each data file including the classified data schema; determining that the data schema corresponds to sensitive data based on the generated classification; generating in a security database: a representation of the data schema, and a representation of each data file; and rendering a visual representation of the cloud computing environment including a representation of the data schema.
    Type: Application
    Filed: December 29, 2023
    Publication date: April 25, 2024
    Applicant: Wiz, Inc.
    Inventors: Raaz HERZBERG, Avi Tal LICHTENSTEIN, Roy REZNIK, Ami LUTTWAK, Moran COHEN, Yaniv SHAKED, Yinon COSTICA, George PISHA, Daniel Hershko SHEMESH, Yarin MIRAN
  • Publication number: 20240137382
    Abstract: A system and method for detecting a permission escalation event in a computing environment is disclosed. The method includes: generating a cloned disk based on an original disk of a resource deployed in a computing environment; detecting an identifier of a first principal on the cloned disk; detecting a second principal in the computing environment, the first principal authorized to assume the first principal; storing a representation of the computing environment in a security database, including: a first principal node representing the first principal, and a second principal node representing the second principal, further associated with a permission; querying the representation to determine a permission of the first principal; determining that the second principal includes a permission which the first principal does not include based on a result of querying the representation; and generating a permission escalation event.
    Type: Application
    Filed: December 29, 2023
    Publication date: April 25, 2024
    Applicant: Wiz, Inc.
    Inventors: Daniel Hershko SHEMESH, Yarin MIRAN, Roy REZNIK, Ami LUTTWAK, Yinon COSTICA, Avihai BERKOVITZ, George PISHA, Yaniv Joseph OLIVER, Udi REITBLAT, Or HELLER, Raaz HERZBERG, Osher HAZAN, Niv Roit BEN DAVID
  • Publication number: 20240129121
    Abstract: A system and method for inspecting encrypted disks for a cybersecurity object using a custom key are disclosed. The method includes detecting an encrypted disk in a cloud computing environment, the cloud computing environment including a security policy service; authorizing a key policy on the security policy service for a custom key of an inspector account, wherein the key policy is a policy authorized to decrypt the encrypted disk; generating a second encrypted disk based on the encrypted disk; inspecting the second encrypted disk for a cybersecurity object with the custom key; and releasing a resource allocated to the second encrypted disk in response to completing the inspection.
    Type: Application
    Filed: December 26, 2023
    Publication date: April 18, 2024
    Applicant: Wiz, Inc.
    Inventors: Daniel Hershko SHEMESH, Yarin MIRAN, Roy REZNIK, Ami LUTTWAK, Yinon COSTICA, Yaniv SHAKED, Eyal MOSCOVICI
  • Patent number: 11954516
    Abstract: A system and method for inspecting managed workloads in a cloud computing environment for cybersecurity threats improves inspection of managed workload service repositories, by only inspecting bases of managed workload deployed in the cloud computing environment. The method includes discovering a managed workload deployed in a cloud computing environment; determining an identifier of the managed workload, wherein the identifier includes an indicator to a base repository in which a base is stored, and wherein the managed workload is currently deployed in the cloud computing environment, the base repository further storing a plurality of bases, wherein a portion of the plurality of bases do not correspond to a deployed workload; accessing the base repository to pull the base; and inspecting the base of the deployed managed workload for a cybersecurity threat.
    Type: Grant
    Filed: September 15, 2023
    Date of Patent: April 9, 2024
    Assignee: WIZ, INC.
    Inventors: Niv Roit Ben David, Yaniv Shaked, Yarin Miran, Raaz Herzberg, Amir Lande Blau
  • Patent number: 11936785
    Abstract: A system and method for inspecting encrypted disks for a cybersecurity object using a custom key are disclosed. The method includes detecting an encrypted disk in a cloud computing environment, the cloud computing environment including a security policy service; authorizing a key policy on the security policy service for a custom key of an inspector account, wherein the key policy is a policy authorized to decrypt the encrypted disk; generating a second encrypted disk based on the encrypted disk; inspecting the second encrypted disk for a cybersecurity object with the custom key; and releasing a resource allocated to the second encrypted disk in response to completing the inspection.
    Type: Grant
    Filed: October 4, 2023
    Date of Patent: March 19, 2024
    Assignee: WIZ, INC.
    Inventors: Daniel Hershko Shemesh, Yarin Miran, Roy Reznik, Ami Luttwak, Yinon Costica, Yaniv Shaked, Eyal Moscovici