-
公开(公告)号:US20240354089A1
公开(公告)日:2024-10-24
申请号:US18759624
申请日:2024-06-28
申请人: Jfrog Ltd.
发明人: Yoav Landman , Noam Shemesh
IPC分类号: G06F8/61 , G06F8/65 , G06F21/64 , H04L67/1087 , H04L67/1097
CPC分类号: G06F8/61 , G06F8/65 , G06F21/64 , H04L67/1089 , H04L67/1097
摘要: The present disclosure provides systems, methods, and computer readable storage devices for software distribution across a hierarchical network. A method includes sending, by a first node device, a registration request message to a second node device of a first distribution group of the hierarchical network. The registration request message indicates a request for the first node device to join the hierarchical network. The method further includes receiving, by the first node device, a registration response message from the second node device. The registration response message indicates an assignment of the first node device to a second distribution group corresponding to a tier that is below a tier that includes the first distribution group. The first node device may be authorized to perform peer-to-peer (P2P) communications to receive at least a portion of one or more files from node devices in the second distribution group or the second node device.
-
公开(公告)号:US20240154818A1
公开(公告)日:2024-05-09
申请号:US18414903
申请日:2024-01-17
申请人: JFrog Ltd.
发明人: Yoav Landman
CPC分类号: H04L9/3247 , G06F8/60
摘要: The present disclosure provides a method, system, and device for verifying a software release. To illustrate, as software (e.g., one or more files or artifacts) completes one or more stages of a development process, one or more digital signatures are generated. The one or more digital signatures are generated using private keys that correspond to the stage of the development process that is completed. The one or more digital signatures, and one or more public keys corresponding to the private keys, are sent to a node device. Upon receipt of the one or more digital signatures and the public keys (e.g., as part of a software release), the node device verifies the digital signatures before processing the software.
-
公开(公告)号:US11860680B2
公开(公告)日:2024-01-02
申请号:US17221027
申请日:2021-04-02
申请人: JFrog Ltd.
发明人: Yoav Landman
CPC分类号: G06F21/602 , G06F8/71 , G06F16/9027 , H04L9/0618 , H04L9/0643 , H04L9/3247 , H04L9/50
摘要: The present disclosure provides systems, methods, and computer readable storage devices for validating that a software release has successfully completed multiple development stages of a development process without alteration. To illustrate, as software (e.g., one or more files or artifacts) completes at least a portion of a development process including the development stages, data components are generated. Digital signatures are generated based on the data components and a private key, and the digital signatures are stored in a secure data structure, such as a blockchain or a tree structure. Upon receipt of the data components (e.g., as validation data of a software release) by a node device, the node device generates validation signatures based on the data components and a public key and compares the validation signatures to the digital signatures stored in the secure data structure to validate the software before processing the software.
-
公开(公告)号:US11714899B2
公开(公告)日:2023-08-01
申请号:US17850427
申请日:2022-06-27
申请人: JFROG LTD.
发明人: Asaf Karas , Or Peles , Meir Tsvi , Anton Nayshtut
CPC分类号: G06F21/54 , G06F21/554 , H04L63/1466 , G06F2221/033
摘要: A method, system and product for command injection identification. An input hook function is configured to be executed in response to a potential input provisioning event. The input hook function is configured to perform: analyzing a potential input of the potential input provisioning event to identify whether the potential input comprises a command separator and an executable product; and in response to identifying the command separator and the executable product, recording a suspicious input event indicating the command separator and the executable product. An execution hook function is configured to be executed in response to a potential execution event. The execution hook function is configured to perform: in response to a determination that an execution command of the potential execution event comprises the command separator and the executable product of the suspicious input event, flagging the execution command as a command injection attack.
-
公开(公告)号:US20230141948A1
公开(公告)日:2023-05-11
申请号:US18150637
申请日:2023-01-05
申请人: JFROG LTD
发明人: Shachar Menashe , Ilya Khivrich , Asaf Karas
CPC分类号: G06F11/3688 , G06F11/3692 , G06F8/52 , G06F8/65 , G06F11/3684
摘要: A method, system and product comprising determining a characterization of a terminal of a plurality of terminals within a binary code based on influences of the terminal, wherein the characterization of the terminal indicates a role of the terminal in the binary code; based on the characterization of the terminal, determining that the terminal is potentially affected by external input that is inputted to a device executing the binary code; determining for the terminal a corresponding propagation path within the binary code, wherein the propagation path indicates a reachability of the terminal within the binary code; locating in the binary code a code patch associated with a functionality of the binary code, wherein the code patch is associated with the propagation path of the terminal, wherein the code patch can be executed independently from the binary code; extracting the code patch from the binary code for testing; and generating an emulation of the code patch to enable fuzz testing of the emulation, whereby the code patch is tested independently.
-
公开(公告)号:US11340894B2
公开(公告)日:2022-05-24
申请号:US16399953
申请日:2019-04-30
申请人: JFrog, Ltd.
发明人: Yoav Landman
IPC分类号: G06F8/71 , G06F16/178 , G06F8/65
摘要: The present disclosure provides a method, system, and device for file replication. To illustrate, based on target replication information corresponding to a version of a file at a target device, a source device may determine one or more portions of a different version of the file at the source device to be provided to the target device. One or more other aspects of the present disclosure further provide sending, to the target device, the one or more portions and replication information corresponding to the version of the file at the source device. Based on the version of the file at the target device, the one or more portions, and the replication information corresponding to the version of the file at the source device, the target device may assemble and store a file that corresponds to the version of the file at the source device.
-
公开(公告)号:US20210234887A1
公开(公告)日:2021-07-29
申请号:US17227069
申请日:2021-04-09
申请人: JFrog Ltd.
发明人: Yoav LANDMAN
摘要: The present disclosure provides a method, system, and device for securely updating a software release across a network. To illustrate, a server may compile a transaction log that includes information corresponding to one or more nodes in the network to which the software release has been transmitted. The server may analyze one or more files based on vulnerability information to identify at least one file of the one or more files that poses a risk. The server may also identify at least one node of the network at which the at least one file is deployed. Based on identifying the at least one node, the server may transmit a corrective action with respect to the at least one node.
-
公开(公告)号:US20210218800A1
公开(公告)日:2021-07-15
申请号:US16795195
申请日:2020-02-19
申请人: JFrog Ltd.
发明人: Yoav LANDMAN
摘要: The present disclosure provides a method, system, and device for peer-to-peer downloading across a network. To illustrate, a server may receive a request from a peer device for at least a portion of a file. The server may send, to the peer device, download information including a checksum corresponding to the portion of the file, a token corresponding to authorization for the peer device to perform P2P communication, an indicator that identifies at least one device that includes the portion of the file, or a combination thereof. The server may update tracking information to indicate that the peer device received the portion of the file.
-
公开(公告)号:US20210021633A1
公开(公告)日:2021-01-21
申请号:US16931898
申请日:2020-07-17
申请人: JFrog Ltd.
发明人: Yoav LANDMAN
摘要: The present disclosure provides a method, system, and device for securely updating a software release across a network. To illustrate, a server may compile a transaction log that includes information corresponding to one or more nodes in the network to which the software release has been transmitted. The server may analyze one or more files based on vulnerability information to identify at least one file of the one or more files that poses a risk. The server may also identify at least one node of the network at which the at least one file is deployed. Based on identifying the at least one node, the server may transmit a corrective action with respect to the at least one node.
-
公开(公告)号:US20200348927A1
公开(公告)日:2020-11-05
申请号:US16399953
申请日:2019-04-30
申请人: JFrog, Ltd.
发明人: Yoav Landman
IPC分类号: G06F8/71 , G06F8/65 , G06F16/178
摘要: The present disclosure provides a method, system, and device for file replication. To illustrate, based on target replication information corresponding to a version of a file at a target device, a source device may determine one or more portions of a different version of the file at the source device to be provided to the target device. One or more other aspects of the present disclosure further provide sending, to the target device, the one or more portions and replication information corresponding to the version of the file at the source device. Based on the version of the file at the target device, the one or more portions, and the replication information corresponding to the version of the file at the source device, the target device may assemble and store a file that corresponds to the version of the file at the source device.
-
-
-
-
-
-
-
-
-
搜索结果
66 条记录 (耗时 0.032 秒)
