专利检索 ap:("CHECK POINT SOFTWARE TECHNOLOGIES LTD.") AND inv:"Tamara LEIDERFARB" 第 1 页

1.

发明申请
METHOD AND SYSTEM TO DETERMINE DEVICE VULNERABILITIES BY SCANNER ANALYSIS 有权

公开(公告)号：US20210234878A1

公开(公告)日：2021-07-29

申请号：US17158205

申请日：2021-01-26

申请人： CHECK POINT SOFTWARE TECHNOLOGIES LTD.

发明人： Tamara LEIDERFARB , Nir NAAMAN

IPC分类号： H04L29/06

摘要： Methods and systems provide a vulnerabilities list and an open devices list based on results from scanning by scanners not associated with a host computer or resource.

2.

发明申请
METHOD AND SYSTEM FOR DETECTING MALICIOUS OR SUSPICIOUS ACTIVITY BY BASELINING HOST BEHAVIOR 有权

公开(公告)号：US20210336973A1

公开(公告)日：2021-10-28

申请号：US16858817

申请日：2020-04-27

申请人： CHECK POINT SOFTWARE TECHNOLOGIES LTD.

发明人： Tamara LEIDERFARB , Lior Arzi , Ilana Danan

IPC分类号： H04L29/06

摘要： The disclosed subject matter includes a system, which when installed in a specific host, such as an end point, or end point computer, will model its behavior over time, score new activities in real time and calculate outliers, by creating and analyzing vectors. The vectors are formed of feature values, extracted from executable processes, and the analysis includes the determining and evaluating the distance between a current vector and a cluster of vectors.

3.

发明申请
METHOD AND SYSTEM FOR IDENTIFYING UNCORRELATED SUSPICIOUS EVENTS DURING AN ATTACK 审中-公开

公开(公告)号：US20170171240A1

公开(公告)日：2017-06-15

申请号：US15292169

申请日：2016-10-13

申请人： CHECK POINT SOFTWARE TECHNOLOGIES LTD.

发明人： Lior ARZI , Tamara LEIDERFARB , Anandabrata PAL

IPC分类号： H04L29/06 , G06F21/56

CPC分类号： H04L63/1416 , G06F21/566

摘要： Computerized methods and systems identify events associated with an attack initiated on an endpoint client. A listing of processes executed or created on the endpoint during the attack is obtained. The listing of processes includes a first process and at least one subsequent process executed or created by the first process. The computerized methods and systems analyze for the occurrence of at least one event during a time interval associated with the attack. The computerized methods and systems determine whether the listing of processes includes a process that when executed caused the occurrence of the at least one event. If the listing of processes excludes process that when executed caused the occurrence of the at least one event, the at least one event and the causing process are stored, for example, in a database or memory.

4.

发明申请
Method And System For Modeling All Operations And Executions Of An Attack And Malicious Process Entry 审中-公开

公开(公告)号：US20200084230A1

公开(公告)日：2020-03-12

申请号：US16571118

申请日：2019-09-15

申请人： CHECK POINT SOFTWARE TECHNOLOGIES LTD.

发明人： Anandabrata PAL , Lior ARZI , Tamara LEIDERFARB

IPC分类号： H04L29/06

摘要： Computerized methods and systems determine an entry point or source of an attack on an endpoint, such as a machine, e.g., a computer, node of a network, system or the like. These computerized methods and systems utilize an attack execution/attack or start root, to build an attack tree, which shows the attack on the end point and the damage caused by the attack, as it propagates through the machine, network, system, or the like.