About
Articles by Yair
-
Spotlight on Mobile Endpoint Detection and Response
Spotlight on Mobile Endpoint Detection and Response
By Yair Amit
-
2017 Mobile Security Predictions – Some Good With The Bad
2017 Mobile Security Predictions – Some Good With The Bad
By Yair Amit
Activity
-
Announcing Our Acquisition by QRyde! I am excited to announce that Colu has been acquired by QRyde (link is in the first comment), a leader in…
Announcing Our Acquisition by QRyde! I am excited to announce that Colu has been acquired by QRyde (link is in the first comment), a leader in…
Liked by Yair Amit
-
Education is a powerful way to make an impact on the world. The 300,000 people who have taken the Nand2Tetris course have been introduced to the…
Education is a powerful way to make an impact on the world. The 300,000 people who have taken the Nand2Tetris course have been introduced to the…
Liked by Yair Amit
-
Yesterday, we spotlighted Elastic as one of Entro Security’s customers – I have a specific story to share about this. Elastic is an automation-first…
Yesterday, we spotlighted Elastic as one of Entro Security’s customers – I have a specific story to share about this. Elastic is an automation-first…
Liked by Yair Amit
Experience & Education
Patents
-
Application-to-application device ID sharing
Issued US US10621337B1
Systems and methods are provided for sharing a device identifier between two applications installed on an unmanaged device. An enterprise application running on a device may execute client-side code received from an ID matching server to generate a target data set characterizing the device. The enterprise application may send the target data set to the ID matching server. The ID matching server may interact with a Mobile Threat Defense (MTD) server to determine a device ID that the MTD server…
Systems and methods are provided for sharing a device identifier between two applications installed on an unmanaged device. An enterprise application running on a device may execute client-side code received from an ID matching server to generate a target data set characterizing the device. The enterprise application may send the target data set to the ID matching server. The ID matching server may interact with a Mobile Threat Defense (MTD) server to determine a device ID that the MTD server may use to identify the device. The ID matching server may send the device identifier to an Identity Management (IdM) server. The IdM server may send an API request for security information about the target device to the MTD server, which may send the requested security information in response. The IdM server may determine an authorization level based on the security information.
-
Detecting stored cross-site scripting vulnerabilities in web applications
Issued US US20130055402
A method for detecting security vulnerabilities in web applications can include providing a payload to a web application during a first interaction with the web application at a computer server, where the payload includes a payload instruction and an identifier, detecting the identifier within the payload received during an interaction with the web application subsequent to the first interaction, and determining, responsive to detecting the identifier within the payload, whether the payload…
A method for detecting security vulnerabilities in web applications can include providing a payload to a web application during a first interaction with the web application at a computer server, where the payload includes a payload instruction and an identifier, detecting the identifier within the payload received during an interaction with the web application subsequent to the first interaction, and determining, responsive to detecting the identifier within the payload, whether the payload instruction underwent a security check prior to execution of the payload instruction.
-
Detecting vulnerabilities in web applications
Issued US US9124624B2
A method, computer program product, and system for detecting vulnerabilities in web applications is described. A method may comprise determining one or more values associated with a web application that flow to response data associated with the web application. The one or more values may be modifiable by unreliable input. The method may further comprise generating a representation of the response data associated with the web application. The method may additionally comprise determining one or…
A method, computer program product, and system for detecting vulnerabilities in web applications is described. A method may comprise determining one or more values associated with a web application that flow to response data associated with the web application. The one or more values may be modifiable by unreliable input. The method may further comprise generating a representation of the response data associated with the web application. The method may additionally comprise determining one or more potentially vulnerable portions of the response data based upon, at least in part, the one or more values modifiable by the unreliable input that flow to the response data associated with the web application, and the representation of the response data associated with the web application.
-
Detection of Mutated Apps and Usage Thereof
Filed US US20160099956A1
System, method and product for detection of mutated apps and usage thereof. A method comprises obtaining features of an Application Under Check (AUC); comparing the features with sets of features of applications to determine a host application of the AUC; determining that the AUC is a mutated application of the host application, wherein said determined comprises comparing the AUC with the host application; and in response to said determining, performing a predetermined action. A server may be…
System, method and product for detection of mutated apps and usage thereof. A method comprises obtaining features of an Application Under Check (AUC); comparing the features with sets of features of applications to determine a host application of the AUC; determining that the AUC is a mutated application of the host application, wherein said determined comprises comparing the AUC with the host application; and in response to said determining, performing a predetermined action. A server may be configured to perform the steps of collecting features relating to trusted applications, wherein the trusted applications are potentially useable as a basis for a mutated application, wherein the features are features that are indicative of a mutated versions of the trusted applications; and retaining the features in a repository, whereby collecting and retaining a list of positive signatures of trusted applications that are useful to approximately identify a host application of a mutated application.
-
Application testing system and method
Issued US US 8949985
A method, computer program product, and computer system for sending, by a first computing device, a payload from a plurality of payloads to a second computing device. A response from the second computing device responding to the payload is received at the first computing device. It is determined whether the payload has successfully attacked an application executing at the second computing device based upon, at least in part, the response. If not, at least a portion of the plurality of payloads…
A method, computer program product, and computer system for sending, by a first computing device, a payload from a plurality of payloads to a second computing device. A response from the second computing device responding to the payload is received at the first computing device. It is determined whether the payload has successfully attacked an application executing at the second computing device based upon, at least in part, the response. If not, at least a portion of the plurality of payloads that shares a structural overlap with the first payload is identified. At least a second payload of the portion is prevented from being sent to the second computing device in response to identifying that the second payload shares the structural overlap with the first payload.
Other inventorsSee patent -
TESTING WEB APPLICATIONS FOR FILE UPLOAD VULNERABILITIES
Issued US 20120311714
A system for detecting file upload vulnerabilities in web applications is provided. The system may include a black-box tester configured to upload, via a file upload interface exposed by a web application, a file together with a signature associated with the file. An execution monitor may be configured to receive information provided by instrumentation instructions within the web application during the execution of the web application. The execution monitor may be configured to recognize the…
A system for detecting file upload vulnerabilities in web applications is provided. The system may include a black-box tester configured to upload, via a file upload interface exposed by a web application, a file together with a signature associated with the file. An execution monitor may be configured to receive information provided by instrumentation instructions within the web application during the execution of the web application. The execution monitor may be configured to recognize the signature of the uploaded file as indicating that the uploaded file was uploaded by the black-box tester. The execution monitor may also be configured to use any of the information to make at least one predefined determination assessing the vulnerability of the web application to a file upload exploit.
Read more: http://www.faqs.org/patents/app/20120311714#!#ixzz2gnFGsWf7Other inventorsSee patent -
Access control system for a mobile device
Issued US US 13/917,333
A method, apparatus and product that provide a access control system for mobile devices. The mobile device performing: selecting a proxy to handle a request to a remote server, the request is issued by a program being executed by the mobile device, wherein the proxy is configured to perform a security action in response to the request; and sending the request to the proxy; whereby selectively performing the predetermined security action on a portion of the requests issued by the mobile device…
A method, apparatus and product that provide a access control system for mobile devices. The mobile device performing: selecting a proxy to handle a request to a remote server, the request is issued by a program being executed by the mobile device, wherein the proxy is configured to perform a security action in response to the request; and sending the request to the proxy; whereby selectively performing the predetermined security action on a portion of the requests issued by the mobile device. Additionally or alternatively, a computer performing: receiving from a mobile device, an instruction to provide a Proxy Auto Config (PAC) file; and generating a PAC file that comprises a function which is configured to receive a URL and return a proxy to handle a request to the URL, wherein the proxy is configured to perform a security action in response to receiving a request.
Other inventorsSee patent -
Selective encryption in mobile devices
Issued US US 13/917,365
A method, product and system for selective encryption in a mobile device. The method comprising: selectively encrypting requests issued by the mobile device, wherein said selectively encrypting comprises: obtaining a request issued by an application executed by the mobile device, the request having one or more characteristics, the request has a destination; determining, based on the one or more characteristics, whether to encrypt the request; and in response to a determination to encrypt the…
A method, product and system for selective encryption in a mobile device. The method comprising: selectively encrypting requests issued by the mobile device, wherein said selectively encrypting comprises: obtaining a request issued by an application executed by the mobile device, the request having one or more characteristics, the request has a destination; determining, based on the one or more characteristics, whether to encrypt the request; and in response to a determination to encrypt the request, re-routing the request to be transmitted to the destination through a secure channel; whereby the request is encrypted regardless of the destination being a priori associated with the secure channel.
Other inventorsSee patent -
Pinpointing security vulnerabilities in computer software applications
Issued US US20120266248
A build process management system can acquire data pertaining to a software build process that is currently being executed by an automated software build system. The software build process can include executable process steps, metadata, and/or environmental parameter values. An executable process step can utilize a build artifact, representing an electronic document that supports the software build process. The acquired data can then be synthesized into an immutable baseline build process and…
A build process management system can acquire data pertaining to a software build process that is currently being executed by an automated software build system. The software build process can include executable process steps, metadata, and/or environmental parameter values. An executable process step can utilize a build artifact, representing an electronic document that supports the software build process. The acquired data can then be synthesized into an immutable baseline build process and associated baseline artifact library. The baseline artifact library can store copies of the build artifacts. The immutable baseline build process can include baseline objects that represent data values and dependencies indicated in the software build process. In response to a user-specified command, an operation can be performed upon the baseline build process and associated baseline artifact library.
Other inventorsSee patent -
Detection of dom-based cross-site scripting vulnerabilities
Issued US US20130111594
Testing a Web-based application for security vulnerabilities. At least one client request including a payload having a unique identifier can be communicated to the Web-based application. Response HTML and an associated Document Object Model (DOM) object can be received from the Web-based application. Content corresponding to the payload can be identified in the DOM object via the unique identifier. A section of the DOM object including the payload can be identified as un-trusted.
-
Preventing Cross-Site Request Forgery Attacks on a Server
Issued US 12/889,300
Preventing Cross-Site Request Forgery (CSRF) security attacks on a server in a client-server environment. In one aspect, this comprises embedding a nonce and a script in all responses from the server to the client wherein, when executed, the script adds the nonce to each request from the client to the server; sending the response with the nonce and the script to the client; and verifying that each request from the client includes the nonce sent by the server from the server to the client. The…
Preventing Cross-Site Request Forgery (CSRF) security attacks on a server in a client-server environment. In one aspect, this comprises embedding a nonce and a script in all responses from the server to the client wherein, when executed, the script adds the nonce to each request from the client to the server; sending the response with the nonce and the script to the client; and verifying that each request from the client includes the nonce sent by the server from the server to the client. The script preferably modifies all objects, including dynamically generated objects, in a server response that may generate future requests to the server to add the nonce to the requests. The server verifies the nonce value in a request and optionally confirms the request with the client if the value is not the same as the value previously sent by the server. Server-side aspects might be embodied in the server or a proxy between the server and the client.
Other inventorsSee patent -
THWARTING CROSS-SITE REQUEST FORGERY (CSRF) AND CLICKJACKING ATTACKS
Issued US 12/825,290
Embodiments of the invention generally relate to thwarting fraud perpetrated with a computer by receiving a request from a computer to perform a transaction. Embodiments of the invention may include receiving the request together with transaction data and a cookie, where the transaction data are separate from the cookie; determining in accordance with predefined validation criteria whether the cookie includes a valid representation of the transaction data; and performing the transaction only if…
Embodiments of the invention generally relate to thwarting fraud perpetrated with a computer by receiving a request from a computer to perform a transaction. Embodiments of the invention may include receiving the request together with transaction data and a cookie, where the transaction data are separate from the cookie; determining in accordance with predefined validation criteria whether the cookie includes a valid representation of the transaction data; and performing the transaction only if the cookie includes a valid representation of the transaction data.
Other inventorsSee patent -
Identifying Security Breaches Caused by Web-Enabled Software Applications
Issued US 20100299754
Identifying a security breach caused when a computer-based software application uses a computer-based web browser application, including identifying at least one function within a computer-based software application that causes a computer-based web browser application to access data from a source that is external to the software application, at least partially replacing the data with malicious content that is configured to cause a predefined action to occur when the malicious content is…
Identifying a security breach caused when a computer-based software application uses a computer-based web browser application, including identifying at least one function within a computer-based software application that causes a computer-based web browser application to access data from a source that is external to the software application, at least partially replacing the data with malicious content that is configured to cause a predefined action to occur when the malicious content is accessed by the web browser application, where the predefined action is associated with a known security breach when the predefined action occurs subsequent to the malicious content being accessed by the web browser application, causing the software application to perform the function, and determining whether the predefined action is performed.
Other inventorsSee patent -
Potential attack detection based on dummy network traffic
Filed US US14509064
A method, apparatus and product for potential attack detection based on dummy network traffic. One embodiment includes a method comprising analyzing an activity, wherein the activity is performed in response to a message, wherein the message is transmitted by a first application that is executed by a computing device, wherein the computing device is connected to a computerized network, wherein the first application is configured to transmit the message in order to induce a potential attacker to…
A method, apparatus and product for potential attack detection based on dummy network traffic. One embodiment includes a method comprising analyzing an activity, wherein the activity is performed in response to a message, wherein the message is transmitted by a first application that is executed by a computing device, wherein the computing device is connected to a computerized network, wherein the first application is configured to transmit the message in order to induce a potential attacker to perform a malicious activity, wherein said analyzing comprises comparing the activity to a predetermined expected activity in response to the message; and determining, based on the analysis of the activity, that a second application is under a potential attack; whereby an operation of the first application is capable of exposing potential attacks on the second application without monitoring network traffic of the second application.
Other inventorsSee patent -
Detecting persistent vulnerabilities in web applications
Filed US US20120311713
A method, including storing a test payload to a persistent state of an application and performing a static analysis to identify a first code location in the application that retrieves the test payload, to identify a first path from an entry point to the first code location, and to identify a second path from the first code location to a second code location that executes a security sensitive operation using the retrieved data. A dynamic analysis is then performed to retrieve the test payload…
A method, including storing a test payload to a persistent state of an application and performing a static analysis to identify a first code location in the application that retrieves the test payload, to identify a first path from an entry point to the first code location, and to identify a second path from the first code location to a second code location that executes a security sensitive operation using the retrieved data. A dynamic analysis is then performed to retrieve the test payload via the first path, and to convey the test payload to the second code location via the second path.
Other inventorsSee patent -
Dynamically scanning a web application through use of web traffic information
Filed US US 13/357,251
Collecting log file data from at least one log file. From the collected log file data, at least one HTTP request can be generated to exercise a web application to perform a security analysis of the web application. The HTTP request can be communicated to the web application. At least one HTTP response to the HTTP request can be received. The HTTP response can be analyzed to perform validation of the web application. Results of the validation can be output.
-
Targeted security testing
Filed US US 13/341,426
Source code of a plurality of web pages including script code is statically analyzed. A page including a potential vulnerability is identified based on the static analysis. A page not including a potential vulnerability is identified based on the static analysis. The web page including the potential vulnerability is dynamically analyzed using a set of test payloads. The page not including the potential vulnerability is dynamically analyzed using a subset of the set of test payloads, the subset…
Source code of a plurality of web pages including script code is statically analyzed. A page including a potential vulnerability is identified based on the static analysis. A page not including a potential vulnerability is identified based on the static analysis. The web page including the potential vulnerability is dynamically analyzed using a set of test payloads. The page not including the potential vulnerability is dynamically analyzed using a subset of the set of test payloads, the subset including fewer test payloads than the set of test payloads.
Other inventorsSee patent -
Detection of second order vulnerabilities in web services
Filed US US 13/335,439
A system for detecting a vulnerability in a Web service can include a processor configured to initiate executable operations including determining whether a Web service uses identity of a requester to select one of a plurality of different paths of a branch in program code of the Web service and, responsive to determining that the Web service does select one of a plurality of different paths of a branch according to identity of the requester, indicating that the Web service has a potential…
A system for detecting a vulnerability in a Web service can include a processor configured to initiate executable operations including determining whether a Web service uses identity of a requester to select one of a plurality of different paths of a branch in program code of the Web service and, responsive to determining that the Web service does select one of a plurality of different paths of a branch according to identity of the requester, indicating that the Web service has a potential vulnerability.
-
Detection of custom parameters in a request url
Filed US US 13/334,718
Identifying at least one custom parameter in a request uniform resource locator (URL). At least a first portion of source code of a Web application that typically consumes the custom parameter provided in the request URL can be identified. The Web application can be instrumented at the first portion of the source code. The Web application can receive the request URL and the Web application can be executed with the instrumented source code. At least one run-time value consumed by the second…
Identifying at least one custom parameter in a request uniform resource locator (URL). At least a first portion of source code of a Web application that typically consumes the custom parameter provided in the request URL can be identified. The Web application can be instrumented at the first portion of the source code. The Web application can receive the request URL and the Web application can be executed with the instrumented source code. At least one run-time value consumed by the second portion of the source code can be identified, and the run-time value can be compared to the request URL to determine whether the run-time value intersects with the request URL. Responsive to determining that the run-time value intersects with the request URL, the run-time value can be identified as the custom parameter. A custom parameter rule can be generated based on the comparison.
Other inventorsSee patent -
Detecting vulnerabilities in web applications
Filed US US 13/307,780
A method, computer program product, and system for detecting vulnerabilities in web applications is described. A method may comprise determining one or more values associated with a web application that flow to response data associated with the web application. The one or more values may be modifiable by unreliable input. The method may further comprise generating a representation of the response data associated with the web application. The method may additionally comprise determining one or…
A method, computer program product, and system for detecting vulnerabilities in web applications is described. A method may comprise determining one or more values associated with a web application that flow to response data associated with the web application. The one or more values may be modifiable by unreliable input. The method may further comprise generating a representation of the response data associated with the web application. The method may additionally comprise determining one or more potentially vulnerable portions of the response data based upon, at least in part, the one or more values modifiable by the unreliable input that flow to the response data associated with the web application, and the representation of the response data associated with the web application.
Other inventorsSee patent
Honors & Awards
-
summa cum laude
Tel-Aviv University
Biology
-
summa cum laude
Tel-Aviv University
Bioinformatics
-
summa cum laude
Tel-Aviv University
Computer Science
Languages
-
English
-
-
Hebrew
-
More activity by Yair
-
Happy to see Microsoft prioritizing in their VSCode July 2024 roadmap more changes from our research 👏 Their proposed change to create visibility…
Happy to see Microsoft prioritizing in their VSCode July 2024 roadmap more changes from our research 👏 Their proposed change to create visibility…
Liked by Yair Amit
-
Ready for the finals... team Cyberstarts at Wimbledon ... Idan Ninyo Dor Knafo Gil Azrielant Yevgeny Dibrov Roy Reznik Nadir Izrael Michael Shaulov
Ready for the finals... team Cyberstarts at Wimbledon ... Idan Ninyo Dor Knafo Gil Azrielant Yevgeny Dibrov Roy Reznik Nadir Izrael Michael Shaulov
Liked by Yair Amit
-
I’m delighted to welcome Carlo B. back to the Accel team! Having worked closely with many of our cybersecurity companies such as Ermetic, a Tenable…
I’m delighted to welcome Carlo B. back to the Accel team! Having worked closely with many of our cybersecurity companies such as Ermetic, a Tenable…
Liked by Yair Amit
-
In a world powered by AI and cluttered by digital noise, events are proving to be the most impactful channel for building business relationships and…
In a world powered by AI and cluttered by digital noise, events are proving to be the most impactful channel for building business relationships and…
Liked by Yair Amit
-
Ten years ago, I sold my previous company, Integrity Project (acquired by Mellanox Technologies), to Mellanox Technologies, now NVIDIA. Yesterday, we…
Ten years ago, I sold my previous company, Integrity Project (acquired by Mellanox Technologies), to Mellanox Technologies, now NVIDIA. Yesterday, we…
Liked by Yair Amit
-
Congratulations to Rene Haas and the entire Arm team on this incredible milestone! Joining the Nasdaq-100 Index is no small feat and truly a…
Congratulations to Rene Haas and the entire Arm team on this incredible milestone! Joining the Nasdaq-100 Index is no small feat and truly a…
Liked by Yair Amit
-
The Wiz and Cyberstarts summit... he couldn't find the way to Michmoret.... Assaf Rappaport
The Wiz and Cyberstarts summit... he couldn't find the way to Michmoret.... Assaf Rappaport
Liked by Yair Amit
-
Excited to announce that I've officially joined the Vine Ventures, L.P. team as a Partner! 🔥 🚀 I’ve been fortunate to be a part of the team both…
Excited to announce that I've officially joined the Vine Ventures, L.P. team as a Partner! 🔥 🚀 I’ve been fortunate to be a part of the team both…
Liked by Yair Amit
-
Last year I went looking for a charity that would use donations to remove carbon from the atmosphere. We had been backing other climate causes but…
Last year I went looking for a charity that would use donations to remove carbon from the atmosphere. We had been backing other climate causes but…
Liked by Yair Amit
-
Stealth mode was never my comfort zone. I’m a strong believer in the power of publicly building and honestly sharing to help the industry…
Stealth mode was never my comfort zone. I’m a strong believer in the power of publicly building and honestly sharing to help the industry…
Liked by Yair Amit
-
🌎Taking the climate tech ecosystem to the next level at PLANETech World 2024!🌎 1600 attendees, 100s of startups, and one incredible PLANETech -…
🌎Taking the climate tech ecosystem to the next level at PLANETech World 2024!🌎 1600 attendees, 100s of startups, and one incredible PLANETech -…
Liked by Yair Amit
-
Today, I am proud to announce that Entro Security has raised $18M in Series A funding! 🚀 This achievement wouldn’t have been possible without our…
Today, I am proud to announce that Entro Security has raised $18M in Series A funding! 🚀 This achievement wouldn’t have been possible without our…
Liked by Yair Amit
-
🚀 Introducing ExtensionTotal: Analyze Suspicious VSCode Extensions 🚀 We're excited to announce ExtensionTotal, a free community tool we've built…
🚀 Introducing ExtensionTotal: Analyze Suspicious VSCode Extensions 🚀 We're excited to announce ExtensionTotal, a free community tool we've built…
Liked by Yair Amit
-
This is what we mean by "effortless version control" 🤩 Head to Unreal Engine Marketplace to see how Diversion makes game development easy! 👉
This is what we mean by "effortless version control" 🤩 Head to Unreal Engine Marketplace to see how Diversion makes game development easy! 👉
Liked by Yair Amit
Other similar profiles
Explore collaborative articles
We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.
Explore MoreOthers named Yair Amit in Israel
-
Yair Amit
Zoo Consulting
-
Yair Amit
Student at The Open University.
-
Yair Amit
Medical project coordinator. Jerusalem & Shfela District, Maccabi Healthcare Services
-
Yair Amit
--
8 others named Yair Amit in Israel are on LinkedIn
See others named Yair Amit