Start Ups • Entrepreneurship • Python • Venture Capital • Mobile Applications • Business Strategy • Business Development • Ruby on Rails • User Experience • Cyber Security • Security • Computer Security
Interests
Data Security • Sarah Palin • Charlie Sheen • Security • Jetblue Airways • Enterprise Security • Cloud Security
Industries
Computer & Network Security
Name / Title
Company / Classification
Phones & Addresses
Ainsley K. Braun President
TINFOIL SECURITY, INC Detective and Armored Car Services, Nsk · Detective/Armored Car Services
2483 Old Middlefield Way STE 207, Mountain View, CA 94043 828 Bryant St, Palo Alto, CA 94301 3500 S Dupont Hwy, Dover, DE 19901 650 485-2330
Us Patents
Site Independent Methods For Deriving Contextually Tailored Security Vulnerability Corrections For Hardening Solution Stacks
Michael Borohovski - Sunnyvale CA, US Ainsley K. Braun - Sunnyvale CA, US Angel Irizarry - Belmont CA, US Benjamin D. Sedat - Mountain View CA, US
International Classification:
H04L 29/06 G06F 17/22 G06F 21/57
Abstract:
In auditing a target Web site for security exposures, site specific remediation reports are generated to provide instructional data tailored to components of the Web server solution stack as determined by the auditing computer system. Stack and component identification is performed in a site independent manner based on an analysis of Web page data retrieved by the auditing computer system. Informational aspects of the received data are recognized individually and by various patterns evident in the received data, enabling further identification of component implementation aspects, such as revision levels. Based on the informational and implementation aspects, site, solution stack, and component specific security audit tests are executed against the target Web site. Audit identified security exposures are recorded in correspondence with site, solution stack, and component implementation specific remediation instruction data. This audit data is then available for reporting.
System And Methods For Scalably Identifying And Characterizing Structural Differences Between Document Object Models
- Mountain View CA, US Ainsley K Braun - Sunnyvale CA, US Benjamin Sedat - Mountain View CA, US Angel Irizarry - Belmont CA, US
International Classification:
H04L 29/06 H04L 29/08 G06F 21/57 G06F 17/30
Abstract:
A security auditing computer system efficiently evaluates and reports security exposures in a target Web site hosted on a remote Web server system. The auditing system includes a crawler subsystem that constructs a first list of Web page identifiers representing the target Web site. An auditing subsystem selectively retrieves and audits Web pages based on a second list, based on the first. Retrieval is sub-selected dependent on a determined uniqueness of Web page identifiers relative to the second list. Auditing is further sub-selected dependent on a determined uniqueness of structural identifiers computed for each retrieved Web page, including structural identifiers of Web page components contained within a Web page. The computed structural identifiers are stored in correspondence with Web page identifiers and Web page component identifiers in the second list. A reporting system produces reports of security exposures identified through the auditing of Web pages and Web page components.
System And Methods For Scalably Identifying And Characterizing Structural Differences Between Document Object Models
- Mountain View CA, US Ainsley K. Braun - Sunnyvale CA, US Benjamin Sedat - Mountain View CA, US Angel Irizarry - Belmont CA, US
International Classification:
H04L 29/06 G06F 17/30 H04L 29/08
Abstract:
A security auditing computer system efficiently evaluates and reports security exposures in a target Web site hosted on a remote Web server system. The auditing system includes a crawler subsystem that constructs a first list of Web page identifiers representing the target Web site. An auditing subsystem selectively retrieves and audits Web pages based on a second list, based on the first. Retrieval is sub-selected dependent on a determined uniqueness of Web page identifiers relative to the second list. Auditing is further sub-selected dependent on a determined uniqueness of structural identifiers computed for each retrieved Web page, including structural identifiers of Web page components contained within a Web page. The computed structural identifiers are stored in correspondence with Web page identifiers and Web page component identifiers in the second list. A reporting system produces reports of security exposures identified through the auditing of Web pages and Web page components.
Site Independent System For Deriving Contextually Tailored Security Vulnerability Corrections For Hardening Solution Stacks
Michael Borohovski - Sunnyvale CA, US Ainsley K. Braun - Sunnyvale CA, US Angel Irizarry - Belmont CA, US Benjamin D. Sedat - Mountain View CA, US
International Classification:
H04L 29/06
Abstract:
In auditing a target Web site for security exposures, site specific remediation reports are generated to provide instructional data tailored to components of the Web server solution stack as determined by the auditing computer system. Stack and component identification is performed in a site independent manner based on an analysis of Web page data retrieved by the auditing computer system. Informational aspects of the received data are recognized individually and by various patterns evident in the received data, enabling further identification of component implementation aspects, such as revision levels. Based on the informational and implementation aspects, site, solution stack, and component specific security audit tests are executed against the target Web site. Audit identified security exposures are recorded in correspondence with site, solution stack, and component implementation specific remediation instruction data. This audit data is then available for reporting.
Site Independent Methods For Deriving Contextually Tailored Security Vulnerability Corrections For Hardening Solution Stacks
Michael Borohovski - Sunnyvale CA, US Ainsley K. Braun - Sunnyvale CA, US Angel Irizarry - Belmont CA, US Benjamin D. Sedat - Mountain View CA, US
International Classification:
H04L 29/06 G06F 21/57 G06F 17/22
Abstract:
In auditing a target Web site for security exposures, site specific remediation reports are generated to provide instructional data tailored to components of the Web server solution stack as determined by the auditing computer system. Stack and component identification is performed in a site independent manner based on an analysis of Web page data retrieved by the auditing computer system. Informational aspects of the received data are recognized individually and by various patterns evident in the received data, enabling further identification of component implementation aspects, such as revision levels. Based on the informational and implementation aspects, site, solution stack, and component specific security audit tests are executed against the target Web site. Audit identified security exposures are recorded in correspondence with site, solution stack, and component implementation specific remediation instruction data. This audit data is then available for reporting.
System And Methods For Scalably Identifying And Characterizing Structural Differences Between Document Object Models
Michael Borohovski - Sunnyvale CA, US Ainsley K. Braun - Sunnyvale CA, US Angel Irizarry - Belmont CA, US Benjamin D. Sedat - Mountain View CA, US
International Classification:
G06F 21/57
US Classification:
726 25
Abstract:
A security auditing computer system efficiently evaluates and reports security exposures in a target Web site hosted on a remote Web server system. The auditing system includes a crawler subsystem that constructs a first list of Web page identifiers representing the target Web site. An auditing subsystem selectively retrieves and audits Web pages based on a second list, based on the first. Retrieval is sub-selected dependent on a determined uniqueness of Web page identifiers relative to the second list. Auditing is further sub-selected dependent on a determined uniqueness of structural identifiers computed for each retrieved Web page, including structural identifiers of Web page components contained within a Web page. The computed structural identifiers are stored in correspondence with Web page identifiers and Web page component identifiers in the second list. A reporting system produces reports of security exposures identified through the auditing of Web pages and Web page components.
Tinfoil Security since Mar 2011
Co-founder
Booz Allen Hamilton Aug 2010 - Mar 2011
Consultant
MIT Jun 2007 - Jun 2010
Research Assistant
Sinha Lab @ MIT 2007 - Jun 2010
Senior Undergraduate Research Assistant
MIT Sep 2006 - Jun 2010
Student
Education:
Massachusetts Institute of Technology 2006 - 2010
BS, Brain & Cognitive Sciences, Writing
University of Victoria
Skills:
Start Ups Entrepreneurship Python Venture Capital Mobile Applications Business Strategy Business Development Ruby on Rails User Experience Cyber Security Security Computer Security
Interests:
Data Security Sarah Palin Charlie Sheen Security Jetblue Airways Enterprise Security Cloud Security
Googleplus
Ainsley Braun
Work:
Tinfoil Security - CEO/Co-founder (2011) Booz Allen Hamilton - Consultant (2010-2011) Massachusetts Institute of Technology - Research Assistant (2006-2010)
Education:
Massachusetts Institute of Technology - Brain & Cognitive Sciences, Massachusetts Institute of Technology - Writing