Pleasanton, California, United States
Contact Info
3K followers
500+ connections
About
Articles by Leonid
-
We are hiring: Senior Product Manager - Mobile Infrastructure Security
We are hiring: Senior Product Manager - Mobile Infrastructure Security
By Leonid Burakovsky
-
We are hiring: Technical Marketing Engineer - Mobile Service Provider Security
We are hiring: Technical Marketing Engineer - Mobile Service Provider Security
By Leonid Burakovsky
-
We are hiring: Senior Product Manager – Mobile Service Provider
We are hiring: Senior Product Manager – Mobile Service Provider
By Leonid Burakovsky
Activity
-
Hype Cycle for Private Mobile Network Services, 2024 https://lnkd.in/eA7njMHa (Requires subscription) CSPs are already facing significant competition…
Hype Cycle for Private Mobile Network Services, 2024 https://lnkd.in/eA7njMHa (Requires subscription) CSPs are already facing significant competition…
Liked by Leonid Burakovsky
-
Just a couple of days until I leave for Vegas to attend Black Hat USA 2024 and DEF CON ! 🙌 Here's where you'll find me: 📅 August 6th - Speaking…
Just a couple of days until I leave for Vegas to attend Black Hat USA 2024 and DEF CON ! 🙌 Here's where you'll find me: 📅 August 6th - Speaking…
Liked by Leonid Burakovsky
-
NIS2 is primarily aimed at EU Member States, however, non-EU companies operating within the EU or providing services to EU entities will be impacted.…
NIS2 is primarily aimed at EU Member States, however, non-EU companies operating within the EU or providing services to EU entities will be impacted.…
Liked by Leonid Burakovsky
Experience & Education
Publications
-
Why Your Private 5G Network Needs An Enterprise-Grade Security Solution
Palo Alto Networks
The arrival of 5G technology has reshaped what’s possible for enterprise networks, applications and IT systems by offering far greater capacity, lower latency and higher throughput than previously possible. For that reason, interest in private 5G networks is skyrocketing to accommodate new use cases, services and applications. But enterprise 5G requires enterprise-grade security. That’s why Palo Alto Networks has partnered with NTT to provide the same maximum visibility and security to private…
The arrival of 5G technology has reshaped what’s possible for enterprise networks, applications and IT systems by offering far greater capacity, lower latency and higher throughput than previously possible. For that reason, interest in private 5G networks is skyrocketing to accommodate new use cases, services and applications. But enterprise 5G requires enterprise-grade security. That’s why Palo Alto Networks has partnered with NTT to provide the same maximum visibility and security to private 5G-as-a-Service as it does to other enterprise networking architectures.
Other authorsSee publication -
The imperative of enterprise-grade security for 5G
Palo Alto Networks
Volume 5 2021-2022 Cyber Security: A Peer-Reviewed Journal
The imperative of enterprise-grade security for 5G
Leonid Burakovsky, Senior Director and Danielle Kriz, Senior Director, Palo Alto Networks
ABSTRACT
5G is a major transformational technology, the impact of which will largely be on enterprises and government users. This is a radical change from previous generations of mobile technology, including 3G and 4G, which were arguably largely used by consumers. In contrast, 5G will…Volume 5 2021-2022 Cyber Security: A Peer-Reviewed Journal
The imperative of enterprise-grade security for 5G
Leonid Burakovsky, Senior Director and Danielle Kriz, Senior Director, Palo Alto Networks
ABSTRACT
5G is a major transformational technology, the impact of which will largely be on enterprises and government users. This is a radical change from previous generations of mobile technology, including 3G and 4G, which were arguably largely used by consumers. In contrast, 5G will enable digital transformation of entire industry sectors and government activities and will come to underpin entire economies. Security technologies used in the past (and in many current networks) are incapable of securing the 5G opportunity of the future. Security for 3G and 4G was not focused on detecting and preventing attacks on all layers, all locations/interfaces, all attack vectors and all software life cycle stages. For example, there are no security mechanisms in 3G and 4G networks that can detect and prevent attacks from infected devices/botnets. This paper explains why, given the mission criticality of 5G, its security must be enterprise-grade. The paper further explains what ‘enterprise-grade’ security means.Other authorsSee publication -
Security: Enterprise-Grade Security for Service Provider Networks Today and Tomorrow
TelecomTV
With telco, energy, healthcare, and other critical infrastructure connected to 5G, how well is the industry prepared to deal with cyber threats? We must protect 5G networks and the businesses and industries that use them. In this session, Leonid Burakovsky, Senior Director, 5G Product Management from Palo Alto Networks will discuss and recommend how to mitigate different attack vectors on all 5G layers (signaling, data, applications, management). In this panel session with Intel, we’ll cover…
With telco, energy, healthcare, and other critical infrastructure connected to 5G, how well is the industry prepared to deal with cyber threats? We must protect 5G networks and the businesses and industries that use them. In this session, Leonid Burakovsky, Senior Director, 5G Product Management from Palo Alto Networks will discuss and recommend how to mitigate different attack vectors on all 5G layers (signaling, data, applications, management). In this panel session with Intel, we’ll cover automation aspects of 5G security, best practices to use AI and ML technologies. For 5G to live up to its promise of transforming industries, companies need the confidence that 5G networks and services have enterprise-grade security today and in the future.
Other authorsSee publication -
5G native security
LANline
The promise of 5G is much more than lower latencies or higher speed: 5G can bring massive business transformation and digitization with it, it can advance the future of Industry 4.0 and critical infrastructure.
Enterprise-grade 5G-native security will help unlock the potential of technology and give businesses the confidence they need to move forward with business transformation. -
Are we prepared to deal with the impact of cyber threats on 5G?
GSMA
With critical infrastructure as well as industries such as energy and healthcare connected to 5G, are we prepared to deal with the impact of cyber threats? Are we able to protect 5G networks and the businesses and industries that use them? Do we have a 5G security reference document ready to help detect and prevent cyber-attacks?
Patents
-
Multi-access edge computing services security in mobile networks by parsing application programming interfaces
Issued 11343285
Abstract: Techniques for providing multi-access edge computing (MEC) services security in mobile networks (e.g., service provider networks for mobile subscribers, such as for 5G networks) by parsing Application Programming Interfaces (APIs) are disclosed. In some embodiments, a system/process/computer program product for MEC services security in mobile networks by parsing APIs in accordance with some embodiments includes monitoring network traffic on a mobile network at a security platform to…
Abstract: Techniques for providing multi-access edge computing (MEC) services security in mobile networks (e.g., service provider networks for mobile subscribers, such as for 5G networks) by parsing Application Programming Interfaces (APIs) are disclosed. In some embodiments, a system/process/computer program product for MEC services security in mobile networks by parsing APIs in accordance with some embodiments includes monitoring network traffic on a mobile network at a security platform to identify an API message associated with a new session, wherein the mobile network includes a 5G network or a converged 5G network that includes a multi-access edge computing (MEC) service; extracting mobile network identifier information from the API message at the security platform; and determining a security policy to apply at the security platform to the new session based on the mobile network identifier information.
-
Mobile equipment identity and/or IOT equipment identity and application identity based security enforcement in service provider networks
Issued 11323483
Abstract: Techniques for mobile equipment identity and/or IoT equipment identity and application identity based security enforcement in service provider networks (e.g., service provider networks for mobile subscribers) are disclosed. In some embodiments, a system/process/computer program product for mobile equipment identity and/or IoT equipment identity and application identity based security enforcement in service provider networks includes monitoring network traffic on a service provider…
Abstract: Techniques for mobile equipment identity and/or IoT equipment identity and application identity based security enforcement in service provider networks (e.g., service provider networks for mobile subscribers) are disclosed. In some embodiments, a system/process/computer program product for mobile equipment identity and/or IoT equipment identity and application identity based security enforcement in service provider networks includes monitoring network traffic on a service provider network at a security platform to identify a device identifier for a new session; determining an application identifier for user traffic associated with the new session at the security platform; and determining a security policy to apply at the security platform to the new session based on the device identifier and the application identifier.
Other inventorsSee patent -
Security for cellular internet of things in mobile networks based on subscriber identity and application
Issued 11323486
Abstract: Techniques for providing security for Cellular Internet of Things (CIoT) in mobile networks (e.g., service provider networks for mobile subscribers) are disclosed. In some embodiments, a system/process/computer program product for enhanced security for CIoT in mobile networks in accordance with some embodiments includes monitoring network traffic on a service provider network at a security platform to identify a subscriber identity for a new session, in which the session is associated…
Abstract: Techniques for providing security for Cellular Internet of Things (CIoT) in mobile networks (e.g., service provider networks for mobile subscribers) are disclosed. In some embodiments, a system/process/computer program product for enhanced security for CIoT in mobile networks in accordance with some embodiments includes monitoring network traffic on a service provider network at a security platform to identify a subscriber identity for a new session, in which the session is associated with a CIoT device; determining an application identifier for user traffic associated with the new session at the security platform; and determining a security policy to apply at the security platform to the new session based on the subscriber identity and the application identifier.
Other inventors -
Network layer signaling security with next generation firewall
Issued 11283766
Techniques for network layer signaling security with next generation firewall are disclosed. In some embodiments, a system/process/computer program product for network layer signaling security with next generation firewall includes monitoring a network layer signaling protocol traffic on a service provider network at a security platform; and filtering the network layer signaling protocol traffic at the security platform based on a security policy.
-
Application layer signaling security with next generation firewall
Issued 11283765
Techniques for application layer signaling security with next generation firewall are disclosed. In some embodiments, a system/process/computer program product for application layer signaling security with next generation firewall includes monitoring application layer signaling traffic on a service provider network at a security platform; and filtering the application layer signaling traffic at the security platform based on a security policy.
-
Diameter security with next generation firewall
Issued 11283767
Techniques for Diameter security with next generation firewall are disclosed. In some embodiments, a system/process/computer program product for Diameter security with next generation firewall includes monitoring Diameter protocol traffic on a service provider network at a security platform; and filtering the Diameter protocol traffic at the security platform based on a security policy.
Other inventorsSee patent -
Transport layer signaling security with next generation firewall
Issued 11265290
Techniques for transport layer signaling security with next generation firewall are disclosed. In some embodiments, a system/process/computer program product for transport layer signaling with next generation firewall includes monitoring transport layer signaling traffic on a service provider network at a security platform; and filtering the transport layer signaling traffic at the security platform based on a security policy.
-
Dynamic per subscriber policy enablement for security platforms within service provider network environments
Issued 11233829
Techniques for dynamic per subscriber policy enablement for security platforms within service provider network environments are disclosed. In some embodiments, a system/process/computer program product for dynamic per subscriber policy enablement for security platforms within service provider network environments includes monitoring network traffic on a service provider network at a security platform to identify a subscriber with a new IP flow; associating the subscriber with the new IP flow at…
Techniques for dynamic per subscriber policy enablement for security platforms within service provider network environments are disclosed. In some embodiments, a system/process/computer program product for dynamic per subscriber policy enablement for security platforms within service provider network environments includes monitoring network traffic on a service provider network at a security platform to identify a subscriber with a new IP flow; associating the subscriber with the new IP flow at the security platform; and determining a security policy to apply at the security platform to the new IP flow based on the subscriber.
Other inventorsSee patent -
Cellular internet of things battery drain prevention in mobile networks
Issued 11190547
Techniques for cellular Internet of Things (IoT) battery drain prevention in mobile networks (e.g., service provider networks for mobile subscribers) are disclosed. In some embodiments, a system/process/computer program product for cellular IoT battery drain prevention in mobile networks includes monitoring network traffic on a service provider network at a security platform to identify a misbehaving application based on a security policy, wherein the service provider network includes a 4G…
Techniques for cellular Internet of Things (IoT) battery drain prevention in mobile networks (e.g., service provider networks for mobile subscribers) are disclosed. In some embodiments, a system/process/computer program product for cellular IoT battery drain prevention in mobile networks includes monitoring network traffic on a service provider network at a security platform to identify a misbehaving application based on a security policy, wherein the service provider network includes a 4G network or a 5G network; extracting subscription identifier information for network traffic associated with the misbehaving application at the security platform; and enforcing the security policy at the security platform to rate limit paging messages sent to an endpoint device using the subscription identifier information and based on the security policy
-
Radio access technology based security in service provider networks
Issued 11122435
Techniques for radio access technology based security in service provider networks (e.g., service provider networks for mobile subscribers) are disclosed. In some embodiments, a system/process/computer program product for radio access technology based security in service provider networks includes monitoring network traffic on a service provider network at a security platform to identify a Radio Access Technology (RAT) type for a new session; associating the RAT type with the new session at the…
Techniques for radio access technology based security in service provider networks (e.g., service provider networks for mobile subscribers) are disclosed. In some embodiments, a system/process/computer program product for radio access technology based security in service provider networks includes monitoring network traffic on a service provider network at a security platform to identify a Radio Access Technology (RAT) type for a new session; associating the RAT type with the new session at the security platform; and determining a security policy to apply at the security platform to the new session based on the RAT type
Other inventorsSee patent -
Location based security in service provider networks
Issued US 11,050,789
-
Network slice-based security in mobile networks
Issued US 10,944,796
Techniques for providing network slice-based security in mobile networks (e.g., service provider networks for mobile subscribers) are disclosed. In some embodiments, a system/process/computer program product for network slice-based security in mobile networks in accordance with some embodiments includes monitoring network traffic on a service provider network at a security platform to identify a new session, wherein the service provider network includes a 5G network or a converged 5G network;…
Techniques for providing network slice-based security in mobile networks (e.g., service provider networks for mobile subscribers) are disclosed. In some embodiments, a system/process/computer program product for network slice-based security in mobile networks in accordance with some embodiments includes monitoring network traffic on a service provider network at a security platform to identify a new session, wherein the service provider network includes a 5G network or a converged 5G network; extracting network slice information for user traffic associated with the new session at the security platform; and determining a security policy to apply at the security platform to the new session based on the network slice information.
-
Access point name and application identity based security enforcement in service provider networks
Issued US 10,834,136
Techniques for access point name and application identity based security enforcement in service provider networks (e.g., service provider networks for mobile subscribers) are disclosed. In some embodiments, a system/process/computer program product for access point name (e.g., APN) and application identity (e.g., application identifier) based security enforcement in service provider networks includes monitoring network traffic on a service provider network at a security platform to identify an…
Techniques for access point name and application identity based security enforcement in service provider networks (e.g., service provider networks for mobile subscribers) are disclosed. In some embodiments, a system/process/computer program product for access point name (e.g., APN) and application identity (e.g., application identifier) based security enforcement in service provider networks includes monitoring network traffic on a service provider network at a security platform to identify an access point name for a new session; determining an application identifier for user traffic associated with the new session at the security platform; and determining a security policy to apply at the security platform to the new session based on the access point name and the application identifier.
-
Service-based security per data network name in mobile networks
Issued US 10,812,971
Techniques for providing service-based security per data network name in mobile networks (e.g., service provider networks for mobile subscribers) are disclosed. In some embodiments, a system/process/computer program product for service-based security per data network name in mobile networks in accordance with some embodiments includes monitoring network traffic on a service provider network at a security platform to identify a new session, wherein the service provider network includes a 5G…
Techniques for providing service-based security per data network name in mobile networks (e.g., service provider networks for mobile subscribers) are disclosed. In some embodiments, a system/process/computer program product for service-based security per data network name in mobile networks in accordance with some embodiments includes monitoring network traffic on a service provider network at a security platform to identify a new session, wherein the service provider network includes a 5G network or a converged 5G network; extracting network name information for user traffic associated with the new session at the security platform; and determining a security policy to apply at the security platform to the new session based on the network name information.
-
Service-based security per user location in mobile networks
Issued US 10,812,972
Techniques for providing service-based security per user location in mobile networks (e.g., service provider networks for mobile subscribers) are disclosed. In some embodiments, a system/process/computer program product for service-based security per user location in mobile networks in accordance with some embodiments includes monitoring network traffic on a service provider network at a security platform to identify a new session, wherein the service provider network includes a 5G network or a…
Techniques for providing service-based security per user location in mobile networks (e.g., service provider networks for mobile subscribers) are disclosed. In some embodiments, a system/process/computer program product for service-based security per user location in mobile networks in accordance with some embodiments includes monitoring network traffic on a service provider network at a security platform to identify a new session, wherein the service provider network includes a 5G network or a converged 5G network; extracting user location information for user traffic associated with the new session at the security platform; and determining a security policy to apply at the security platform to the new session based on the user location information.
-
Security for cellular internet of things in mobile networks
Issued US 10,812,532
Techniques for providing security for Cellular Internet of Things (CIoT) in mobile networks (e.g., service provider networks for mobile subscribers) are disclosed. In some embodiments, a system/process/computer program product for enhanced security for CIoT in mobile networks in accordance with some embodiments includes monitoring network traffic on a service provider network at a security platform to identify a subscriber identity for a new session, in which the session is associated with a…
Techniques for providing security for Cellular Internet of Things (CIoT) in mobile networks (e.g., service provider networks for mobile subscribers) are disclosed. In some embodiments, a system/process/computer program product for enhanced security for CIoT in mobile networks in accordance with some embodiments includes monitoring network traffic on a service provider network at a security platform to identify a subscriber identity for a new session, in which the session is associated with a CIoT device; determining an application identifier for user traffic associated with the new session at the security platform; and determining a security policy to apply at the security platform to the new session based on the subscriber identity and the application identifier.
Other inventors -
Application layer signaling security with next generation firewall
US 10,701,032
-
Diameter security with next generation firewall
US 10,715,491
-
Dynamic per subscriber policy enablement for security platforms within service provider network environments
US 10,594,734
-
Mobile equipment identity and/or IOT equipment identity and application identity based security enforcement in service provider networks
US 10721272
-
Mobile user identity and/or SIM-based IoT identity and application identity-based security enforcement in service provider networks
US 10,708,306
-
Multi-Access Distributed Edge Security in mobile networks
US 10,574,670
-
Network layer signaling security with next generation firewall
US 10,701,033
-
Radio access technology-based security in service provider networks
US 10,693,918
-
Security platform for service provider network environments
US 10,601,776
-
Service-Based Security per Data Network Name in mobile networks
US 10,462,653
-
Service-based security per user location in mobile networks
US 10,477,391
-
Service-based security per user location in mobile networks
US 10,477,390
-
Transport layer signaling security with next generation firewall
US 10,693,838
Honors & Awards
-
INNOVATION AWARD for 5G Security Patents
Palo Alto Networks
Palo Alto Networks INNOVATION AWARD for 5G Security Patents is hereby granted to Leonid Burakovsky. Granted: Q3 FY20
-
Excellence Star Award 2012
Juniper Networks
Juniper Networks Excellence Star Award 2012
Recommendations received
3 people have recommended Leonid
Join now to viewMore activity by Leonid
-
📢 Open RAN Global Forum speaker announced: Alla Goldner, Network Strategy, Standardization and Open Source Consulting. Get your free ticket for the…
📢 Open RAN Global Forum speaker announced: Alla Goldner, Network Strategy, Standardization and Open Source Consulting. Get your free ticket for the…
Liked by Leonid Burakovsky
-
This is a particularly special moment for me. Argus Cyber Security Ltd., the company I co-founded with Oron Lavi and Yaron Galula 10 years ago, has…
This is a particularly special moment for me. Argus Cyber Security Ltd., the company I co-founded with Oron Lavi and Yaron Galula 10 years ago, has…
Liked by Leonid Burakovsky
-
Thank you CIO Bulletin for a great write up on Airgap Networks Inc., a Zscaler Company
Thank you CIO Bulletin for a great write up on Airgap Networks Inc., a Zscaler Company
Liked by Leonid Burakovsky
-
As ever this should be a must attend event for anyone with even a passing interest in cybersecurity and the role of standards. I'm delighted and…
As ever this should be a must attend event for anyone with even a passing interest in cybersecurity and the role of standards. I'm delighted and…
Liked by Leonid Burakovsky
-
I am pleased to share that Nokia has achieved a major breakthrough with the world's first full duplex transmission for wireless backhaul/fronthaul!…
I am pleased to share that Nokia has achieved a major breakthrough with the world's first full duplex transmission for wireless backhaul/fronthaul!…
Liked by Leonid Burakovsky
-
It’s been more than 7 years since our first portfolio company, LightCyber, Inc was sold to Palo Alto Networks . Gonen Fink , Lightcyber’s CEO, is…
It’s been more than 7 years since our first portfolio company, LightCyber, Inc was sold to Palo Alto Networks . Gonen Fink , Lightcyber’s CEO, is…
Liked by Leonid Burakovsky
-
We are excited to announce a new opportunity in Norway! We are looking for a Prisma Cloud Sales Specialist to join our team in the fast-growing…
We are excited to announce a new opportunity in Norway! We are looking for a Prisma Cloud Sales Specialist to join our team in the fast-growing…
Liked by Leonid Burakovsky
-
Update from the #5G Security Task Force! We’re thrilled to announce the release of the new version of FS.40 “5G Security Guide” v3.0🔊 This…
Update from the #5G Security Task Force! We’re thrilled to announce the release of the new version of FS.40 “5G Security Guide” v3.0🔊 This…
Liked by Leonid Burakovsky
-
The International Court of Justice (ICJ) came out with an advisory opinion asserting the illegality of a Jewish sovereign presence in the Jewish…
The International Court of Justice (ICJ) came out with an advisory opinion asserting the illegality of a Jewish sovereign presence in the Jewish…
Liked by Leonid Burakovsky
-
Excellent collaboration with our Service Provider account team in Mexico City, Edgar E. Jiménez, Account Manager, and Oscar Aguilar, Systems…
Excellent collaboration with our Service Provider account team in Mexico City, Edgar E. Jiménez, Account Manager, and Oscar Aguilar, Systems…
Liked by Leonid Burakovsky
-
Hello all! After spending some well-deserved time off focusing on my family, I am rejuvenated and ready to dive back into work! I’m excited to see…
Hello all! After spending some well-deserved time off focusing on my family, I am rejuvenated and ready to dive back into work! I’m excited to see…
Liked by Leonid Burakovsky
-
Ten years ago, I was told, "If you're standing still in cyber, you're going backwards." This wisdom has never been more relevant. Last week, I had…
Ten years ago, I was told, "If you're standing still in cyber, you're going backwards." This wisdom has never been more relevant. Last week, I had…
Liked by Leonid Burakovsky
-
Proud of this awesome Palo Alto Networks effort. The Unit 42 Paris 2024 Cyber Vigilance Program stands as a testament to the power of proactive…
Proud of this awesome Palo Alto Networks effort. The Unit 42 Paris 2024 Cyber Vigilance Program stands as a testament to the power of proactive…
Liked by Leonid Burakovsky
Other similar profiles
Explore collaborative articles
We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.
Explore More