Method and system for protecting cloud-based applications executed in a cloud computing platform
First Claim
1. A method for protecting cloud-based applications executed in a cloud computing platform, comprising:
- intercepting, by at least one proxy device, traffic flows from a plurality of client devices to the cloud computing platform, wherein each of the plurality of client devices is associated with a user attempting to access a cloud-based application, wherein the at least one proxy device is connected between the plurality of client devices and the cloud computing platform;
extracting at least one parameter from the intercepted traffic related to at least each client device and a respective user attempting to access the cloud-based application;
determining, based on the at least one parameter and at least a set of parameters combining cloud-based application risk factors for a provider of the cloud computing platform, a risk indicator for the user attempting to access the cloud-based application, wherein the risk factors define at least security measures implemented by the provider and the cloud-based application; and
performing a mitigation action to mitigate a potential risk to the cloud computing platform based on the determined risk indicator, wherein the mitigation action includes at least regulating the access to the cloud-based application, and wherein the risk indicator is further determined using a profiling engine characterizing, based on passive traffic recordings of the set of parameters, user characteristics of each user, wherein the user characteristics include at least one of;
user usage patterns, roles, locations, distribution of user activities over time, and daily user routines.
3 Assignments
0 Petitions
Accused Products
Abstract
A method and system for protecting cloud-based applications executed in a cloud computing platform are presented. The method includes intercepting traffic flows from a plurality of client devices to the cloud computing platform, wherein each of the plurality of client devices is associated with a user attempting to access a cloud-based application; extracting at least one parameter from the intercepted traffic related to at least each client device and a respective user attempting to access the cloud-based application; determining based on, the at least one parameter and at least a set of parameters combining cloud-based application risk factors for a provider of the cloud computing platform, a risk indicator for the user attempting to access the cloud-based application; and performing an action to mitigate a potential risk to the cloud computing platform based on the determined risk indicator.
65 Citations
36 Claims
-
1. A method for protecting cloud-based applications executed in a cloud computing platform, comprising:
-
intercepting, by at least one proxy device, traffic flows from a plurality of client devices to the cloud computing platform, wherein each of the plurality of client devices is associated with a user attempting to access a cloud-based application, wherein the at least one proxy device is connected between the plurality of client devices and the cloud computing platform; extracting at least one parameter from the intercepted traffic related to at least each client device and a respective user attempting to access the cloud-based application; determining, based on the at least one parameter and at least a set of parameters combining cloud-based application risk factors for a provider of the cloud computing platform, a risk indicator for the user attempting to access the cloud-based application, wherein the risk factors define at least security measures implemented by the provider and the cloud-based application; and performing a mitigation action to mitigate a potential risk to the cloud computing platform based on the determined risk indicator, wherein the mitigation action includes at least regulating the access to the cloud-based application, and wherein the risk indicator is further determined using a profiling engine characterizing, based on passive traffic recordings of the set of parameters, user characteristics of each user, wherein the user characteristics include at least one of;
user usage patterns, roles, locations, distribution of user activities over time, and daily user routines. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17)
-
-
18. A non-transitory computer readable medium having stored thereon instructions for causing one or more processors to perform a process for protecting cloud-based applications executed in a cloud computing platform, the process comprising:
-
intercepting, by at least one proxy device, traffic flows from a plurality of client devices to the cloud computing platform, wherein each of the plurality of client devices is associated with a user attempting to access a cloud-based application, wherein the at least one proxy device is connected between the plurality of client devices and the cloud computing platform; extracting at least one parameter from the intercepted traffic related to at least each client device and a respective user attempting to access the cloud-based application; determining, based on the at least one parameter and at least a set of parameters combining cloud-based application risk factors for a provider of the cloud computing platform, a risk indicator for the user attempting to access the cloud-based application, wherein the risk factors define at least security measures implemented by the provider and the cloud-based application; and performing a mitigation action to mitigate a potential risk to the cloud computing platform based on the determined risk indicator, wherein the mitigation action includes at least regulating the access to the cloud-based application, and wherein the risk indicator is further determined using a profiling engine characterizing, based on passive traffic recordings of the set of parameters, user characteristics of each user, wherein the user characteristics include at least one of;
user usage patterns, roles, locations, distribution of user activities over time, and daily user routines.
-
-
19. A system for protecting cloud-based applications executed in a cloud computing platform, comprising:
-
a processor; and a memory, the memory containing instructions that, when executed by the processor, configure the system to; intercept traffic flows from a plurality of client devices to the cloud computing platform, wherein each of the plurality of client devices is associated with a user attempting to access a cloud-based application, wherein the system is connected between the plurality of client devices and the cloud computing platform; extract at least one parameter from the intercepted traffic related to at least each client device and a respective user attempting to access the cloud-based application; determine, based on the at least one parameter and at least a set of parameters combining cloud-based application risk factors for a provider of the cloud computing platform, a risk indicator for the user attempting to access the cloud-based application, wherein the risk factors define at least security measures implemented by the provider and the cloud-based application; and perform a mitigation action to mitigate a potential risk to the cloud computing platform based on the determined risk indicator, wherein the mitigation action includes at least regulating the access to the cloud-based application, and wherein the risk indicator is further determined using a profiling engine configured to characterize, based on passive traffic recordings of the set of parameters, user characteristics of each user, wherein the user characteristics include at least one of;
user usage patterns, roles, locations, distribution of user activities over time, and daily user routines. - View Dependent Claims (20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36)
-
Specification