Method and system for implementing cloud native application threat detection
First Claim
Patent Images
1. A method for implementing cloud native application (CNA) threat detection, comprising:
- in response to a CNA meeting a webhook trigger;
receiving a webhook message comprising an application granularity image (AGI);
instantiating a restored image environment (RIE) within a cloud computing environment;
configuring the RIE through a restoration of the AGI therein; and
probing the AGI, within the RIE, to perform a cyber security assessment of the CNA as part of an application development pipeline (ADP),wherein the CNA meeting the webhook trigger comprises detecting a modification to a document configuring or defining a container stack implementing the CNA,wherein probing the AGI, within the RIE, to perform the cyber security assessment of the CNA, comprises;
employing a data scanning algorithm to probe the AGI within the RIE;
based on the employing, identifying a potential threat signature (PTS) in the AGI;
determining that the PTS does not match a known cyber security threat signature; and
based on the determining, generating a recommendation to permit a proceeding of the CNA to a deployment stage along the ADP.
7 Assignments
0 Petitions
Accused Products
Abstract
A method and system for implementing cloud native application threat detection. Specifically, the disclosed method and system entail configuring a webhook within a build pipeline for cloud native applications, which when triggered by the detection of modifications to container configuration and/or definition files associated with the cloud native applications, forwards exact copies of the cloud native applications to a threat detection service for cyber security assessing. Further, based on the assessing, cloud native applications may be impeded from continuing, or alternatively, may be permitted to continue along, the build pipeline.
-
Citations
18 Claims
-
1. A method for implementing cloud native application (CNA) threat detection, comprising:
-
in response to a CNA meeting a webhook trigger; receiving a webhook message comprising an application granularity image (AGI); instantiating a restored image environment (RIE) within a cloud computing environment; configuring the RIE through a restoration of the AGI therein; and probing the AGI, within the RIE, to perform a cyber security assessment of the CNA as part of an application development pipeline (ADP), wherein the CNA meeting the webhook trigger comprises detecting a modification to a document configuring or defining a container stack implementing the CNA, wherein probing the AGI, within the RIE, to perform the cyber security assessment of the CNA, comprises; employing a data scanning algorithm to probe the AGI within the RIE; based on the employing, identifying a potential threat signature (PTS) in the AGI; determining that the PTS does not match a known cyber security threat signature; and based on the determining, generating a recommendation to permit a proceeding of the CNA to a deployment stage along the ADP. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A system, comprising:
-
a cloud platform service (CPS) comprising a first computer processor programmed to implement an application development pipeline (ADP); and a threat detection service (TDS) kernel executing on a second computer processor operatively connected to the CPS, wherein the TDS kernel is programmed to; in response to a cloud native application (CNA) meeting a webhook trigger; obtain, for the CNA, an application granularity image (AGI) originating from the CPS; instantiate a restored image environment (RIE) within a cloud computing environment; configure the RIE through a restoration of the AGI therein; and create a RIE manager responsible for probing the AGI, within the RIE, to perform a cyber security assessment of the CNA as part of the ADP, wherein the CNA meeting the webhook trigger comprises detecting a modification to a document configuring or defining a container stack implementing the CNA, wherein probing the AGI, within the RIE, to perform the cyber security assessment of the CNA, comprises; employing a data scanning algorithm to probe the AGI within the RIE; based on the employing, identifying a potential threat signature (PTS) in the AGI; determining that the PTS does not match a known cyber security threat signature; and based on the determining, generating a recommendation to permit a proceeding of the CNA to a deployment stage along the ADP. - View Dependent Claims (9, 10, 11)
-
-
12. A non-transitory computer readable medium (CRM) comprising computer readable program code, which when executed by a computer processor, enables the computer processor to:
-
in response to a cloud native application (CNA) meeting a webhook trigger; receive a webhook message comprising an application granularity image (AGI); instantiate a restored image environment (RIE) within a cloud computing environment; configure the RIE through a restoration of the AGI therein; and probe the AGI, within the RIE, to perform a cyber security assessment of the CNA as part of an application development pipeline (ADP), wherein the CNA meeting the webhook trigger comprises detecting a modification to a document configuring or defining a container stack implementing the CNA, wherein probing the AGI, within the RIE, to perform the cyber security assessment of the CNA, comprises; employing a data scanning algorithm to probe the AGI within the RIE; based on the employing, identifying a potential threat signature (PTS) in the AGI; determining that the PTS does not match a known cyber security threat signature; and based on the determining, generating a recommendation to permit a proceeding of the CNA to a deployment stage along the ADP. - View Dependent Claims (13, 14, 15, 16, 17, 18)
-
Specification