Systems and methods for performing security analyses of applications configured for cloud-based platforms
First Claim
1. A computer-implemented method for performing security analyses of applications configured for cloud-based platforms, at least a portion of the method being performed by a computing device comprising at least one processor, the method comprising:
- identifying an online platform that hosts an online service and that is capable of hosting a plurality of third-party applications integrated with the online service and configured to operate on the online platform, wherein the online service hosts and/or processes data via one or more cloud-based applications;
identifying, by a security system separate from the online service, at least one third-party application by identifying user-facing content within the online service that references the third-party application, the third-party application being;
separate from and configured to operate on the online platform;
specifically designed to be integrated with the online service and enhancing the online service by customizing an interaction with the online service;
retrieving, from the online service by the security system, metadata describing;
at least one characteristic of the third-party application;
the interaction of the third-party application with the online service;
an internet resource provided via a canvas page that comprises at least a portion of the third-party application;
in response to determining that the third-party application is separate from the online platform, performing, by the security system, a security analysis of the third-party application instead of the online service that determines a most probable classification of the third-party application, based at least in part on the metadata describing at least one characteristic of the third-party application, the interaction of the third-party application with the online service, and the internet resource provided via the canvas page, and flagging the third-party application as malicious based on the security analysis.
6 Assignments
0 Petitions
Accused Products
Abstract
A computer-implemented method for performing security analyses of applications configured for cloud-based platforms may include 1) identifying an online platform that hosts an online service and that is capable of hosting a plurality of third-party applications integrated with the online service and configured to operate on the online platform, 2) identifying at least one third-party application that is integrated with the online service and configured to operate on the online platform, 3) identifying metadata describing at least one characteristic of the third-party application, and 4) performing a security analysis of the third-party application based at least in part on the metadata. Various other methods, systems, and computer-readable media are also disclosed.
-
Citations
20 Claims
-
1. A computer-implemented method for performing security analyses of applications configured for cloud-based platforms, at least a portion of the method being performed by a computing device comprising at least one processor, the method comprising:
-
identifying an online platform that hosts an online service and that is capable of hosting a plurality of third-party applications integrated with the online service and configured to operate on the online platform, wherein the online service hosts and/or processes data via one or more cloud-based applications; identifying, by a security system separate from the online service, at least one third-party application by identifying user-facing content within the online service that references the third-party application, the third-party application being; separate from and configured to operate on the online platform; specifically designed to be integrated with the online service and enhancing the online service by customizing an interaction with the online service; retrieving, from the online service by the security system, metadata describing; at least one characteristic of the third-party application; the interaction of the third-party application with the online service; an internet resource provided via a canvas page that comprises at least a portion of the third-party application; in response to determining that the third-party application is separate from the online platform, performing, by the security system, a security analysis of the third-party application instead of the online service that determines a most probable classification of the third-party application, based at least in part on the metadata describing at least one characteristic of the third-party application, the interaction of the third-party application with the online service, and the internet resource provided via the canvas page, and flagging the third-party application as malicious based on the security analysis. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A system for performing security analyses of applications configured for cloud-based platforms, the system comprising:
-
an identification module programmed to identify an online platform that hosts an online service and that is capable of hosting a plurality of third-party applications integrated with the online service and configured to operate on the online platform, wherein the online service hosts and/or processes data via one or more cloud-based applications; an application module programmed to identify, from a security server separate from the online service, at least one third-party application by identifying user-facing content within the online service that references the third-party application, the third-party application being; separate from and configured to operate on the online platform; specifically designed to be integrated with the online service and enhancing the online service by customizing an interaction with the online service; a metadata module programmed to retrieve, from the security server, metadata from within the online service describing; at least one characteristic of the third-party application; the interaction of the third-party application with the online service; an internet resource provided via a canvas page that comprises at least a portion of the third-party application; a security module programmed to perform, from the security server and in response to determining that the third-party application is separate from the online platform, a security analysis of the third-party application instead of the online service that determines a most probable classification of the third-party application, based at least in part on the metadata describing at least one characteristic of the third-party application, the interaction of the third-party application with the online service, and the internet resource provided via the canvas page, and flagging the third-party application as malicious based on the security analysis; at least one hardware processor configured to execute the identification module, the application module, the metadata module, and the security module. - View Dependent Claims (11, 12, 13, 14, 15, 16, 17)
-
-
18. A non-transitory computer-readable-storage medium comprising one or more computer-executable instructions that, when executed by at least one processor of a computing device, cause the computing device to:
-
identify an online platform that hosts an online service and that is capable of hosting a plurality of third-party applications integrated with the online service and configured to operate on the online platform, wherein the online service hosts and/or processes data via one or more cloud-based applications; identify, from a security server separate from the online service, at least one third-party application by identifying user-facing content within the online service that references the third-party application, the third-party application being; separate from and configured to operate on the online platform; specifically designed to be integrated with the online service and enhancing the online service by customizing an interaction with the online service; retrieve, from the security server, metadata from within the online service describing; at least one characteristic of the third-party application; the interaction of the third-party application with the online service; an internet resource provided via a canvas page that comprises at least a portion of the third-party application; in response to determining that the third-party application is separate from the online platform, perform, from the security server, a security analysis of the third-party application instead of the online service that determines a most probable classification of the third-party application, based at least in part on the metadata describing at least one characteristic of the third-party application, the interaction of the third-party application with the online service, and the internet resource provided via canvas page, and flagging the third-party application as malicious based on the security analysis. - View Dependent Claims (19, 20)
-
Specification