Context-aware security policies and incident identification via automated cloud graph building with security overlays

Context-aware security policies and incident identification via automated cloud graph building with security overlays

Context-aware security policies and incident identification, via automated cloud graph building with security overlays, are determined and performed by systems and platforms. Graph nodes, of a graph associated with a computing system, that represent resources associated with the computing system and...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
1. Verfasser: Salman, Tamer
Format: Patent
Sprache:eng
Schlagworte:
ELECTRIC COMMUNICATION TECHNIQUE
ELECTRICITY
TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:Context-aware security policies and incident identification, via automated cloud graph building with security overlays, are determined and performed by systems and platforms. Graph nodes, of a graph associated with a computing system, that represent resources associated with the computing system and entities associated with the computing system that have respective associations to the resources are generated. Security attributes are determined and assigned to the graph nodes that represent the entities and resources, and static and dynamic connections between the graph nodes are added to the graph. Additionally, possible connections in the graph between the graph nodes are added based on heuristic relational determinations of the graph nodes. From the graph, security incidents and kill chains are identified, context-aware security policies are generated and validated, and scopes and relationships of applications are identified. Accordingly, security actions are taken for the computing system.