Supplementing network flow analysis with endpoint information

Assignee

• Ziften Technologies, Inc. · US

Inventors

• Ryan Holeman · Austin, US
• Al Hartmann · Round Rock, US
• Josh Harriman · Austin, US
• Josh Applebaum · Austin, US

Key dates

Classification

• Technology area (CPC Y)Emerging Cross-Sectional Technologies
• CPC primaryY02D30/50
• WIPO fieldDigital communication
• WIPO sectorElectrical engineering

Abstract

Techniques are disclosed for facilitating analysis of cloud activity. A cloud activity analysis agent may run within a virtual machine in a cloud computing environment to collecting information regarding computing activity within the virtual machine. The cloud activity analysis agent may include, in network flow data records, cloud activity data based on the collected information. The cloud activity analysis agent may then transmit the network flow data records to a network device for flow analysis. In some embodiments, the network flow data records are transmitted to a network flow analyzer that is configured to receive the cloud activity data and is further configured to receive network flow data from one or more flow collectors within a network of the entity. The network flow analyzer may then perform a security analysis for the entity based on the network flow data and the cloud activity data.