Systems and methods for detecting security incidents across cloud-based application services

Assignee

• Obsidian Security, Inc. · US

Inventors

• Matt Wolff · Newport Beach, US
• Alexander Vandenberg-Rodes · Brooks Road, US
• Naresh Chebolu · Irvine, US
• Marcus Mccurdy · Westmont, US
• Matthew Maisel · Philadelphia, US
• Jody Forness · Laguna Beach, US
• Jedidiah Mitten · Lakeside, US
• Noah Corradin · Newport Beach, US
• Samantha Staszak · Brooks Road, US
• David Newhall · Tustin, US
• Christopher GALBRAITH · Irvine, US
• Christopher Fuller · Bloomington, US
• Brian Lau · Talbert, US
• Benjamin Johnson · Brooklyn Park, US

Key dates

Classification

• Technology area (CPC H)Electricity
• CPC primaryH04L67/535
• WIPO fieldDigital communication
• WIPO sectorElectrical engineering

Abstract

A method, a system, and an article are provided for identification of security-related activities based on usage of a plurality of independent cloud-based, hosted application platforms. An example method includes: receiving, from the application platforms, activity data and state data for a plurality of users of the application platforms; generating one or more predictive models configured to detect deviations from normal user behavior across the application platforms; providing, as input to the one or more predictive models, the activity data and the state data for at least one of the users; receiving, from the one or more predictive models, an indication that an activity of the at least one of the users deviates from the normal user behavior; and facilitating a remedial action to address the indicated deviation.