Synthetic request injection to disambiguate bypassed login events for cloud policy enforcement
US11303647B1 · kind B1 · utility
Assignee
Inventors
Key dates
| Filing date | Apr 22, 2021 |
| Grant date | Apr 12, 2022 |
| Priority date | — |
| Expiry date | Apr 22, 2041 |
Classification
- Technology area (CPC H)Electricity
- CPC primaryH04L63/1425
- WIPO fieldDigital communication
- WIPO sectorElectrical engineering
Abstract
The technology disclosed describes a computer-implemented method. The computer-implemented method includes disambiguating a bypassed login event that caused a client to access a cloud application but bypassed a network security system configured to intermediate traffic between the client and the cloud application. The network security system receives from the client an incoming request to access a resource on the cloud application over an application session. The bypassed login event preceded the incoming request. The network security system analyzes the incoming request and detects absence of instance metadata required to determine whether the bypassed login event emanated from a controlled account or an uncontrolled account. The network security system holds the incoming request, generates a synthetic request, and injects the synthetic request into the application session and transmits the synthetic request to the cloud application. The synthetic request is configured to retrieve the instance metadata from the cloud application.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.