Cloud security posture management systems and methods with a cloud-based system

Assignee

• Zscaler, Inc. · US

Inventors

• Gururaj Pandurangi · Redmond, US
• Pravin Kulkarni · Pune, IN
• Rahul Khengare · Pune, IN
• Unmesh Meshram · Pune, IN
• Santosh K. Yadav · Philadelphia, US
• Shraddha Agrawal · Pune, IN
• Ankit Rao · Pune, IN
• Himalay Kondekar · Pune, IN
• Girish Murlidhar Jaju · Pune, IN

Key dates

Classification

• Technology area (CPC H)Electricity
• CPC primaryH04L63/1433
• WIPO fieldDigital communication
• WIPO sectorElectrical engineering

Abstract

Cloud Security Posture Management (CSPM) systems and methods include, in a node in a cloud-based system, obtaining a plurality of security policies and one or more compliance frameworks for a tenant of a cloud provider where the tenant has a cloud application deployed with the cloud provider, wherein each security policy defines a configuration and an expected value, and wherein each compliance framework includes one or more of the security policies; obtaining configurations of the cloud application; identifying misconfigurations of the cloud application based on a comparison of the obtained configurations with the plurality of security policies; analyzing the misconfigurations to determine risks including prioritization of the risks based on their likelihood of exposure to security breaches; and causing remediation of the identified misconfigurations and the determined risks, wherein the cloud-based system performs the CSPM service in addition to one or more additional cloud services.