System and method for agentless detection of sensitive data in computing environments

Assignee

• Wiz, Inc. · US

Inventors

• Raaz HERZBERG · Tel Aviv-Yafo, IL
• Avi Tal LICHTENSTEIN · Tel Aviv-Yafo, IL
• Roy REZNIK · Tel Aviv-Yafo, IL
• Ami Luttwak · Binyamina - Givat Ada, IL
• Moran Cohen · Tel Aviv-Yafo, IL
• Yaniv Shaked · Tel Aviv-Yafo, IL
• Yinon COSTICA · Tel Aviv-Yafo, IL
• George PISHA · Givatayim, IL

Key dates

Classification

• Technology area (CPC G)Physics
• CPC primaryG06F16/906
• WIPO fieldComputer technology
• WIPO sectorElectrical engineering

Abstract

A system and method for agentless detection of sensitive data in a cloud computing environment. The method includes detecting a first data object including a data schema and a content in a cloud computing environment; detecting a second data object, having the data schema of the first data object; generating in a security graph: a first data object node representing the first data object, a second data object node representing the second data object, and a data schema node representing the data schema; storing a classification based on the content in the security graph, wherein the content is classified as sensitive data or non-sensitive data; and rendering an output based on the classification and the data schema node, in lieu of the first data object node and the second data object node, in response to receiving a query to detect a node representing a data object classified as sensitive data.