Techniques for detecting sensitive data in cloud computing environments utilizing cloning

Assignee

• Wiz, Inc. · US

Inventors

• Raaz HERZBERG · Tel Aviv-Yafo, IL
• Avi Tal LICHTENSTEIN · Tel Aviv-Yafo, IL
• Roy REZNIK · Tel Aviv-Yafo, IL
• Ami Luttwak · Binyamina - Givat Ada, IL
• Moran Cohen · Tel Aviv-Yafo, IL
• Yaniv Shaked · Tel Aviv-Yafo, IL
• Yinon COSTICA · Tel Aviv-Yafo, IL
• George PISHA · Givatayim, IL
• Daniel Hershko SHEMESH · Givat Shmuel, IL
• Yarin Miran · Rishon LeZion, IL

Key dates

Classification

• Technology area (CPC G)Physics
• CPC primaryG06F2009/45591
• WIPO fieldComputer technology
• WIPO sectorElectrical engineering

Abstract

A system and method for agentless detection of sensitive data in a cloud computing environment is disclosed. The method includes: generating an inspectable disk from a clone of an original disk in a cloud computing environment; inspecting the inspectable disk for a cybersecurity object, the cybersecurity object indicating a sensitive data, the disk deployed in a cloud computing environment; extracting a data schema from the cybersecurity object, in response to detecting the cybersecurity object on the disk; generating a classification of the data schema; detecting in the disk a plurality of data files, each data file including the classified data schema; determining that the data schema corresponds to sensitive data based on the generated classification; generating in a security database: a representation of the data schema, and a representation of each data file; and rendering a visual representation of the cloud computing environment including a representation of the data schema.