System and method for generating a partitioned view of a security graph in a cloud computing environment

Assignee

• Wiz, Inc. · US

Inventors

• Avihai Berkovitz · Tel Aviv-Yafo, IL
• Raaz HERZBERG · Tel Aviv-Yafo, IL
• Ami Luttwak · Binyamina - Givat Ada, IL
• Roy REZNIK · Tel Aviv-Yafo, IL
• Shai Keren · Tel Aviv-Yafo, IL
• Yinon COSTICA · Tel Aviv-Yafo, IL

Key dates

Classification

• Technology area (CPC G)Physics
• CPC primaryG06F2221/034
• WIPO fieldComputer technology
• WIPO sectorElectrical engineering

Abstract

A cybersecurity system provides the ability to detect security risks in a cross-platform cloud solution. A unified data schema is used to abstract resources, principals and others across multiple platforms. A security graph is generated to present a unified view of cloud environments, which are then easily queried using the structure of the data schema. The solution allows a compact representation of cloud environments, which is scalable and multi-layered. The security graph allows for representation of production environments, staging environments, as well as code for deploying workloads in the cloud environment. Thus the solution is also able to present a complete picture of a user's entire cloud environment. The solution further allows to generate subgraph views, by associating a tag to certain nodes, then rendering a view based on nodes which include the tag, and all children nodes thereof.