Assessing security of service provider computing systems

Assignee

• Wells Fargo Bank, N.A. · US

Inventors

• Shawn Wallis · Midlothian, US
• David Lorenzi · Phoenix, US
• Matthew Michael Rogers · Charlotte, US
• Christopher Heschong · Greensboro, US

Key dates

Classification

• Technology area (CPC G)Physics
• CPC primaryG06F40/30
• WIPO fieldDigital communication
• WIPO sectorElectrical engineering

Abstract

This disclosure describes techniques that include assessing whether various service providers, such as cloud service providers or SaaS providers, are properly maintaining sensitive data (e.g., private, confidential, and/or non-public information) that is entrusted to them. In one example, this disclosure describes a method that includes collecting, by a computing system, information about interactions with a service provider computing system; identifying, based on the information about the interactions, a plurality of network paths, each associated with a data object accessed at the service provider computing system; requesting, based on the plurality of network paths, data from the service provider computing system; receiving a response; determining, based on the response, whether the response includes sensitive information; and taking action based on whether the response includes sensitive data.