| CPC H04L 63/20 (2013.01) [H04L 63/1425 (2013.01); H04L 63/205 (2013.01)] | 18 Claims |
|
1. A method of implementing cloud security in an enterprise, the method comprising:
accessing, using a hardware processor, mapping data for service actions to a first set of service action categories, wherein each of the first set of service action categories describes a permitted and intended function that is performed by each of a plurality of service actions in the service action category;
identifying, using the processor, an uncategorized service action associated with a first cloud service provider in cloud activity data associated with the enterprise;
performing, using the processor, categorization of the uncategorized service action using at least one contextual categorization prediction method to map the uncategorized service action to a service action category in the first set of service action categories;
evaluating cloud security risk of cloud activities based on the first set of service action categories;
updating the mapping data with the service action category of the uncategorized service action;
detecting cloud security threats using the first set of service action categories; and
applying a security enforcement policy to cloud activities of the enterprise based on the first set of service action categories.
|