CPC G06F 11/3457 (2013.01) [G06F 21/552 (2013.01); G06F 21/577 (2013.01); G06F 2201/86 (2013.01)] | 19 Claims |
1. A computer-implemented method comprising, at a computer system of a security management system:
obtaining activity data from a service provider system, wherein the activity data includes a list of actions performed during use of a cloud service, wherein actions in the list of actions are performed by one or more users associated with a tenant, wherein the service provider system provides the tenant with a tenant account, and wherein the tenant account enables the one or more users to use the cloud service;
generating a simulated action from the list of actions to determine fields for the simulated action;
generating simulated activity data that includes the simulated action;
inputting the simulated activity data and the activity data from the service provider system concurrently into the security management system; and
executing operations by the security management system on the simulated activity data and the activity data from the service provider system concurrently to determine whether actions included in the simulated activity data indicate use of the cloud service that constitutes a security risk.
|