US 12,219,053 B2
Techniques for circumventing provider-imposed limitations in snapshot inspection of disks for cybersecurity
Shahar Rand, Haifa (IL); Eric Abramov, Holon (IL); Yaniv Shaked, Tel Aviv (IL); and Elad Gabay, Tel Aviv (IL)
Assigned to Wiz, Inc., New York, NY (US)
Filed by Wiz, Inc., New York, NY (US)
Filed on Apr. 29, 2024, as Appl. No. 18/649,529.
Application 18/649,529 is a continuation of application No. 18/359,493, filed on Jul. 26, 2023.
Application 18/359,493 is a continuation in part of application No. 18/146,074, filed on Dec. 23, 2022.
Application 18/359,493 is a continuation in part of application No. 18/146,076, filed on Dec. 23, 2022.
Claims priority of provisional application 63/266,031, filed on Dec. 27, 2021.
Prior Publication US 2024/0291643 A1, Aug. 29, 2024
This patent is subject to a terminal disclaimer.
Int. Cl. H04L 29/06 (2006.01); H04L 9/08 (2006.01); H04L 9/40 (2022.01)
CPC H04L 9/0861 (2013.01) [H04L 63/1416 (2013.01)] 23 Claims
OG exemplary drawing
 
1. A method for reducing use of restricted operations in a computing environment during cybersecurity threat inspection, comprising:
detecting an encrypted disk in a computing environment, the encrypted disk utilizing a first key in a key management system (KMS) for decryption;
generating a second key for decryption in the KMS, the second key associated with an entity of an inspection environment;
generating a snapshot of the encrypted disk;
generating a volume based on the snapshot;
re-encrypting the volume with the second key;
generating an inspectable disk from the re-encrypted volume; and
initiating inspection for a cybersecurity object on the inspectable disk.