	US 12,231,440 B2
	System and method for detecting lateral movement using cloud access keys
Avi Tal Lichtenstein, Tel Aviv (IL); Ami Luttwak, Binyamina (IL); and Daniel Hershko Shemesh, Givat-Shmuel (IL)
Assigned to Wiz, Inc., New York, NY (US)
Filed by Wiz, Inc., New York, NY (US)
Filed on Mar. 26, 2024, as Appl. No. 18/617,210.
Application 18/617,210 is a continuation of application No. 18/474,974, filed on Sep. 26, 2023, granted, now 12,010,122.
Application 18/474,974 is a continuation of application No. 17/657,494, filed on Mar. 31, 2022, granted, now 11,811,787, issued on Nov. 7, 2023.
Claims priority of provisional application 63/170,125, filed on Apr. 2, 2021.
Prior Publication US 2024/0267389 A1, Aug. 8, 2024
This patent is subject to a terminal disclaimer.
Int. Cl. H04L 9/40 (2022.01)

CPC H04L 63/14 (2013.01)

23 Claims

1. A method for detecting potential lateral movement in a computing environment, comprising:

generating in a security database a representation of a computing environment, the computing environment including a plurality of entities;

detecting a first node in the security database, the first node representing a compromised entity of the plurality of entities;

detecting in the security database a credential node connected to the first node, wherein the credential node represents a credential utilized by the entity in the computing environment; and

generating a potential lateral movement path including: the first node, and a second node representing a second entity of the plurality of entities, wherein the second node is further connected to the credential node.