US 12,236,432 B2
Automated cloud security computer system for proactive risk detection and adaptive response to risks and method of using same
Michael J. Hrabik, Omaha, NE (US)
Assigned to SecureSky, Inc., Omaha, NE (US)
Filed by SecureSky, Inc., Omaha, NE (US)
Filed on Jun. 8, 2023, as Appl. No. 18/207,461.
Application 18/207,461 is a continuation of application No. 17/306,817, filed on May 3, 2021, granted, now 11,676,151.
Application 17/306,817 is a continuation of application No. 16/532,282, filed on Aug. 5, 2019, granted, now 10,997,598, issued on May 4, 2021.
Claims priority of provisional application 62/715,045, filed on Aug. 6, 2018.
Prior Publication US 2024/0020701 A1, Jan. 18, 2024
Int. Cl. H04L 29/06 (2006.01); G06Q 20/40 (2012.01); H04L 9/40 (2022.01)
CPC G06Q 20/4016 (2013.01) [G06Q 20/405 (2013.01); H04L 63/1425 (2013.01); H04L 63/1433 (2013.01)] 42 Claims
OG exemplary drawing
 
1. A computer system configured to interface with a cloud computing environment, the computer system comprising:
one or more processors;
memory storing one or more programs configured to be executed by the one or more processors, the one or more programs including instructions for:
initiating, at the computer system, one or more transactions in the cloud computing environment by transmitting a first identifier to the cloud computing environment to cause:
a first service of the cloud computing environment to generate a first set of data including the first identifier and a second identifier, wherein the first identifier includes a first synthetic marker, and
a second service of the cloud computing environment to generate a second set of data including a third identifier and a fourth identifier, wherein the third identifier includes a second synthetic marker;
subsequent to initiating the one or more transactions, automatically performing a process to selectively generate a linkage, the process including:
determining, at the computer system, whether the first identifier is associated with the third identifier, including:
tracing the one or more transactions in the cloud computing environment based on at least one of the first synthetic marker and the second synthetic marker;
identifying a plurality of services of the cloud computing environment based on the traced one or more transactions, wherein the plurality of services includes the first service and the second service;
obtaining, from the plurality of services, the first set of data and the second set of data; and
comparing the first identifier to the third identifier according to a set of predetermined criteria; and
in accordance with a determination that the first identifier is associated with the third identifier:
associating the second identifier with the fourth identifier;
identifying a relationship between the first and second services based on the association between the second and fourth identifiers;
generating a linkage between a third service of the cloud computing environment and a fourth service of the cloud computing environment based on the identified relationship; and
adaptively updating a security model based on the identified relationship.