US 12,248,581 B1
Architecture of a multi-cloud inspector for any compute type
Yaniv Shaked, Tel Aviv (IL); Ami Luttwak, Binyamina (IL); Gal Kozoshnik, Petach Tikva (IL); Roy Reznik, Tel Aviv (IL); and Yarin Miran, Rishon Lezion (IL)
Assigned to Wiz, Inc., New York, NY (US)
Filed by Wiz, Inc., New York, NY (US)
Filed on Mar. 3, 2022, as Appl. No. 17/653,325.
Claims priority of provisional application 63/156,754, filed on Mar. 4, 2021.
This patent is subject to a terminal disclaimer.
Int. Cl. G06F 21/57 (2013.01); G06F 9/455 (2018.01); G06F 9/50 (2006.01); G06F 16/28 (2019.01)
CPC G06F 21/577 (2013.01) [G06F 9/45558 (2013.01); G06F 9/5072 (2013.01); G06F 9/5077 (2013.01); G06F 16/288 (2019.01); G06F 2009/4557 (2013.01); G06F 2009/45587 (2013.01); G06F 2009/45595 (2013.01)] 19 Claims
OG exemplary drawing
 
1. A method for multi-cloud vulnerability inspection, comprising:
accessing an object list, including a plurality of objects, each object having a corresponding identifier, each object deployed in a cloud environment, wherein a first object is deployed in a first cloud environment and a second object is deployed in a second cloud environment, wherein the first object is configured to be operational in the first cloud environment so as to provide functionality to the first cloud environment and the second object is configured to be operational in the second cloud environment so as to provide functionality to the second cloud environment;
selecting, from a plurality of available inspectors, at least a first inspector for inspecting at least a portion of the plurality of objects from the object list, wherein each of the at least a first inspector selected is selected based on at least one criteria of each of the objects of the at least a portion of the plurality of objects to be inspected by the selected at least a first inspector;
generating a first object copy for the first object, the first object copy including a first virtual environment;
deploying the at least a first inspector in the first virtual environment, the first virtual environment being adapted to enable execution of code implementing the at least a first inspector;
generating a second object copy for the second object, the second object copy including a second virtual environment;
deploying the at least a first inspector in the second virtual environment;
receiving an inspection report from the at least a first inspector in response to inspecting the first object copy;
generating an enriched dataset based on the inspection report; and
storing at least a portion of the enriched dataset in a security graph;
wherein the inspection report includes an indicator corresponding to a vulnerability, indicating that an inspected object includes the vulnerability.