| CPC H04L 63/1433 (2013.01) [H04L 41/0853 (2013.01); H04L 41/145 (2013.01); H04L 41/22 (2013.01); H04L 67/1036 (2013.01); H04L 67/51 (2022.05)] | 27 Claims |
|
1. A method, comprising:
generating, via a threat modeling engine, a first threat model comprising (a) a first set of one or more threats associated with a first environment model representing a first cloud infrastructure comprising a plurality of services and a plurality of resources, and (b) a first set of one or more potential mitigation strategies comprising at least a first mitigation to mitigate at least a first threat of the first set of one or more threats;
prior to implementing a first recommendation corresponding to the first mitigation:
generating, via the threat modeling engine, a second threat model at least by propagating the first set of one or more potential mitigation strategies through the first environment model, wherein the second threat model comprises (a) a second set of one or more threats associated with the first environment model, wherein the second set of one or more threats comprises at least a second threat predicted based on the first mitigation, and (b) a second set of one or more potential mitigation strategies comprising at least a second mitigation to mitigate at least the second threat of the second set of one or more threats;
generating, via the threat modeling engine, a plurality of recommendations for the first cloud infrastructure, wherein the plurality of recommendations comprise (a) the first recommendation corresponding to the first mitigation, and (b) a second recommendation corresponding to the second mitigation,
wherein the first cloud infrastructure is modified at least by implementing the first recommendation and the second recommendation.
|