US 12,261,849 B2
Automatic least-privilege access and control for target resources
Tomer Dayan, Petach-Tikva (IL)
Assigned to CyberArk Software, Ltd., Petach-Tikva (IL)
Filed by CyberArk Software Ltd., Petach-Tikva (IL)
Filed on Sep. 7, 2021, as Appl. No. 17/468,632.
Application 17/468,632 is a continuation in part of application No. 16/674,985, filed on Nov. 5, 2019, granted, now 11,128,637.
Prior Publication US 2021/0409421 A1, Dec. 30, 2021
This patent is subject to a terminal disclaimer.
Int. Cl. H04L 29/06 (2006.01); H04L 9/40 (2022.01); G06N 20/00 (2019.01)
CPC H04L 63/105 (2013.01) [H04L 63/08 (2013.01); H04L 63/205 (2013.01); G06N 20/00 (2019.01)] 20 Claims
OG exemplary drawing
 
1. A non-transitory computer readable medium including instructions that, when executed by at least one processor, cause the at least one processor to perform operations using least-privilege access to and control of target network resources, the operations comprising:
identifying a prompt associated with a least-privilege requesting identity to initiate an action on a target network resource;
executing, in response to the prompt, a first set of executable code;
initiating, based on the first set of executable code, execution of a second set of executable code on the target network resource, wherein the second set of executable code executes using a least-privilege credential or using least-privilege permissions, the least-privilege credential and the least-privilege permissions being determined according to a least-privilege security policy associated with a type of activity expected to be performed on the target network resource; and
instructing the second set of executable code to perform the action remotely on the target network resource through a remote session using the least-privilege credential or using the least-privilege permissions.