US 12,289,330 B2
Techniques for securing services using inter-service visibility
Michael Seltzer, Evanston, IL (US); Aner Gelman, Tel Aviv (IL); and Shaked Gitelman, Tel Aviv (IL)
Assigned to Check Point Software Technologies Ltd., Tel Aviv (IL)
Filed by AtmoSec Ltd., Tel Aviv (IL)
Filed on Aug. 8, 2022, as Appl. No. 17/818,113.
Prior Publication US 2024/0048574 A1, Feb. 8, 2024
Int. Cl. H04L 9/40 (2022.01)
CPC H04L 63/1425 (2013.01) 27 Claims
OG exemplary drawing
 
1. A method for securing software as a service (SaaS) platforms by providing inter-service visibility, comprising:
identifying, based on log data of a first service, a second service connected to the first service, wherein each of the first service and the second service is a set of functions for performing a respective task, wherein the second service is called by the first service;
identifying a plurality of patterns in communications between the first service and the second service in the log data of the first service;
creating, based on the identified plurality of patterns, a baseline for communications between the first service and the second service;
determining at least one communication parameter for each communication between the first service and the second service;
detecting an anomalous communication between the first service and the second service, wherein the anomalous communication deviates from the baseline, and wherein the anomalous communication is detected based further on the determined at least one communication parameter for each communication between the first service and the second service; and
performing a mitigation action with respect to the detected anomalous communication.