	US 12,294,589 B2
	Cloud-platform push for known data breaches
Supreeth Hosur Nagesh Rao, Cupertino, CA (US); Navindra Yadav, Cupertino, CA (US); Ravi Sankuratri, Cupertino, CA (US); Alok Lalit Wadhwa, Milipitas, CA (US); Aria Rahadian, San Jose, CA (US); Bharathwaj Sankara Viswanathan, Mountain View, CA (US); Brady Schulman, Milford, CA (US); Matthew Finn, Lebanon, GA (US); Paul John Lesiak, West Orange, NJ (US); Ravi Shanker Prasad, Fremont, CA (US); Vasil Dochkov Yordanov, San Jose, CA (US); Yiwei Wang, San Jose, CA (US); Zhiwen Zhang, San Jose, CA (US); Udayan Joshi, San Diego, CA (US); Soumyadeep Choudhury, San Jose, CA (US); Muhammada Furqan, Lowell, MA (US); and Manish Arigala, San Jose, CA (US)
Filed by Supreeth Hosur Nagesh Rao, Cupertino, CA (US); Navindra Yadav, Cupertino, CA (US); Ravi Sankuratri, Cupertino, CA (US); Alok Lalit Wadhwa, Milipitas, CA (US); Aria Rahadian, San Jose, CA (US); Bharathwaj Sankara Viswanathan, Mountain View, CA (US); Brady Schulman, Milford, CA (US); Matthew Finn, Lebanon, GA (US); Paul John Lesiak, West Orange, NJ (US); Ravi Shanker Prasad, Fremont, CA (US); Vasil Dochkov Yordanov, San Jose, CA (US); Yiwei Wang, San Jose, CA (US); Zhiwen Zhang, San Jose, CA (US); Udayan Joshi, San Diego, CA (US); Soumyadeep Choudhury, San Jose, CA (US); Muhammada Furqan, Lowell, MA (US); and Manish Arigala, San Jose, CA (US)
Filed on Nov. 16, 2021, as Appl. No. 17/527,466.
Claims priority of provisional application 63/153,362, filed on Feb. 24, 2021.
Prior Publication US 2022/0272111 A1, Aug. 25, 2022
Int. Cl. H04L 9/40 (2022.01); G06F 9/54 (2006.01); G06F 16/23 (2019.01); G06F 21/57 (2013.01); G06F 21/60 (2013.01); G06F 21/62 (2013.01)

CPC H04L 63/1416 (2013.01) [G06F 9/541 (2013.01); G06F 16/2379 (2019.01); G06F 21/577 (2013.01); G06F 21/604 (2013.01); G06F 21/6245 (2013.01); H04L 63/0209 (2013.01); H04L 63/1425 (2013.01); H04L 63/1466 (2013.01); H04L 63/20 (2013.01); G06F 2221/034 (2013.01)]

2 Claims

1. A method for implementing a cloud-platform push for one or more known data breaches comprising:

for each data breach of the one or more known data breaches:

providing a functionality that maps one or more kill chains or Tactics, Techniques, and Procedures (TTPs) for a specified set of security dimensions;

generating a security rule for each mapped kill chain or TTP based on the functionality that maps the one or more kill chains or Tactics, Techniques, and Procedures (TTPs) for a specified set of security dimensions;

pushing the security rule to an enterprise so that the enterprise is aware of a vulnerability to the data breach;

generating a customized posture for a Virtual private cloud (VPC) in the enterprise's cloud-based network; and

determining that the data breach can occur within the enterprise's cloud-based network,

wherein the TTPs comprises a cyber-threat behavior, a cyber-threat method, a cyber-threat tool, and a cyber-threat strategy,

wherein the TTPs execute a computer-system security threat on a specified network;

mapping a disclosed data breach to the TTPs represented through a set of security vectors; and

using the functionality to map one or more kill chains or Tactics, Techniques, and Procedures (TTPs) for a specified set of security dimensions to determine a vulnerability rating for an enterprise against a known data breach which indicates if the enterprise is susceptible to the same data breach,

computing a plurality of security vectors for every enterprise which helps map the enterprise's cloud data store posture and characteristics and with the security vectors and security rule, representing the TTPs for a plurality of known cloud data breaches;

and once the TTPs are mapped, protecting the enterprise, for any new known cloud data breach by providing a vulnerability rating which indicates a chance that an enterprise has a same posture which leads to the cloud data breach.