US 12,010,122 B2
System and method for detecting lateral movement using cloud access keys
Avi Tal Lichtenstein, Tel Aviv (IL); Ami Luttwak, Binyamina (IL); and Daniel Hershko Shemesh, Givat-Shmuel (IL)
Assigned to Wiz, Inc., New York, NY (US)
Filed by Wiz, Inc., New York, NY (US)
Filed on Sep. 26, 2023, as Appl. No. 18/474,974.
Application 18/474,974 is a continuation of application No. 17/657,494, filed on Mar. 31, 2022, granted, now 11,811,787.
Claims priority of provisional application 63/170,125, filed on Apr. 2, 2021.
Prior Publication US 2024/0031376 A1, Jan. 25, 2024
Int. Cl. H04L 9/40 (2022.01)
CPC H04L 63/14 (2013.01) 17 Claims
OG exemplary drawing
 
1. A method for detecting potential lateral movement in a cloud computing environment, comprising:
generating in a security database a representation of a cloud computing environment, the cloud computing environment including a plurality of cloud entities;
determining a first node in the security database is a compromised node wherein the first node represents a first cloud entity of the plurality of cloud entities;
detecting a credential node connected to the first node, wherein the credential node represents a credential utilized in the cloud computing environment; and
generating a potential lateral movement path, including the first node, and a second node representing a second cloud entity of the plurality of cloud entities, wherein the second node is connected to the credential node.