US 12,406,053 B2
Assessing data security of a managed database deployed in the cloud using a secured sandbox environment
Gabriel Beyo, Modiin (IL); Tal Shabi, Natanya (IL); Eytan Shalom Naim, Modiin (IL); Elad Erez, Rehovot (IL); James Arthur Burtoft, Bellefonte, PA (US); and Paul Aiuto, Miller Place, NY (US)
Assigned to Imperva, Inc., San Mateo, CA (US)
Filed by Imperva, Inc., San Mateo, CA (US)
Filed on Jul. 22, 2022, as Appl. No. 17/814,496.
Claims priority of provisional application 63/224,830, filed on Jul. 22, 2021.
Prior Publication US 2023/0025740 A1, Jan. 26, 2023
Int. Cl. G06F 21/53 (2013.01); G06F 21/57 (2013.01)
CPC G06F 21/53 (2013.01) [G06F 21/577 (2013.01); G06F 2221/034 (2013.01); G06F 2221/2141 (2013.01)] 17 Claims
OG exemplary drawing
 
1. A method performed by a cloud computing platform of a cloud service to assess a data security of a database deployed in a cloud environment associated with a user of the cloud service, the method comprising:
creating a sandbox environment in the cloud environment associated with the user;
configuring security permissions and network access for the sandbox environment, wherein the sandbox environment includes a routing table and a firewall that is configured to block network access to a public network;
loading scanner code in the sandbox environment, wherein the scanner code includes code for performing a data security assessment;
loading and restoring a snapshot of the database in the sandbox environment, wherein the snapshot of the database represents a state of the database;
setting a unique password for admin access to the restored snapshot of the database;
executing the scanner code in the sandbox environment to perform the data security assessment on the restored snapshot of the database; and
tearing down the sandbox environment in response to a determination that the scanner code has finished execution.