| CPC H04L 63/1433 (2013.01) | 19 Claims |
|
1. A method of automatically managing enterprise security for an enterprise utilizing at least one serverless service, the method comprising:
executing an at least partially automated environment discovery process in which an overall security footprint of the enterprise is determined, the overall security footprint including a set of security requirements based on characteristics of the enterprise and a set of attributes associated with each of a plurality of serverless services utilized by the enterprise;
automatically identifying, via an enterprise security assessment tool, one or more security configurations capable of meeting the set of security requirements of the enterprise based on the sets of attributes associated with the plurality of serverless services; and
generating one or more user interfaces including a depiction of one or more security risks identified during the at least partially automated environment discovery process and a score regarding severity of the one or more security risks;
wherein executing the at least partially automated environment discovery process includes:
reviewing event logs generated by each of a plurality of services used by the enterprise; and
at the enterprise security assessment tool, identifying one or more security applications and associated settings useable to achieve the one or more security configurations based, at least in part, on a model generated from historical security settings utilized or recommended to one or more enterprises other than the enterprise, and
wherein at least one of the event logs comprises a synthetic event log generated from interactions with a simulated cloud component.
|