US 12,413,610 B1
Assessing security of service provider computing systems
Shawn Wallis, Fremont, CA (US); David Lorenzi, Phoenix, AZ (US); Matthew Michael Rogers, Charlotte, NC (US); and Christopher Heschong, Greensboro, NC (US)
Assigned to Wells Fargo Bank, N.A., San Francisco, CA (US)
Filed by Wells Fargo Bank, N.A., San Francisco, CA (US)
Filed on Nov. 18, 2021, as Appl. No. 17/455,634.
Int. Cl. H04L 9/40 (2022.01); G06F 40/30 (2020.01)
CPC H04L 63/1433 (2013.01) [G06F 40/30 (2020.01)] 20 Claims
OG exemplary drawing
 
1. A method comprising:
collecting, by a computing system, information about interactions with a service provider computing system, wherein the interactions with the service provider computing system are based on activity of user devices on a private network that are authenticated to access data at the service provider computing system;
identifying, by the computing system and based on the information about the interactions, a plurality of network paths, each associated with a data object accessed by at least one of the user devices at the service provider computing system;
requesting, by the computing system using a device not on the private network and not authenticated to access data at the service provider computing system and based on the plurality of network paths, data from the service provider computing system;
responsive to requesting the data, receiving, by the computing system, a response;
determining, by the computing system and based on the response, whether the response includes sensitive information; and
taking action by the computing system based on whether the response includes sensitive data.