	US 12,445,471 B2
	Techniques of monitoring network traffic in a cloud computing environment
Pojan Shahrivar, Stockholm (SE); and Stuart Millar, Bangor (GB)
Assigned to Rapid7, Inc., Boston, MA (US)
Filed by Rapid7, Inc., Boston, MA (US)
Filed on Mar. 31, 2023, as Appl. No. 18/129,809.
Prior Publication US 2024/0333737 A1, Oct. 3, 2024
Int. Cl. H04L 9/40 (2022.01)

CPC H04L 63/1425 (2013.01) [H04L 63/1416 (2013.01); H04L 63/20 (2013.01)]

20 Claims

1. A system for monitoring network traffic in a cloud computing environment, the system comprising:

at least a first computing device comprising a first set of one or more processors configured to execute a computer network security system, the computer network security system configured to perform:

detecting a plurality of events in the cloud computing environment,

generating a plurality of datasets containing information about at least some of the detected plurality of events, and

providing the plurality of datasets to a configuration generation and recommendation (CGR) system; and

at least a second computing device comprising a second set of one or more processors configured to execute the CGR system, the CGR system configured to perform:

obtaining the plurality of datasets from the computer network security system;

generating, using at least one trained ML model, a plurality of signatures representing the plurality of events, the generating comprising processing the plurality of datasets using the at least one trained ML model to obtain the plurality of signatures;

clustering the plurality of signatures to obtain signature clusters representing clusters of events in the plurality of events;

identifying a particular event cluster from among the clusters of events; and

updating the configuration of the computer network security system based on characteristics of events in the identified particular event cluster.