20240039929. SYSTEM AND METHOD FOR THREAT DETECTION ACROSS MULTIPLE CLOUD ENVIRONMENTS UTILIZING NORMALIZED EVENT LOGS simplified abstract (Wiz, Inc.)

From WikiPatents
Jump to navigation Jump to search

SYSTEM AND METHOD FOR THREAT DETECTION ACROSS MULTIPLE CLOUD ENVIRONMENTS UTILIZING NORMALIZED EVENT LOGS

Organization Name

Wiz, Inc.

Inventor(s)

George Pisha of Giv'atayim (IL)

Liran Moysi of Kfar Saba (IL)

Itay Vanzetti of Petah Tikva (IL)

Alon Schindel of Tel Aviv (IL)

SYSTEM AND METHOD FOR THREAT DETECTION ACROSS MULTIPLE CLOUD ENVIRONMENTS UTILIZING NORMALIZED EVENT LOGS - A simplified explanation of the abstract

This abstract first appeared for US patent application 20240039929 titled 'SYSTEM AND METHOD FOR THREAT DETECTION ACROSS MULTIPLE CLOUD ENVIRONMENTS UTILIZING NORMALIZED EVENT LOGS

Simplified Explanation

The patent application describes a system and method for improving cloud detection and response by generating a normalized event log from multiple cloud service providers (CSPs). Here is a simplified explanation of the abstract:

  • The system receives multiple events generated in different cloud computing environments provided by different CSPs.
  • Data is extracted from each event.
  • A normalized event is generated based on the extracted data and a predefined data schema.
  • The normalized event is stored in a transactional database that maintains a normalized event log.
  • A rule engine applies rules on the normalized event stored in the database to detect cybersecurity threats in any of the CSPs.

Potential applications of this technology:

  • Enhancing cybersecurity in cloud computing environments.
  • Improving incident response and threat detection in multi-cloud environments.
  • Enabling centralized monitoring and analysis of events across multiple CSPs.

Problems solved by this technology:

  • Lack of standardized event formats across different CSPs.
  • Difficulty in correlating events from multiple CSPs for threat detection.
  • Inefficiency in manual analysis of event logs from different CSPs.

Benefits of this technology:

  • Improved detection and response to cybersecurity threats in cloud environments.
  • Centralized and standardized event logging for easier analysis.
  • Enhanced visibility and monitoring across multiple CSPs.


Original Abstract Submitted

a system and method improves cloud detection and response by generating a normalized event log from a plurality of cloud service providers (csps). the method includes receiving a plurality of events, wherein a first event of the plurality of events is generated in a cloud computing environment provided by a first csp and a second event of the plurality of events is generated in a cloud computing environment provided by a second csp; extracting data from an event of the plurality of events; generating a normalized event based on the extracted data and a predefined data schema, the predefined data schema including a plurality of data fields; storing the normalized event in a transactional database having stored therein a normalized event log; and applying a rule from a rule engine on a normalized event stored in the transactional database to detect a cybersecurity threat in any of the csps.

Retrieved from "http://wikipatents.org/index.php?title=20240039929._SYSTEM_AND_METHOD_FOR_THREAT_DETECTION_ACROSS_MULTIPLE_CLOUD_ENVIRONMENTS_UTILIZING_NORMALIZED_EVENT_LOGS_simplified_abstract_(Wiz,_Inc.)&oldid=30934"