LATERAL MOVEMENT ANALYSIS USING CERTIFICATE PRIVATE KEYS

Organization Name

Inventor(s)

LATERAL MOVEMENT ANALYSIS USING CERTIFICATE PRIVATE KEYS

This abstract first appeared for US patent application 20250016172 titled 'LATERAL MOVEMENT ANALYSIS USING CERTIFICATE PRIVATE KEYS

Original Abstract Submitted

a system and method for detecting potential lateral movement in a cloud computing environment includes detecting a private encryption key and a certificate, each of which further include a hash value of a respective public key, wherein the certificate is stored on a first resource deployed in the cloud computing environment; generating in a security graph: a private key node, a certificate node, and a resource node connected to the certificate node, wherein the security graph is a representation of the cloud computing environment; generating a connection in the security graph between the private key node and the certificate node, in response to determining a match between the hash values of the public key of the private key and the public key of the certificate; and determining that the first resource node is potentially compromised, in response to receiving an indication that an element of the public key is compromised.