MONITORING AND REMEDIATION OF SECURITY DRIFT EVENTS IN A PUBLIC CLOUD NETWORK

Organization Name

Salesforce, Inc.

Inventor(s)

Neha Kerkar of Bellevue WA (US)

Prabhat Singh of San Jose CA (US)

Amit Chakrabarty of San Francisco CA (US)

Aditya Suresh Kumar of San Francisco CA (US)

MONITORING AND REMEDIATION OF SECURITY DRIFT EVENTS IN A PUBLIC CLOUD NETWORK - A simplified explanation of the abstract

This abstract first appeared for US patent application 20240259396 titled 'MONITORING AND REMEDIATION OF SECURITY DRIFT EVENTS IN A PUBLIC CLOUD NETWORK

The abstract describes a computer-implemented method for monitoring and remediating security drift in a public cloud network. This involves detecting unintended changes to existing security controls made through unauthorized channels by unauthorized users.

• Cloud server application with multiple client accounts is provided.
• Client account clusters are deployed, including a master account with a drift detection component and service accounts with serverless application components.
• Cloud infrastructure resources are instantiated in the service accounts.
• Security drift events in client account clusters are detected by the drift detection components.
• Remediation rules are obtained and a drift remediation strategy is implemented based on these rules by a rules engine.

Potential Applications: - Cloud security management - Network monitoring and remediation - Unauthorized access prevention

Problems Solved: - Detecting unauthorized changes to security controls - Preventing security drift in cloud networks

Benefits: - Enhanced security in public cloud environments - Timely detection and remediation of security drift events - Improved compliance with security protocols

Commercial Applications: Title: Cloud Security Drift Monitoring and Remediation Technology This technology can be used by cloud service providers, IT security companies, and businesses utilizing public cloud services to ensure the integrity of their security controls and prevent unauthorized access.

Prior Art: Researchers in the field of cloud security and network monitoring have explored various methods for detecting and remediating security vulnerabilities in cloud environments. Prior art may include studies on anomaly detection, intrusion prevention systems, and security automation tools.

Frequently Updated Research: Ongoing research in cloud security focuses on developing more advanced algorithms for detecting and remediating security drift events in real-time. Researchers are also exploring the integration of artificial intelligence and machine learning technologies to enhance the effectiveness of security monitoring and remediation processes.

Questions about Cloud Security Drift Monitoring and Remediation Technology: 1. How does this technology compare to traditional methods of security monitoring in cloud networks? 2. What are the key challenges in implementing a proactive security drift detection and remediation strategy in public cloud environments?

Original Abstract Submitted

a computer-implemented method for monitoring and remediating security drift in a public cloud network is disclosed. the security drift event includes an unintended change to existing security controls effected through an unauthorized deployment channel, performed by an unauthorized user. the method includes providing a cloud server application including a number of cloud client accounts, and deploying the cloud client accounts in client account clusters. the client account clusters include a master account that includes a drift detection component and a number of service accounts including serverless application components. the method further includes instantiating cloud infrastructure resources in the service accounts, and detecting a security drift event in the client account cluster, by the drift detection components. the method further includes, responsive to the security drift event, obtaining one or more remediation rules, and implementing a drift remediation strategy based on the one or more remediation rules, by a rules engine.