US 11,811,787 B1
System and method for detecting lateral movement using cloud access keys
Avi Tal Lichtenstein, Tel Aviv (IL); Ami Luttwak, Binyamina (IL); and Daniel Hershko Shemesh, Givat-Shmuel (IL)
Assigned to WIZ, INC., New York, NY (US)
Filed by Wiz, Inc., Palo Alto, CA (US)
Filed on Mar. 31, 2022, as Appl. No. 17/657,494.
Claims priority of provisional application 63/170,125, filed on Apr. 2, 2021.
Int. Cl. H04L 9/40 (2022.01)
CPC H04L 63/14 (2013.01) 19 Claims
OG exemplary drawing
 
1. A method for detecting potential lateral movement using cloud keys in a cloud computing environment, comprising:
determining a first node in a security graph is a compromised node, wherein the security graph represents cloud entities of the cloud computing environment, wherein the first node represents a first cloud entity of the cloud computing environment;
detecting a cloud key node connected to the first node, wherein the cloud key node represents a cloud key of the cloud computing environment; and
generating a potential lateral movement path, including the first node, and a second node, wherein the second node is connected to the cloud key node, the second node representing a second cloud entity of the cloud computing environment.