-
公开(公告)号:US20230214488A1
公开(公告)日:2023-07-06
申请号:US18182750
申请日:2023-03-13
Applicant: Orca Security Ltd.
Inventor: Avi Shua
CPC classification number: G06F21/565 , G06F21/554 , G06F21/552
Abstract: Systems, methods, and non-transitory computer readable media including instructions for securing virtual cloud assets at rest against cyber threats are disclosed. Securing virtual cloud assets at rest against cyber threats includes determining a location of a snapshot of a virtual disk of a protected virtual cloud asset, wherein the protected virtual cloud asset is at rest, the protected virtual cloud asset being configured to be instantiated in the cloud computing environment when activated; accessing the snapshot of the virtual disk based on the determined location; analyzing the snapshot of the protected virtual cloud asset to detect potential cyber threats risking the protected virtual cloud asset, wherein during the detection of the potential cyber threats by analyzing the snapshot, the protected virtual cloud asset is at rest; and alerting detected potential cyber threats based on filtering or prioritizing using a determined risk of each detected threat.
-
公开(公告)号:US20220350931A1
公开(公告)日:2022-11-03
申请号:US17716583
申请日:2022-04-08
Applicant: Orca Security LTD.
Inventor: Avi Shua
Abstract: A cybersecurity scanner deployment system, comprising: at least one processor configured to: access a primary account maintained in a cloud environment; receive information defining a structure of the primary account, the structure including a plurality of assets, and the information excluding raw data of the primary account; deploy, inside the primary account or a secondary account for which trust is established with the primary account, at least one ephemeral scanner configured to scan at least one block storage volume and output metadata defining the at least one block storage volume, the output excluding raw data of the primary account; receive a transmission of the metadata from the at least one ephemeral scanner, excluding raw data of the primary account; analyze the metadata to identify cybersecurity vulnerabilities; correlate each of the cybersecurity vulnerabilities with one of the assets; and generate a report correlating the cybersecurity vulnerabilities with the assets.
-
公开(公告)号:US20220345483A1
公开(公告)日:2022-10-27
申请号:US17716491
申请日:2022-04-08
Applicant: Orca Security LTD.
Inventor: Avi Shua
IPC: H04L9/40
Abstract: Methods and systems for assessing internet exposure of a cloud-based workload are disclosed. A method comprises accessing at least one cloud provider API to determine a plurality of entities capable of routing traffic in a virtual cloud environment associated with a target account containing the workload, querying the at least one cloud provider API to determine at least one networking configuration of the entities, building a graph connecting the plurality of entities based on the networking configuration, accessing a data structure identifying services publicly accessible via the Internet and capable of serving as an internet proxy; integrating the identified services into the graph; traversing the graph to identify at least one source originating via the Internet and reaching the workload, and outputting a risk notification associated with the workload. Systems and computer-readable media implementing the above method are also disclosed.
-
-
Search Results
23
records
(took 0.013 seconds)
