公开(公告)号：US11991210B2

公开(公告)日：2024-05-21

申请号：US17080204

申请日：2020-10-26

申请人： Microsoft Technology Licensing, LLC

发明人： Omer Karin ,  Amit Magen ,  Moshe Israel ,  Tamer Salman

IPC分类号： H04L9/40 ,  G06F21/57 ,  G06N20/00

CPC分类号： H04L63/20 ,  G06F21/57 ,  G06F21/572 ,  G06N20/00 ,  G06F2221/034

摘要： Methods, systems, apparatuses, and computer-readable storage mediums are described for machine learning-based techniques for identifying a deployment environment in which computing resources (e.g., servers, virtual machines, databases, etc.) reside and for enhancing security for the identified deployment environment. For instance, usage data is collected from the computing resources. The usage data is featurized and provided to a machine learning-based classification model that determines a deployment environment in which the computing resources reside based on the featurized usage data. Once the deployment environment is identified, a security policy that is applicable for the identified deployment environment is determined. The security policy specifies a plurality of recommended security settings that should be applied to the computing resources included in the identified deployment environment. The recommended security settings may be provided to the user (e.g., via a graphical user interface) for application thereby and/or may be automatically activated.

公开(公告)号：US11956239B2

公开(公告)日：2024-04-09

申请号：US17496020

申请日：2021-10-07

申请人： MICROSOFT TECHNOLOGY LICENSING, LLC

发明人： Idan Hen ,  Aharon Michaels ,  Dotan Patrich ,  Josef Weizman ,  Amit Magen

IPC分类号： H04L29/06 ,  G06N20/00 ,  H04L9/40

CPC分类号： H04L63/101 ,  G06N20/00 ,  H04L63/105 ,  H04L63/20

摘要： Technologies are shown for detection of identity misconfiguration that involve collecting identity/role binding and role/access rules data from multiple clusters supported by a computing resource system. Access rules for identities are extracted from the collected data and an access rule prediction model created to predict access rules for identities. An identity definition request for a tenant is received having a requested identity and a role assigned to the identity. A set of access rules is obtained for the role assigned to the identity and a predicted set of access rules is obtained for the requested identity from the prediction model. The access rules for the requested role are compared to the predicted set of access rules and a misconfiguration alert generated when there is a difference between the set of access rules for the requested role and the predicted set of access rules for the requested identity.