Abstract: Embodiments of the present disclosure include a non-transitory computer readable medium that when executed by at least one processor cause the at least one processor to perform operations for dynamic cloud workload protection, the operations comprising: installing an agentless scanning system, the agentless scanning system being configured to scan a cloud server, the cloud server including a network and a memory; detecting, using a cloud provider application program interface (API), an installation of a new workload in the cloud server, the new workload including disks; scanning, using the agentless scanning system, the disks of the new workload; installing an agent on the new workload; monitoring, using the agent, the disks, the network, and the memory of the new workload; generating, using the agent, a notification when an interesting event occurs; scanning, using the agentless scanning system, the cloud server; and generating at least one command to perform one or more of a remediation or a policy update.

Abstract: A system and method for securing virtual cloud assets in a cloud computing environment against cyber threats. The method includes: determining a location of a snapshot of at least one virtual disk of a protected virtual cloud asset, wherein the virtual cloud asset is instantiated in the cloud computing environment; accessing the snapshot of the virtual disk based on the determined location; analyzing the snapshot of the protected virtual cloud asset to detect potential cyber threats risking the protected virtual cloud asset; and alerting detected potential cyber threats based on a determined priority.

Abstract: Disclosed herein are methods, systems, and computer-readable media for vulnerability management. In an embodiment, a method may include a step of identifying a series of vulnerabilities. In some embodiments, the method may further include determining a risk associated with each vulnerability. In some embodiments, the method may include determining one or more characteristics related to a manner of repairing each vulnerability. In some embodiments, the method may further include identifying, based on at least one commonality between the one or more characteristics, one or more subsets of vulnerabilities. In some embodiments, the method may further include displaying the one or more subsets of vulnerabilities in an order, the order being based on the at least one commonality and the determined risk, wherein each subset is enabled to be addressed as a group.

Abstract: Embodiments of the present disclosure include a non-transitory computer readable medium that when executed by at least one processor cause the at least one processor to generate automatic suggestions for changes to infrastructure as code (IaC) to remediate cloud security issues, the operations comprising: scanning at least one cloud account; generating an inventory of cloud assets based on the scanning of the at least one cloud account; scanning at least one repository of source files of an infrastructure as code (IaC) associated with the at least one cloud account; creating an inventory of IaC assets; matching each asset of the inventory of cloud assets with one or more assets of the inventory of IaC assets; identifying a vulnerability in at least one asset of the inventory of cloud assets; determining at least one asset of the inventory of IaC assets associated with the at least one asset of the inventory of cloud assets based on the matching; and generating at least one alert.

Abstract: A system and method for securing virtual cloud assets in a cloud computing environment against cyber threats. The method includes: determining a location of a snapshot of at least one virtual disk of a protected virtual cloud asset, wherein the virtual cloud asset is instantiated in the cloud computing environment; accessing the snapshot of the virtual disk based on the determined location; analyzing the snapshot of the protected virtual cloud asset to detect potential cyber threats risking the protected virtual cloud asset; and alerting detected potential cyber threats based on a determined priority.

Abstract: A system and method for securing virtual cloud assets in a cloud computing environment against cyber threats. The method includes: determining a location of a snapshot of at least one virtual disk of a protected virtual cloud asset, wherein the virtual cloud asset is instantiated in the cloud computing environment; accessing the snapshot of the virtual disk based on the determined location; analyzing the snapshot of the protected virtual cloud asset to detect potential cyber threats risking the protected virtual cloud asset; and alerting detected potential cyber threats based on a determined priority.

Abstract: A system and method for securing virtual cloud assets in a cloud computing environment against cyber threats. The method includes: determining a location of a snapshot of at least one virtual disk of a protected virtual cloud asset, wherein the virtual cloud asset is instantiated in the cloud computing environment; accessing the snapshot of the virtual disk based on the determined location; analyzing the snapshot of the protected virtual cloud asset to detect potential cyber threats risking the protected virtual cloud asset; and alerting detected potential cyber threats based on a determined priority.

Abstract: A system and method for securing virtual cloud assets in a cloud computing environment against cyber threats. The method includes: determining a location of a snapshot of at least one virtual disk of a protected virtual cloud asset, wherein the virtual cloud asset is instantiated in the cloud computing environment; accessing the snapshot of the virtual disk based on the determined location; analyzing the snapshot of the protected virtual cloud asset to detect potential cyber threats risking the protected virtual cloud asset; and alerting detected potential cyber threats based on a determined priority.

Abstract: A system and method for securing virtual cloud assets in a cloud computing environment against cyber threats. The method includes: determining a location of a snapshot of at least one virtual disk of a protected virtual cloud asset, wherein the virtual cloud asset is instantiated in the cloud computing environment; accessing the snapshot of the virtual disk based on the determined location; analyzing the snapshot of the protected virtual cloud asset to detect potential cyber threats risking the protected virtual cloud asset; and alerting detected potential cyber threats based on a determined priority.

Abstract: Systems, methods, and non-transitory computer readable media including instructions for securing virtual cloud assets at rest against cyber threats are disclosed. Securing virtual cloud assets at rest against cyber threats includes determining a location of a snapshot of a virtual disk of a protected virtual cloud asset, wherein the protected virtual cloud asset is at rest, the protected virtual cloud asset being configured to be instantiated in the cloud computing environment when activated; accessing the snapshot of the virtual disk based on the determined location; analyzing the snapshot of the protected virtual cloud asset to detect potential cyber threats risking the protected virtual cloud asset, wherein during the detection of the potential cyber threats by analyzing the snapshot, the protected virtual cloud asset is at rest; and alerting detected potential cyber threats based on filtering or prioritizing using a determined risk of each detected threat.

Abstract: A system and method for securing virtual cloud assets in a cloud computing environment against cyber threats. The method includes: determining a location of a snapshot of at least one virtual disk of a protected virtual cloud asset, wherein the virtual cloud asset is instantiated in the cloud computing environment; accessing the snapshot of the virtual disk based on the determined location; analyzing the snapshot of the protected virtual cloud asset to detect potential cyber threats risking the protected virtual cloud asset; and alerting detected potential cyber threats based on a determined priority.

Abstract: A system and method for securing virtual cloud assets in a cloud computing environment against cyber threats. The method includes: determining a location of a snapshot of at least one virtual disk of a protected virtual cloud asset, wherein the virtual cloud asset is instantiated in the cloud computing environment; accessing the snapshot of the virtual disk based on the determined location; analyzing the snapshot of the protected virtual cloud asset to detect potential cyber threats risking the protected virtual cloud asset; and alerting detected potential cyber threats based on a determined priority.

Abstract: A cybersecurity scanner deployment system, comprising: at least one processor configured to: access a primary account maintained in a cloud environment; receive information defining a structure of the primary account, the structure including a plurality of assets, and the information excluding raw data of the primary account; deploy, inside the primary account or a secondary account for which trust is established with the primary account, at least one ephemeral scanner configured to scan at least one block storage volume and output metadata defining the at least one block storage volume, the output excluding raw data of the primary account; receive a transmission of the metadata from the at least one ephemeral scanner, excluding raw data of the primary account; analyze the metadata to identify cybersecurity vulnerabilities; correlate each of the cybersecurity vulnerabilities with one of the assets; and generate a report correlating the cybersecurity vulnerabilities with the assets.

Abstract: A system and method for securing virtual cloud assets in a cloud computing environment against cyber threats. The method includes: determining a location of a snapshot of at least one virtual disk of a protected virtual cloud asset, wherein the virtual cloud asset is instantiated in the cloud computing environment; accessing the snapshot of the virtual disk based on the determined location; analyzing the snapshot of the protected virtual cloud asset to detect potential cyber threats risking the protected virtual cloud asset; and alerting detected potential cyber threats based on a determined priority.

Abstract: A system and method for securing virtual cloud assets in a cloud computing environment against cyber threats. The method includes: determining a location of a snapshot of at least one virtual disk of a protected virtual cloud asset, wherein the virtual cloud asset is instantiated in the cloud computing environment; accessing the snapshot of the virtual disk based on the determined location; analyzing the snapshot of the protected virtual cloud asset to detect potential cyber threats risking the protected virtual cloud asset; and alerting detected potential cyber threats based on a determined priority.

Abstract: A cyber security system for a cloud environment is disclosed. In some embodiments, a method is disclosed. The method comprises utilizing a cloud provider API to access a block storage volume of a workload maintained on a target account in a target system of a cloud storage environment, utilizing a scanner at a location of the block storage volume and on a secondary system other than the target system, scanning the block storage volume for malicious code using the secondary system, identifying malicious code based on the scan, and outputting a notification of a presence of malicious code in the target system from the secondary system.

Abstract: A cybersecurity scanner deployment system, comprising: at least one processor configured to: access a primary account maintained in a cloud environment; receive information defining a structure of the primary account, the structure including a plurality of assets, and the information excluding raw data of the primary account; deploy, inside the primary account or a secondary account for which trust is established with the primary account, at least one ephemeral scanner configured to scan at least one block storage volume and output metadata defining the at least one block storage volume, the output excluding raw data of the primary account; receive a transmission of the metadata from the at least one ephemeral scanner, excluding raw data of the primary account; analyze the metadata to identify cybersecurity vulnerabilities; correlate each of the cybersecurity vulnerabilities with one of the assets; and generate a report correlating the cybersecurity vulnerabilities with the assets.

Abstract: A system for inspecting data, the system comprising: at least one processor configured to: establish a trusted relationship between a source account in a cloud environment and a scanner account; using the established trust relationship, utilize at least one cloud provider API to identify workloads in the source account; use the at least one cloud provider API to query a geographical location of at least one of the identified workloads; receive an identification of the geographic location; use the cloud provider APIs to access block storage volumes of the at least one workload; determine a file-system of the at least one workload; mount the block storage volumes on a scanner based on the determined file-system; activate a scanner at the geographic location; reconstruct from the block storage volumes a state of the workload; and assess the reconstructed state of the workload to extract insights.

Abstract: Methods and systems for assessing internet exposure of a cloud-based workload are disclosed. A method comprises accessing at least one cloud provider API to determine a plurality of entities capable of routing traffic in a virtual cloud environment associated with a target account containing the workload, querying the at least one cloud provider API to determine at least one networking configuration of the entities, building a graph connecting the plurality of entities based on the networking configuration, accessing a data structure identifying services publicly accessible via the Internet and capable of serving as an internet proxy; integrating the identified services into the graph; traversing the graph to identify at least one source originating via the Internet and reaching the workload, and outputting a risk notification associated with the workload. Systems and computer-readable media implementing the above method are also disclosed.

Abstract: A system and method for securing virtual cloud assets in a cloud computing environment against cyber threats. The method includes: determining a location of a snapshot of at least one virtual disk of a protected virtual cloud asset, wherein the virtual cloud asset is instantiated in the cloud computing environment; accessing the snapshot of the virtual disk based on the determined location; analyzing the snapshot of the protected virtual cloud asset to detect potential cyber threats risking the protected virtual cloud asset; and alerting detected potential cyber threats based on a determined priority.