Normalyze Shows Technical Leadership with First Patent for DSPM

Ravi Ithal
March 21, 2023

Security professionals are used to vendors tooting company horns about their products and services. It’s part of what you expect vendors to do! But one event stands above all others in showing technical leadership: earning the grant of a patent from the United States Patent and Trademark Office. Normalyze has received a grant of U.S. Patent # 11,575,696 for Cloud Data Attack Path Detection Based on Cloud Security Posture and Resource Network Path Tracing.

The patent’s name is quite a mouthful, but in plain English, it represents the industry’s very first patent that brings to life the promised benefits of Data Security Posture Management. Its technology connects the risks to sensitive data in customer cloud environments, allowing them to focus on what matters most instead of chasing thousands of alerts generated by other siloed products.

Getting the first and most important patent for DSPM is a big deal for Normalyze – and for enterprises that want to take a modern, effective approach to secure cloud-resident sensitive data. Consider there are currently at least ten different vendors in the DSPM space. Each tells a similar message, but it’s Normalyze that has shown its thought leadership by inventing the core technology underpinning DSPM. 

 

I want to thank patent co-inventors, Yang Zhang and Mummoorthy Murugesan for their enlightening collaboration as we conceived and proved the concept. And I’m proud of the Normalyze technical team’s accomplishment of helping to articulate this vision with the Normalyze platform. Thank you, team!

You can read our 66-page patent here. As a special treat, I’m quoting the abstract below. For non-engineers, everything is explained clearly here on our website. Meanwhile, stay tuned for more innovations in the next few months. 

U.S. Patent # 11,575,696

CLOUD DATA ATTACK DETECTION BASED ON CLOUD SECURITY POSTURE AND RESOURCE NETWORK PATH TRACING

ABSTRACT

The technology disclosed relates to streamlined analysis of security posture of a cloud environment. In particular, the disclosed technology relates to accessing permissions data and access control data for pairs of compute resources and storage resources in the cloud environment, tracing network communication paths between the pairs of the compute resources and the storage resources based on the permissions data and the access control data, accessing sensitivity classification data for objects in the storage resources, qualifying a subset of the pairs of the compute resources and the storage resources as vulnerable to breach attack based on an evaluation of the permissions data, the access control data, and the sensitivity classification data against a set risk criterion, and generating a representation of propagation of the breach attack along the network communication paths, the representation of identifying relationships between the subset of the pairs of the compute resources and the storage resources.

26 Claims, 47 Drawing Sheets
Ravi Ithal

Ravi has extensive background in enterprise and cloud security. Before Normalyze, Ravi was the cofounder and chief architect of Netskope, a leading provider of cloud-native solutions to businesses for data protection and defense against threats in the cloud. Prior to Netskope, Ravi was one of the founding engineers of Palo Alto Networks (NASDAQ: PANW). Prior to his time at Palo Alto Networks, Ravi held engineering roles at Juniper (NASDAQ: JNPR) and Cisco (NASDAQ: CSCO)

FEATURED

Gartner® Innovation Insight: Data Security Posture Management

FEATURED

DSPM-chat-Richard Stiennon-Ravi-Ithal-Normalyze
Cloud migration & data security: iSMG interviews Amer Deeba
UPCOMING EVENTS
AWS re:Inforce 2023

Anaheim Convention Center
June 13-24, Anaheim, CA

Black Hat USA 2023

Mandalay Bay Convention Center
August 5-10, Las Vegas, NV