Lacework has been granted a patent for a guided anomaly detection framework that gathers data on cloud deployment activity, generates natural language prompts for security workflows, and provides the prompts to a natural language interface for the anomaly detection framework. GlobalData’s report on Lacework gives a 360-degree view of the company including its patenting strategy. Buy the report here.
According to GlobalData’s company profile on Lacework, Network threat detection was a key innovation area identified from patents. Lacework's grant share as of September 2023 was 54%. Grant share is based on the ratio of number of grants to total number of patents.
Guided anomaly detection framework for cloud deployment monitoring
A recently granted patent (Publication Number: US11770398B1) describes a method and computer program product for a guided anomaly detection framework in a cloud deployment. The method involves gathering data that describes activity associated with the anomaly detection framework. Based on this data, a prompt is generated, which consists of one or more natural language inputs for a security workflow. Each natural language input corresponds to a query for information related to the cloud deployment. The selected natural language input is then provided to a natural language interface of the anomaly detection framework.
The method also includes providing a response to the selected natural language input based on the corresponding query. The data describing activity associated with the anomaly detection framework can include information about events detected in the cloud deployment, such as security threats or anomalies in activity. It can also include user interactions with the anomaly detection framework, including previous queries or natural language inputs provided by a domain expert.
Additionally, the data can describe the state of assets within the cloud deployment. If the cloud deployment is associated with a particular customer, the method involves gathering data associated with other cloud deployments of other customers. The prompt generated for the security workflow can be based on this additional data.
The security workflow can consist of a series of related natural language inputs, and the prompt can specifically request a particular natural language input in the progression of these inputs. The computer program product, which is stored on a non-transitory computer-readable medium, includes instructions for carrying out the steps of the method.
In summary, this patent presents a method and computer program product for a guided anomaly detection framework in a cloud deployment. By utilizing natural language inputs and a natural language interface, the framework can effectively monitor and respond to security threats and anomalies in cloud activity. The inclusion of user interactions and data from multiple cloud deployments enhances the accuracy and effectiveness of the anomaly detection process.