CyberArk Software Ltd.
Analyzing and addressing least-privilege security threats on a composite basis

Abstract:

Disclosed embodiments relate to systems and methods for analyzing and addressing least-privilege security threats on a composite basis. Techniques include identifying a permission associated with a secured resource, identifying attributes associated with the permission, weighting the attributes, and, based on the attributes and their weights, creating a normalized score corresponding to the risk presented by the permission. Further techniques include identifying attributes associated with the secured resource, identifying special risk factors, and creating weighted scores based on the resource attributes and special risk factors. Other techniques include aggregating the weighted scores and using the weighted scores to identify insecure areas within the system.