US Patent 11553036 System and method for cloud security monitoring

The invention relates to a computer-implemented system for security monitoring of Member accounts in a cloud environment. The Member accounts are provided as instances of cloud services in one or more monitored clouds by one or more cloud service providers. The system is programmed to automatically deploy software agents to the Member accounts. The software agents are configured to monitor activities in the Member accounts and to push security and operations data to a SIEM platform. The security and operations data may comprise alerts and activity logs for the Member accounts, public internet protocol (IP) addresses used by the Member accounts, and identifying information for individuals and information technology (IT) assets associated with the Member accounts. The system includes a user interface to define customized alerts based on the security and operations data, and the system generates and sends the customized alerts to a system administrator or security analyst.