US Patent 11863581 Subscription-based malware detection

A computerized method is described for authenticating access to a subscription-based service to detect an attempted cyber-attack. More specifically, service policy level information is received by a cloud broker. The service policy level information includes an identifier of a sensor operating as a source of one or more objects for analysis and an identifier assigned to a customer associated with the sensor. Thereafter, a cluster of a plurality of clusters is selected by the cloud broker. The cloud broker is configured to (i) analyze whether one or more objects are associated with an attempted cyber-attack by at least analyzing the sensor identifier to select the cluster based on at least a geographical location of the sensor determined by the sensor identifier and (ii) establish a communication session between the sensor and the cluster via the cloud broker until termination of the communication session.