US Patent 11991216 Policy-based cloud asset and security management system

A method and system for implementing and managing security policies in a cloud environment of enterprises are disclosed. In some embodiments, the method includes creating cloud-independent policies associated with enterprise assets in the cloud environment and sharing the cloud-independent policies across one or more distributed enterprises in the cloud environment. The method also includes translating and enforcing the policies in run-time across the distributed enterprises. The method further includes applying the policies collaboratively in the distributed enterprises based on distributing policy enforcement in the distributed enterprises while centralizing policy operations, where applying the policies includes discovering cloud-based assets of the enterprises and enterprise asset data related to the cloud-based assets and creating, based on the enterprise asset data, at least one graph (organization, user, resource) representing the relationships among the assets. The enterprise asset data includes information used to detect, protect, and investigate potential problems of the assets.