Systems and methods for protecting platform-as-a-service platforms

摘要

A computer-implemented method for protecting platform-as-a-service platforms may include 1) identifying a platform-as-a-service platform that is configured to allow installations of third-party application packages, 2) intercepting a third-party application package in transit to the platform-as-a-service platform for installation, 3) extracting metadata from the third-party application package, and 4) applying a compliance policy to the third-party application package to determine whether to allow an installation of the third-party application package on the platform-as-a-service platform based on the metadata. Various other methods, systems, and computer-readable media are also disclosed.

主权项

1. A computer-implemented method for protecting platform-as-a-service platforms, at least a portion of the method being performed by a computing device comprising at least one processor, the method comprising:
identifying a platform-as-a-service platform that enables on-demand access to a computing environment via the Internet and/or a service provider, the platform-as-a-service platform being configured to allow installations of third-party application packages; intercepting, at a reverse proxy system that is configured to receive network traffic on behalf of the platform-as-a-service platform and to relay approved network traffic to the platform-as-a-service platform, a third-party application package in transit to the platform-as-a-service platform for installation; extracting a manifest file from the third-party application package; parsing the manifest file to obtain metadata that specifies characteristics of the third-party application package, wherein the metadata comprises information identifying a resource of an existing application within the platform-as-a-service platform subject to use by an application to be installed from the third-party application package; applying a compliance policy to the third-party application package to determine whether to allow an installation of the third-party application package on the platform-as-a-service platform based on the metadata.