公开(公告)号：US20240430309A1

公开(公告)日：2024-12-26

申请号：US18828994

申请日：2024-09-09

Applicant: Cisco Technology, Inc.

Inventor： Nagendra Kumar NAINAR ,  Carlos M. PIGNATARO ,  Rahul RAMMANOHAR ,  Kondaveeti Lakshmi GANESH ,  David John ZACKS

IPC: H04L9/40

Abstract: In one embodiment, an access policy enforcement service receives a user authentication request from an end-user device. The access policy enforcement service identifies a telemetry collection intent from the user authentication request. The access policy enforcement service determines a monitoring policy based on the telemetry collection intent identified from the user authentication request. The access policy enforcement service configures, according to the monitoring policy, one or more telemetry collection agents to collect telemetry for traffic associated with the end-user device.

公开(公告)号：US20240403437A1

公开(公告)日：2024-12-05

申请号：US18205331

申请日：2023-06-02

Applicant: Cisco Technology, Inc.

Inventor： Thomas Szigeti ,  Shannon K. MCFARLAND ,  Walter Theodore HULICK, JR. ,  David John ZACKS

IPC: G06F21/57

Abstract: In one embodiment, external API vulnerability assessments may include detecting, by a process, usage of an external application programming interface in execution of an application; transmitting, by the process, a query to the external application programming interface for a list of one or more components of the external application programming interface; generating, by the process, a vulnerability assessment for the application based on a response to the query; and performing, by the process, one or more mitigation actions based on the vulnerability assessment.

公开(公告)号：US20240144269A1

公开(公告)日：2024-05-02

申请号：US17974337

申请日：2022-10-26

Applicant: Cisco Technology, Inc.

Inventor： Thomas Szigeti ,  David John ZACKS ,  Walter Theodore HULICK ,  Nagendra Kumar NAINAR ,  Carlos M. PIGNATARO

IPC: G06Q20/40 ,  G06Q20/38 ,  H04L9/40

CPC classification number: G06Q20/4014 ,  G06Q20/3827 ,  H04L63/20 ,  G06Q2220/00

Abstract: In one embodiment, a device obtains transaction data regarding a user account of an application performing a transaction within the application to access a particular document. The transaction data is captured by instrumentation code inserted into the application at runtime. The device identifies, based on the transaction data, a data mining policy for the transaction. The device generates, based on the data mining policy, identification information associated with the user account and the particular document. The device inserts, via the instrumentation code, tracing data into the particular document that causes a client that opens the particular document to send a web request for a uniform resource locator (URL) associated with the identification information.

公开(公告)号：US20240095370A1

公开(公告)日：2024-03-21

申请号：US17949306

申请日：2022-09-21

Applicant: Cisco Technology, Inc.

Inventor： Walter Theodore Hulick, Jr. ,  David John ZACKS ,  Thomas SZIGETI ,  Jeffrey Allen TILLETT

IPC: G06F21/57 ,  G06F21/31

CPC classification number: G06F21/577 ,  G06F21/31 ,  G06F2221/034 ,  G06F2221/2113

Abstract: In one embodiment, a device obtains transaction data regarding a transaction attempted within a software development environment, wherein the transaction data is captured by instrumentation code inserted into the software development environment at runtime. The device identifies, based on the transaction data, an access policy for the transaction. The device makes, based on the access policy, a determination that the transaction is not authorized. The device causes, via the instrumentation code, the transaction to be blocked from completing within the software development environment.