公开(公告)号：US20250023887A1

公开(公告)日：2025-01-16

申请号：US18350105

申请日：2023-07-11

Applicant: Cisco Technology, Inc.

Inventor： Hendrikus G. P. Bosch ,  Jeffrey M. Napper ,  Willem Jonker ,  Stefano Simonetto

IPC: H04L9/40

Abstract: In one embodiment, a method includes ingesting security tool findings associated with an application and identifying events associated with the application. The method also includes comparing the security tool findings and the events against known attack paths and determining partial attack path matches between the security tool findings and the events and the known attack paths. The method further includes performing a risk analysis of the partial attack path matches and prioritizing the partial attack path matches based on the risk analysis.

公开(公告)号：US20240265113A1

公开(公告)日：2024-08-08

申请号：US18330255

申请日：2023-06-06

Applicant: Cisco Technology, Inc.

Inventor： Jeffrey M. Napper ,  Hendrikus G. P. Bosch ,  Jean Diaconu ,  Marcelo Yannuzzi ,  Alessandro Duminuco

IPC: G06F21/57 ,  G06F21/55

CPC classification number: G06F21/577 ,  G06F21/552 ,  G06F2221/033

Abstract: A system and a method to determine attack paths to application assets may include storing in a memory asset inventory indicating multiple application assets, multiple attack vector parameters configured to indicate vulnerabilities of one or more of the application assets, and asset mapping information configured to associate each of the application assets to one or more of the application layers. A processor may determine multiple vulnerable assets in the application assets based at least in part upon the attack vector parameters. Further, the processor may determine feasibility parameters that indicate a likelihood of the attack path to occur in the system, generate a visual interface showing the vulnerable assets, determine an attack path connecting the vulnerable assets based at least in part upon the asset mapping information, and map the attack path to the application layers in the visual interface based at least in part upon the feasibility parameters.

公开(公告)号：US20240273203A1

公开(公告)日：2024-08-15

申请号：US18326402

申请日：2023-05-31

Applicant: Cisco Technology, Inc.

Inventor： Mirko Raca ,  Marcelo Yannuzzi ,  Jeffrey M. Napper ,  Hendrikus G. P. Bosch

IPC: G06F21/56 ,  G06F21/55 ,  G06F21/57

CPC classification number: G06F21/566 ,  G06F21/552 ,  G06F21/577 ,  G06F2221/033

Abstract: In one embodiment, a method for detecting an unknown attack vector, by a system, includes receiving a marked span that has been flagged for inspection. The method further includes conducting a root cause analysis to determine if the marked span should be classified as an attack. In response to a determination that the marked span should be classified as an attack, the method further includes determining whether the marked span engaged with data corresponding to one or more application services defining the marked span. The method further includes designating the data corresponding to the one or more application services as compromised in response to a determination that the marked span did engage with said data.

公开(公告)号：US20240231973A9

公开(公告)日：2024-07-11

申请号：US18309194

申请日：2023-04-28

Applicant: Cisco Technology, Inc.

Inventor： Hendrikus G. P. Bosch ,  Jeffrey M. Napper ,  Zsolt Varga ,  Nándor István Krácser ,  Krisztián Gacsal

IPC: G06F9/54

CPC classification number: G06F9/547

Abstract: In one embodiment, a method includes generating an application stack. The application stack includes an application logic module. The method also includes embedding a service mesh module into the application stack. The method further includes managing, by the service mesh module, security of a network packet while maintaining separation of memory regions between the application logic module and the service mesh module.

公开(公告)号：US20240273187A1

公开(公告)日：2024-08-15

申请号：US18326194

申请日：2023-05-31

Applicant: Cisco Technology, Inc.

Inventor： Marcelo Yannuzzi ,  Jean Diaconu ,  Jeffrey M. Napper ,  Herve Muyal ,  Hendrikus G. P. Bosch

IPC: G06F21/55 ,  G06F16/9035 ,  G06F16/907 ,  G06F21/62

CPC classification number: G06F21/552 ,  G06F16/9035 ,  G06F16/907 ,  G06F21/6254 ,  G06F2221/034

Abstract: In one embodiment, a method for storing auditable metadata, by a system, includes receiving incoming signals communicated from at least one application service to a first pod associated with a user space of a node. The method further includes extracting metadata associated with data provided by the received incoming signals. The method further includes receiving outgoing signals communicated from the first pod to an external entity, wherein the incoming signals and the outgoing signals are received by a listener module. The method further includes comparing the incoming signals to the outgoing signals to detect a variation and determining that the data has been transmitted to the external entity based on a determination that there is no detected variation from the comparison between the incoming signals and the outgoing signals.

公开(公告)号：US20240265112A1

公开(公告)日：2024-08-08

申请号：US18330214

申请日：2023-06-06

Applicant: Cisco Technology, Inc.

Inventor： Jeffrey M. Napper ,  Hendrikus G. P. Bosch ,  Jean Diaconu ,  Marcelo Yannuzzi ,  Alessandro Duminuco ,  Guillaume Sauvage De Saint Marc ,  Marc Scibelli

IPC: G06F21/57 ,  G06F9/451

CPC classification number: G06F21/577 ,  G06F9/451 ,  G06F2221/033

Abstract: A system and a method to map attack paths in a visualization interface may include storing in a memory asset inventory indicating application assets, attack vector parameters configured to indicate vulnerabilities of one or more of the application assets, and asset mapping information. A processor may determine multiple vulnerable assets in the application assets based at least in part upon the attack vector parameters. Further, the processor may obtain security parameters from a security framework indicating one or more attack techniques, associate each of the vulnerable assets to one or more of the security parameters, and generate a visual interface showing the vulnerable assets and the security parameters. The processor may determine an attack path connecting the vulnerable assets based at least in part upon the asset mapping information, and map the attack path to the application layers and the security parameters in the visual interface.

公开(公告)号：US12033010B2

公开(公告)日：2024-07-09

申请号：US18309194

申请日：2023-04-28

Applicant: Cisco Technology, Inc.

Inventor： Hendrikus G. P. Bosch ,  Jeffrey M. Napper ,  Zsolt Varga ,  Nándor István Krácser ,  Krisztián Gacsal

IPC: H04L65/00 ,  G06F9/54

CPC classification number: G06F9/547 ,  H04L65/00

Abstract: In one embodiment, a method includes generating an application stack. The application stack includes an application logic module. The method also includes embedding a service mesh module into the application stack. The method further includes managing, by the service mesh module, security of a network packet while maintaining separation of memory regions between the application logic module and the service mesh module.

公开(公告)号：US20240134725A1

公开(公告)日：2024-04-25

申请号：US18309194

申请日：2023-04-27

Applicant: Cisco Technology, Inc.

Inventor： Hendrikus G. P. Bosch ,  Jeffrey M. Napper ,  Zsolt Varga ,  Nándor István Krácser ,  Krisztián Gacsal

IPC: G06F9/54

CPC classification number: G06F9/547

Abstract: In one embodiment, a method includes generating an application stack. The application stack includes an application logic module. The method also includes embedding a service mesh module into the application stack. The method further includes managing, by the service mesh module, security of a network packet while maintaining separation of memory regions between the application logic module and the service mesh module.