公开(公告)号：US20250055870A1

公开(公告)日：2025-02-13

申请号：US18446053

申请日：2023-08-08

Applicant: Cisco Technology, Inc.

Inventor： Rajesh Indira Viswambharan ,  Poojalakshmi D.

IPC: H04L9/40

Abstract: Provided herein are techniques to facilitate dynamic policy enforcement for cloud-based applications in an enterprise environment. In one example, a method may include obtaining, from a cloud network of a cloud-based application, an authentication request associated with an enterprise user that is seeking to utilize the cloud-based application, wherein the authentication request comprises an application identifier and a vulnerability index associated with the cloud-based application; identifying one or more vulnerabilities of the cloud-based application based on the application identifier and the vulnerability index; determining an access level for which the cloud-based application is allowed to access the enterprise network based, at least in part, on one or more vulnerabilities of the cloud-based application and one or more access rules associated with the cloud-based application; and sending a response to the cloud network indicating the access level for which the cloud-based application is allowed to access the enterprise network.