公开(公告)号：US20220070197A1

公开(公告)日：2022-03-03

申请号：US17003450

申请日：2020-08-26

Applicant: Cisco Technology, Inc.

Inventor： Hai Vu ,  Thanh Nhan Nguyen ,  Vaishali Palkar ,  Varun Malhotra ,  Shih-Chun Chang ,  Xin Liu

IPC: H04L29/06

Abstract: Systems, methods, and non-transitory computer-readable storage media are disclosed for detecting vulnerabilities in real-time during execution of a process or an application. In one example, a device may have one or more memories storing computer-readable instructions and one or more processors configured to execute the computer-readable instructions to obtain real-time process information associated with a process executing in an endpoint. The device can then determine package information for a package associated with the process based on the process information. The device can then identify at least one vulnerability associated with the package information using a database of vulnerabilities stored on a backend component of the network. The backend component may have a database of vulnerabilities for packages.

公开(公告)号：US11627166B2

公开(公告)日：2023-04-11

申请号：US17063864

申请日：2020-10-06

Applicant: Cisco Technology, Inc.

Inventor： Weifei Zeng ,  Sai Ankith Averineni ,  Omid Madani ,  Paul Mach ,  Yash Vipul Doshi ,  Sasidhar Evuru ,  Sayeed Mohammed Tasnim ,  Sameer Salim Mahomed Ali Ladiwala ,  Chakradhar Reddy Vangeti ,  Thanh Nhan Nguyen ,  Varun Malhotra ,  Shashidhar Gandham ,  Navindra Yadav ,  Thanh Trung Ngo ,  Maxwell Aaron Mechanic

IPC: H04L9/40 ,  H04L41/0893 ,  H04L41/14 ,  H04L47/2483

Abstract: The present disclosure relates to methods, systems, and non-transitory computer readable media for discovering policy scopes within an enterprise network and managing network policies for discovered policy scopes. In one aspect, a method includes identifying one or more communities of devices in an enterprise network; defining, from the one or more communities of devices, policy scopes in the enterprise network; generating a hierarchical representation of the policy scopes; identifying, based on the hierarchical representation of the policy scopes, one or more policies governing traffic flow between devices associated with each of the policy scopes; and managing application of the one or more policies at the devices.

公开(公告)号：US11706239B2

公开(公告)日：2023-07-18

申请号：US17003450

申请日：2020-08-26

Applicant: Cisco Technology, Inc.

Inventor： Hai Vu ,  Thanh Nhan Nguyen ,  Vaishali Palkar ,  Varun Malhotra ,  Shih-Chun Chang ,  Xin Liu

IPC: H04L9/40

CPC classification number: H04L63/1433

Abstract: Systems, methods, and non-transitory computer-readable storage media are disclosed for detecting vulnerabilities in real-time during execution of a process or an application. In one example, a device may have one or more memories storing computer-readable instructions and one or more processors configured to execute the computer-readable instructions to obtain real-time process information associated with a process executing in an endpoint. The device can then determine package information for a package associated with the process based on the process information. The device can then identify at least one vulnerability associated with the package information using a database of vulnerabilities stored on a backend component of the network. The backend component may have a database of vulnerabilities for packages.

公开(公告)号：US20220109701A1

公开(公告)日：2022-04-07

申请号：US17063864

申请日：2020-10-06

Applicant: Cisco Technology, Inc.

Inventor： Weifei Zeng ,  Sai Ankith Averineni ,  Omid Madani ,  Paul Mach ,  Yash Vipul Doshi ,  Sasidhar Evuru ,  Sayeed Mohammed Tasnim ,  Sameer Salim Mahomed Ali Ladiwala ,  Chakradhar Reddy Vangeti ,  Thanh Nhan Nguyen ,  Varun Malhotra ,  Shashidhar Gandham ,  Navindra Yadav ,  Thanh Trung Ngo ,  Maxwell Aaron Mechanic

IPC: H04L29/06 ,  H04L12/851 ,  H04L12/24

Abstract: The present disclosure relates to methods, systems, and non-transitory computer readable media for discovering policy scopes within an enterprise network and managing network policies for discovered policy scopes. In one aspect, a method includes identifying one or more communities of devices in an enterprise network; defining, from the one or more communities of devices, policy scopes in the enterprise network; generating a hierarchical representation of the policy scopes; identifying, based on the hierarchical representation of the policy scopes, one or more policies governing traffic flow between devices associated with each of the policy scopes; and managing application of the one or more policies at the devices.