公开(公告)号：US20230370489A1

公开(公告)日：2023-11-16

申请号：US18352036

申请日：2023-07-13

Applicant: Cisco Technology, Inc.

Inventor： Supreeth Rao ,  Navindra Yadav ,  Prasannakumar Jobigenahally Malleshaiah ,  Hanlin He ,  Umamaheswaran Arumugam ,  Robert Bukofser ,  Aiyesha Ma ,  Kai Zhu ,  Ashok Kumar

IPC: H04L9/40 ,  G06F16/901 ,  H04L41/22 ,  G06F16/9035

CPC classification number: H04L63/1433 ,  G06F16/9024 ,  H04L41/22 ,  H04L63/1425 ,  G06F16/9035

Abstract: Systems, methods, and computer-readable media for determine a neighborhood graph can include the following processes. A neighborhood graph system generates a neighborhood graph for a plurality of nodes in an enterprise network, the neighborhood graph representing a multi-hop connections between any two nodes of the plurality of nodes. A security score service determines a security score for each of the plurality of nodes to yield a plurality of scores. The neighborhood graph system updates the neighborhood graph of the plurality of nodes using the plurality of scores to provide a visual representation of securities of the plurality of nodes relative to each other.

公开(公告)号：US11503063B2

公开(公告)日：2022-11-15

申请号：US16985605

申请日：2020-08-05

Applicant: Cisco Technology, Inc.

Inventor： Supreeth Hosur Nagesh Rao ,  Navindra Yadav ,  Prasannakumar Jobigenahally Malleshaiah ,  Ashok Kumar ,  Umamaheswaran Arumugam ,  Darshan Shrinath Purandare ,  Songlin Li ,  Hanlin He

IPC: H04L9/40

Abstract: Systems, methods, and non-transitory computer-readable storage media are disclosed for detecting, identifying, and/or assessing hidden vulnerabilities in an enterprise network. In one example, a device may have one or more memories storing computer-readable instructions and one or more processors configured to execute the computer-readable instructions to receive vulnerability data of network components within an enterprise network. The vulnerability data can include identification of one or more vulnerabilities detected within the enterprise network. The device can then determine a vulnerability frequency and a machine frequency associated with each of the one or more vulnerabilities. The device can then determine a vulnerability score for each of the one or more vulnerabilities based on the vulnerability frequency and an inverse of the machine frequency, to yield a plurality of vulnerability scores. The device can then rank the one or more vulnerabilities based on the plurality of vulnerability scores.

公开(公告)号：US20220012340A1

公开(公告)日：2022-01-13

申请号：US16922565

申请日：2020-07-07

Applicant: Cisco Technology, Inc.

Inventor： Supreeth Hosur Nagesh Rao ,  Navindra Yadav ,  Prasannakumar Jobigenahally Malleshaiah ,  Tapan Shrikrishna Patwardhan ,  Umamaheswaran Arumugam ,  Darshan Shrinath Purandare ,  Aiyesha Ma ,  Songlin Li

IPC: G06F21/57 ,  H04L29/06

Abstract: Systems, methods, and computer-readable media for attack surface score computation can include the following processes. An attack surface score service receives information identifying open ports associated with an application. The attack surface score service determines an attack surface score for the application based on the information and common attack ports. A policy engine determines whether to implement a policy for reducing vulnerability of the application to attacks to yield a determination. The policy engine implements a vulnerability reduction policy based on the determination.

公开(公告)号：US11159386B2

公开(公告)日：2021-10-26

申请号：US16354008

申请日：2019-03-14

Applicant: Cisco Technology, Inc.

Inventor： Matthew Lawson Finn, II ,  Alok Lalit Wadhwa ,  Navindra Yadav ,  Jerry Xin Ye ,  Supreeth Rao ,  Prasannakumar Jobigenahally Malleshaiah ,  Tapan Shrikrishna Patwardhan ,  Umamaheswaran Arumugam ,  Aiyesha Ma ,  Darshan Shrinath Purandare

IPC: H04L12/24 ,  H04L12/26

Abstract: Systems and methods provide for enriching flow data to analyze network security, availability, and compliance. A network analytics system can capture flow data and metadata from network elements. The network analytics system can enrich the flow data by in-line association of the flow data and metadata. The network analytics system can generate multiple planes with each plane representing a dimension of enriched flow data. The network analytics system can generate nodes for the planes with each node representing a unique value or set of values for the dimensions represented by planes. The network analytics system can generate edges for the nodes of the planes with each edge representing a flow between endpoints corresponding to the nodes. The network analytics system can update the planes in response to an interaction with the planes or in response to a query.

公开(公告)号：US12050698B2

公开(公告)日：2024-07-30

申请号：US18327276

申请日：2023-06-01

Applicant: Cisco Technology, Inc.

Inventor： Supreeth Hosur Nagesh Rao ,  Navindra Yadav ,  Prasannakumar Jobigenahally Malleshaiah ,  Tapan Shrikrishna Patwardhan ,  Umamaheswaran Arumugam ,  Darshan Shrinath Purandare ,  Aiyesha Ma ,  Songlin Li

IPC: G06F21/00 ,  G06F21/57 ,  H04L9/40

CPC classification number: G06F21/577 ,  H04L63/1433 ,  H04L63/20 ,  G06F2221/033

Abstract: Systems, methods, and computer-readable media for attack surface score computation can include the following processes. An attack surface score service receives information identifying open ports associated with an application. The attack surface score service determines an attack surface score for the application based on the information and common attack ports. A policy engine determines whether to implement a policy for reducing vulnerability of the application to attacks to yield a determination. The policy engine implements a vulnerability reduction policy based on the determination.

公开(公告)号：US11483351B2

公开(公告)日：2022-10-25

申请号：US17003364

申请日：2020-08-26

Applicant: Cisco Technology, Inc.

Inventor： Supreeth Hosur Nagesh Rao ,  Navindra Yadav ,  Tapan Shrikrishna Patwardhan ,  Umamaheswaran Arumugam ,  Darshan Shrinath Purandare ,  Aiyesha Ma ,  Hongyang Zhang ,  Kai Zhu

IPC: H04L9/40

Abstract: The present disclosure relates to securing workloads of a network by identifying compromised elements in communication with the network and preventing their access to network resources. In one aspect, a method includes monitoring network traffic at network elements of a network; detecting a compromised element in communication with one or more of the network elements, the compromised element being associated with at least one network threat; and based on a defined network policy, applying one of a number of different access prevention schemes to the compromised element to prevent access to the network by the compromised element.

公开(公告)号：US20200296007A1

公开(公告)日：2020-09-17

申请号：US16354008

申请日：2019-03-14

Applicant: Cisco Technology, Inc.

Inventor： Matthew Lawson Finn, II ,  Alok Lalit Wadhwa ,  Navindra Yadav ,  Jerry Xin Ye ,  Supreeth Rao ,  Prasannakumar Jobigenahally Malleshaiah ,  Tapan Shrikrishna Patwardhan ,  Umamaheswaran Arumugam ,  Aiyesha Ma ,  Darshan Shrinath Purandare

IPC: H04L12/24 ,  H04L12/26

Abstract: Systems and methods provide for enriching flow data to analyze network security, availability, and compliance. A network analytics system can capture flow data and metadata from network elements. The network analytics system can enrich the flow data by in-line association of the flow data and metadata. The network analytics system can generate multiple planes with each plane representing a dimension of enriched flow data. The network analytics system can generate nodes for the planes with each node representing a unique value or set of values for the dimensions represented by planes. The network analytics system can generate edges for the nodes of the planes with each edge representing a flow between endpoints corresponding to the nodes. The network analytics system can update the planes in response to an interaction with the planes or in response to a query.

公开(公告)号：US20190123983A1

公开(公告)日：2019-04-25

申请号：US15793473

申请日：2017-10-25

Applicant: Cisco Technology, Inc.

Inventor： Supreeth Rao ,  Navindra Yadav ,  Prasannakumar Jobigenahally Malleshaiah ,  Darshan Shrinath Purandare ,  Aiyesha Ma ,  Aria Rahadian ,  Umamaheswaran Arumugam ,  Xuan Zou

IPC: H04L12/26 ,  H04W28/08 ,  H04L12/803

Abstract: Systems, methods, and computer-readable media for correlating gathered network traffic data and analytics with external data for purposes of managing a cluster of nodes in a network. In some embodiments, a system can identify a cluster of nodes in a network. Network traffic data for the cluster of nodes in the network can be collected based on traffic flowing through the cluster of nodes using a group of sensors implemented in the network. The system can generate analytics for the cluster of nodes in the network using the collected network traffic data. The analytics can be correlated with external data to create correlated external analytics for use in controlling operation of the cluster of nodes in the network.

公开(公告)号：US20230306121A1

公开(公告)日：2023-09-28

申请号：US18327276

申请日：2023-06-01

Applicant: Cisco Technology, Inc.

Inventor： Supreeth Hosur Nagesh Rao ,  Navindra Yadav ,  Prasannakumar Jobigenahally Malleshaiah ,  Tapan Shrikrishna Patwardhan ,  Umamaheswaran Arumugam ,  Darshan Shrinath Purandare ,  Aiyesha Ma ,  Songlin Li

IPC: G06F21/57 ,  H04L9/40

CPC classification number: G06F21/577 ,  H04L63/1433 ,  H04L63/20 ,  G06F2221/033

Abstract: Systems, methods, and computer-readable media for attack surface score computation can include the following processes. An attack surface score service receives information identifying open ports associated with an application. The attack surface score service determines an attack surface score for the application based on the information and common attack ports. A policy engine determines whether to implement a policy for reducing vulnerability of the application to attacks to yield a determination. The policy engine implements a vulnerability reduction policy based on the determination.

公开(公告)号：US10999149B2

公开(公告)日：2021-05-04

申请号：US15985520

申请日：2018-05-21

Applicant: Cisco Technology, Inc.

Inventor： Supreeth Rao ,  Navindra Yadav ,  Umamaheswaran Arumugam ,  Michael Watts ,  Shashi Gandham ,  Prasannakumar Jobigenahally Malleshaiah ,  Duy Nguyen ,  Hai Vu ,  Aiyesha Ma ,  Tapan Shrikrishna Patwardhan ,  Kai Zhu ,  Jothi Prakash Prabakaran

IPC: H04L12/24 ,  H04L12/26

Abstract: Systems, methods, and computer-readable media for flow stitching network traffic flow segments at a middlebox in a network environment. In some embodiments, flow records of traffic flow segments at a middlebox in a network environment are collected. The flow records can include transaction identifiers assigned to the traffic flow segments. Sources and destinations of the traffic flow segments with respect to the middlebox can be identified using the flow records. Further, the traffic flow segments can be stitched together to form a plurality of stitched traffic flows at the middlebox based on the transaction identifiers and the sources and destinations of the traffic flow segments in the network environment with respect to the middlebox. A configuration of the middlebox operating in the network environment can be identified based on the stitched traffic flows at the middlebox in the network environment.