公开(公告)号：US12250197B2

公开(公告)日：2025-03-11

申请号：US17397772

申请日：2021-08-09

Applicant: Salesforce.com, Inc.

Inventor： Adam J. Salter ,  Deepanshu Badola ,  Stephen Fung ,  Santhosh ram Vetrinadar Manohar ,  Varun Kulkarni Somashekhar ,  Amitabh B. Chakrabarty ,  Vinod Vasant Pai ,  Christopher Jason Donley ,  Prabhat Singh

IPC: H04L61/4541 ,  H04L61/2585 ,  H04L61/5076 ,  H04L67/51

Abstract: A system is disclosed for acquiring and managing data regarding external IP (EIP) addresses of services offered in a trusted public cloud environment. The system monitors an application program interface of a service executing in a trusted public cloud environment for occurrence of an event that is related to an EIP of the service. When an event is detected, the system extract EIP related data and metadata of the service, generates a message with the extracted EIP data, and posts the message to a central message queue. The system monitors the message queue for the presence of a new message. Upon detecting a new message, the system processes the message, extracts EIP related data. metadata, and identifies an action. A central database that stores EIP related information of services executing in the trusted public cloud environment is updated based on the identified action.

公开(公告)号：US20220086193A1

公开(公告)日：2022-03-17

申请号：US17248529

申请日：2021-01-28

Applicant: salesforce.com, inc.

Inventor： Toan Van Nguyen ,  Qiyuan Zheng ,  Santhosh Ram Vetrinadar Manohar ,  Varun Kulkarni Somashekhar ,  Prabhat Singh

IPC: H04L29/06

Abstract: Disclosed are examples of systems, apparatus, methods and computer program products for automation of network security policy analysis and deployment. A server system can obtain a system input comprising two versions of a policy output. The system can generate a severity characteristic that indicates a severity of deploying the second version of the policy output. The system can then determine whether to deploy the second version of the policy output based on the severity characteristic. The system can then, in response to determining that the second version of the policy output is to be deployed, deploy the second version of the policy output to one of a plurality of clouds.

公开(公告)号：US20220086189A1

公开(公告)日：2022-03-17

申请号：US16948399

申请日：2020-09-16

Applicant: salesforce.com, inc.

Inventor： Toan Van Nguyen ,  Sriram Srinivasan ,  Syed Abdullah Shah ,  Santhosh Ram Vetrinadar Manohar ,  Varun Kulkarni Somashekhar ,  Prabhat Singh ,  Bogdan Florin Romanescu

IPC: H04L29/06

Abstract: Disclosed are examples of systems, apparatus, methods and computer program products providing network security orchestration and management across different clouds. In some implementations, network security information includes a set of security policies indicating permitted communications between or among computing resources. The network security information is converted to a cloud-independent representation. From the cloud-independent representation, policy sets can be generated, where each policy set is specific to a different cloud.

公开(公告)号：US20250047719A1

公开(公告)日：2025-02-06

申请号：US18923050

申请日：2024-10-22

Applicant: salesforce.com, inc.

Inventor： Toan Van Nguyen ,  Sriram Srinivasan ,  Syed Abdullah Shah ,  Santhosh Ram Vetrinadar Manohar ,  Varun Kulkarni Somashekhar ,  Prabhat Singh ,  Bogdan Florin Romanescu

IPC: H04L9/40

Abstract: Disclosed are examples of systems, apparatus, methods and computer program products providing network security orchestration and management across different clouds. In some implementations, network security information includes a set of security policies indicating permitted communications between or among computing resources. The network security information is converted to a cloud-independent representation. From the cloud-independent representation, policy sets can be generated, where each policy set is specific to a different cloud.

公开(公告)号：US12170692B2

公开(公告)日：2024-12-17

申请号：US16948399

申请日：2020-09-16

Applicant: salesforce.com, inc.

Inventor： Toan Van Nguyen ,  Sriram Srinivasan ,  Syed Abdullah Shah ,  Santhosh Ram Vetrinadar Manohar ,  Varun Kulkarni Somashekhar ,  Prabhat Singh ,  Bogdan Florin Romanescu

IPC: H04L9/40

Abstract: Disclosed are examples of systems, apparatus, methods and computer program products providing network security orchestration and management across different clouds. In some implementations, network security information includes a set of security policies indicating permitted communications between or among computing resources. The network security information is converted to a cloud-independent representation. From the cloud-independent representation, policy sets can be generated, where each policy set is specific to a different cloud.

公开(公告)号：US20230039162A1

公开(公告)日：2023-02-09

申请号：US17397772

申请日：2021-08-09

Applicant: salesforce.com, inc.

Inventor： Adam J. Salter ,  Deepanshu Badola ,  Stephen Fung ,  Santhosh ram Vetrinadar Manohar ,  Varun Kulkarni Somashekhar ,  Amitabh B. Chakrabarty ,  Vinod Vasant Pai ,  Christopher Jason Donley ,  Prabhat Singh

IPC: H04L29/12 ,  H04L29/08

Abstract: A system is disclosed for acquiring and managing data regarding external IP (EIP) addresses of services offered in a trusted public cloud environment. The system monitors an application program interface of a service executing in a trusted public cloud environment for occurrence of an event that is related to an EIP of the service. When an event is detected, the system extract EIP related data and metadata of the service, generates a message with the extracted EIP data, and posts the message to a central message queue. The system monitors the message queue for the presence of a new message. Upon detecting a new message, the system processes the message, extracts EIP related data. metadata, and identifies an action. A central database that stores EIP related information of services executing in the trusted public cloud environment is updated based on the identified action.