US 11,716,343 B2
Secure neighborhoods assessment in enterprise networks
Supreeth Rao, Cupertino, CA (US); Navindra Yadav, Cupertino, CA (US); Prasannakumar Jobigenahally Malleshaiah, Sunnyvale, CA (US); Hanlin He, San Jose, CA (US); Umamaheswaran Arumugam, San Jose, CA (US); Robert Bukofser, Mason, OH (US); Aiyesha Ma, San Francisco, CA (US); Kai Zhu, San Jose, CA (US); and Ashok Kumar, Pleasanton, CA (US)
Assigned to Cisco Technology, Inc., San Jose, CA (US)
Filed by Cisco Technology, Inc., San Jose, CA (US)
Filed on Aug. 11, 2020, as Appl. No. 16/990,664.
Prior Publication US 2022/0053011 A1, Feb. 17, 2022
Int. Cl. H04L 9/40 (2022.01); G06F 16/9035 (2019.01); G06F 16/901 (2019.01); H04L 41/22 (2022.01)
CPC H04L 63/1433 (2013.01) [G06F 16/9024 (2019.01); G06F 16/9035 (2019.01); H04L 41/22 (2013.01); H04L 63/1425 (2013.01)] 20 Claims
OG exemplary drawing
 
1. A method comprising:
generating a neighborhood graph for a plurality of nodes in an enterprise network, the neighborhood graph representing a multi-hop connection between any two nodes of the plurality of nodes;
determining a plurality of sub-scores for each of the plurality of nodes, each of the plurality of sub-scores including a corresponding vulnerability score, a corresponding process hash score, a corresponding attack surface score, a corresponding forensics score, a corresponding network anomaly score, and a corresponding segmentation compliance score for each of the plurality of nodes;
determining, based on the plurality of sub-scores, an overall security score for each of the plurality of nodes to yield a plurality of scores; and
updating the neighborhood graph of the plurality of nodes using the plurality of scores to provide a visual representation of securities of the plurality of nodes relative to each other.