CPC H04L 61/4511 (2022.05) [H04L 61/09 (2022.05); H04L 63/14 (2013.01); H04L 67/02 (2013.01); H04L 2101/618 (2022.05)] | 20 Claims |
1. A computer-implemented method comprising:
intercepting a first data communication of a first connected device related to a first target website, wherein the first data communication identifies the first target website by a first fully qualified domain name (FQDN), and the first FQDN is mapped to a first Internet protocol (IP) address;
determining a pair of the first FQDN and the first IP address;
intercepting a second data communication of a second connected device related to a second target website, wherein the second data communication comprises a second encrypted FQDN of the second target website, and a second IP address of the second target website;
determining that the second IP address is equal to the first IP address of the pair;
retrieving a cybersecurity reputation of the second target website based on the first FQDN of the pair; and
in response to determining that the cybersecurity reputation of the second target website matches a predetermined alarm condition, enforcing a cybersecurity operation for the second data communication.
|