US 12,244,616 B2
Prioritizing assets using security metrics
Travis Nathan Sugarbaker, Seattle, WA (US); and Srivatsa Shripathi Modambu, Karnataka (IN)
Assigned to Cisco Technology, Inc., San Jose, CA (US)
Filed by Cisco Technology, Inc., San Jose, CA (US)
Filed on Nov. 14, 2022, as Appl. No. 17/986,661.
Application 17/986,661 is a continuation of application No. 17/026,093, filed on Sep. 18, 2020, granted, now 11,503,048.
Claims priority of application No. 202041032709 (IN), filed on Jul. 30, 2020.
Prior Publication US 2023/0072859 A1, Mar. 9, 2023
This patent is subject to a terminal disclaimer.
Int. Cl. H04L 9/40 (2022.01)
CPC H04L 63/1416 (2013.01) [H04L 63/0236 (2013.01); H04L 63/105 (2013.01); H04L 63/1425 (2013.01); H04L 63/1433 (2013.01); H04L 63/20 (2013.01)] 20 Claims
OG exemplary drawing
 
1. A method, comprising:
exchanging, by a first asset, first data traffic during a time period;
determining a number of hosts that exchanged the first data traffic with the first asset during the time period;
determining a first security metric of the first asset based on the number of the hosts, the first security metric indicating a vulnerability to attack associated with the first asset;
determining a second security metric of a second asset comprising a nearest neighbor of the first asset, the nearest neighbor of the first asset being directly connected to the first asset in a network, and the second security metric indicating a vulnerability to attack associated with the second asset;
determining a third security metric indicating the vulnerability to attack associated with the first asset based on the first security metric and the second security metric, and based on the second security metric comprising a nearest neighbor of the first asset;
adjusting a security policy of the first asset based on the third security metric; and
exchanging, by the first asset, second data traffic based at least in part on the security policy.