US 12,316,676 B2
Threat analytics and dynamic compliance in security policies
Doron Levari, Newton, MA (US); Tariq Ahmed Farhan, Cambridge, MA (US); Vincent E. Parla, North Hampton, NH (US); Ido Tamir, Boston, MA (US); Adam Bragg, Hollis, NH (US); and Jason M Perry, Plymouth, MA (US)
Assigned to Cisco Technology, Inc., San Jose, CA (US)
Filed by Cisco Technology, Inc., San Jose, CA (US)
Filed on Jul. 22, 2022, as Appl. No. 17/871,827.
Prior Publication US 2024/0031411 A1, Jan. 25, 2024
Int. Cl. H04L 29/06 (2006.01); H04L 9/40 (2022.01)
CPC H04L 63/20 (2013.01) [H04L 63/1416 (2013.01)] 20 Claims
OG exemplary drawing
 
1. A method implemented at least in part by centralized network security manager comprising:
receiving threat data from one or more threat and compliance data providers;
receiving input indicating a change event that is to be applied to one or more security policies that exist within a network, the change event including a modification to the one or more security policies that remediates a threat to the network indicated in the threat data;
prior to the change event being applied to the one or more security policies, determining whether to approve the change event and implement the modification to the one or more security policies, the determining whether to approve the change event including:
determining whether the modification to the one or more security policies opens the network to attack; or
determining whether the modification to the one or more security policies violates a compliance policy associated with the network; and
based at least in part on determining to deny the change event, refraining from implementing the modification to the one or more security policies.