US 12,452,283 B2
Dynamic and transparent application program interface (API) endpoint host redirection
Thomas Szigeti, Vancouver (CA); David John Zacks, Vancouver (CA); and Ted Hulick, Pearland, TX (US)
Assigned to Cisco Technology, Inc., San Jose, CA (US)
Filed by Cisco Technology, Inc., San Jose, CA (US)
Filed on Jun. 2, 2023, as Appl. No. 18/328,530.
Prior Publication US 2024/0406205 A1, Dec. 5, 2024
Int. Cl. H04L 9/40 (2022.01)
CPC H04L 63/1433 (2013.01) [H04L 63/1416 (2013.01); H04L 63/30 (2013.01)] 20 Claims
OG exemplary drawing
 
1. A non-transitory computer-readable medium storing instructions that, when executed, causes a processor to perform operations, comprising:
with an intelligent domain name system (DNS) engine (IDE) associated with a containerized service within a pod of a mesh network:
snooping a DNS query from the containerized service;
identifying within the DNS query, an application program interface (API) endpoint name;
snooping a DNS response associated with the DNS query;
identifying an Internet protocol (IP) address associated with the API endpoint name and from the DNS response;
transmitting the API endpoint name and the IP address to a controller;
receiving, from the controller, a list of safe API endpoint hosts with no known security vulnerabilities based on security data obtained from at least one security service;
caching, at the IDE, the list of safe API endpoint hosts including safe IP addresses;
intercepting a subsequent DNS request from the containerized service; and
transmitting to the containerized service, via the IDE, IP addresses of safe API endpoint hosts within the list of safe API endpoint hosts.