公开(公告)号：US20240427918A1

公开(公告)日：2024-12-26

申请号：US18339035

申请日：2023-06-21

Applicant: Cisco Technology, Inc.

Inventor： Nagendra Kumar Nainar ,  Cesar Obediente ,  David John Zacks ,  Carlos M. Pignataro ,  Thomas Szigeti ,  Craig T. Hill

IPC: G06F21/62

Abstract: In one embodiment, a method includes generating a security policy and converting the security policy into a chaos hypothesis. The method also includes initiating execution of the chaos hypothesis across a plurality of microservices within a technology stack. The method further includes receiving metrics associated with the execution of the chaos hypothesis across the plurality of microservices within the technology stack.

公开(公告)号：US20240403437A1

公开(公告)日：2024-12-05

申请号：US18205331

申请日：2023-06-02

Applicant: Cisco Technology, Inc.

Inventor： Thomas Szigeti ,  Shannon K. MCFARLAND ,  Walter Theodore HULICK, JR. ,  David John ZACKS

IPC: G06F21/57

Abstract: In one embodiment, external API vulnerability assessments may include detecting, by a process, usage of an external application programming interface in execution of an application; transmitting, by the process, a query to the external application programming interface for a list of one or more components of the external application programming interface; generating, by the process, a vulnerability assessment for the application based on a response to the query; and performing, by the process, one or more mitigation actions based on the vulnerability assessment.

公开(公告)号：US20240362336A1

公开(公告)日：2024-10-31

申请号：US18307409

申请日：2023-04-26

Applicant: Cisco Technology, Inc.

Inventor： Robert Edgar Barton ,  Thomas Szigeti ,  David John Zacks

IPC: G06F21/57 ,  G06F8/71

CPC classification number: G06F21/577 ,  G06F8/71

Abstract: Techniques are described herein for dynamic service extension to provide risk mitigation upon detecting a threat. In embodiments, such techniques may be performed by a service provider platform and may comprise receiving information about a security threat, identifying one or more components susceptible to the security threat, determining, based on a software bill of materials, at least one data flow that includes a point of delivery (pod) associated with the one or more components, identifying at least one additional service determined to mitigate the security threat, and implementing the at least one additional service in relation to the at least one data flow.

公开(公告)号：US12113830B2

公开(公告)日：2024-10-08

申请号：US17216845

申请日：2021-03-30

Applicant: Cisco Technology, Inc.

Inventor： Thomas Szigeti ,  David John Zacks ,  Walter T. Hulick, Jr. ,  Tal Maoz

IPC: H04L9/40 ,  G06F9/455 ,  G06F9/54

CPC classification number: H04L63/20 ,  G06F9/4552 ,  G06F9/547

Abstract: The present technology includes applying a security policy by an application security system to a transaction within an application that is monitored by the application security system. The present technology includes monitoring transaction occurring between a client device an application over a network. The present technology also includes identifying a first transaction from the transactions as a sensitive transaction. The sensitive transaction is associated with an authentication policy requiring an authentication. The present technology also includes interrupting the application. The present technology also includes prompting the client device for the authentication.

公开(公告)号：US20240144269A1

公开(公告)日：2024-05-02

申请号：US17974337

申请日：2022-10-26

Applicant: Cisco Technology, Inc.

Inventor： Thomas Szigeti ,  David John ZACKS ,  Walter Theodore HULICK ,  Nagendra Kumar NAINAR ,  Carlos M. PIGNATARO

IPC: G06Q20/40 ,  G06Q20/38 ,  H04L9/40

CPC classification number: G06Q20/4014 ,  G06Q20/3827 ,  H04L63/20 ,  G06Q2220/00

Abstract: In one embodiment, a device obtains transaction data regarding a user account of an application performing a transaction within the application to access a particular document. The transaction data is captured by instrumentation code inserted into the application at runtime. The device identifies, based on the transaction data, a data mining policy for the transaction. The device generates, based on the data mining policy, identification information associated with the user account and the particular document. The device inserts, via the instrumentation code, tracing data into the particular document that causes a client that opens the particular document to send a web request for a uniform resource locator (URL) associated with the identification information.

公开(公告)号：US11924112B2

公开(公告)日：2024-03-05

申请号：US17216879

申请日：2021-03-30

Applicant: Cisco Technology, Inc.

Inventor： David John Zacks ,  Thomas Szigeti ,  Walter T. Hulick, Jr.

IPC: H04L47/2408 ,  H04L9/40 ,  H04L47/24

CPC classification number: H04L47/2408 ,  H04L47/2458 ,  H04L63/08 ,  H04L63/1416 ,  H04L63/306 ,  H04L2463/082

Abstract: Methods and apparatuses for prioritizing transactions are disclosed. An example method of an application performance monitor (APM) comprises intercepting a first packet being transmitted in a network that is monitored by the APM; determining that the first packet is associated with a transaction of the web application that is to be provided with an alternate level of service; modifying a field in the first packet to include metadata interpretable by at least one network device in the network to cause the at least one network device to provide the alternate level of service; and injecting the first packet into the network. The APM may cause network devices to prioritize a specific transaction of an application based on importance.

公开(公告)号：US20240054196A1

公开(公告)日：2024-02-15

申请号：US17886411

申请日：2022-08-11

Applicant: Cisco Technology, Inc.

Inventor： Nagendra Kumar Nainar ,  David John Zacks ,  Carlos M. Pignataro ,  Thomas Szigeti

IPC: G06F21/32 ,  G02B27/01 ,  G04G21/02

CPC classification number: G06F21/32 ,  G02B27/017 ,  G04G21/025 ,  G02B2027/0178

Abstract: This disclosure describes techniques for authentication using wearable devices. An example method includes determining that a user is wearing a secondary device; determining that the secondary device has detected a signal output by a primary device; determining that the user has confirmed an authentication factor output by the primary device; and enabling the user to access a secured resource via the primary device.

公开(公告)号：US11893849B2

公开(公告)日：2024-02-06

申请号：US17474002

申请日：2021-09-13

Applicant: Cisco Technology, Inc.

Inventor： Thomas Szigeti ,  David Hanes ,  Gonzalo Salgueiro ,  Sebastian Jeuk

IPC: G07C9/28 ,  G07C9/22 ,  H04L9/40 ,  G07C9/00

CPC classification number: G07C9/28 ,  G07C9/00309 ,  G07C9/22 ,  H04L63/0853 ,  G07C2009/00769 ,  H04L2463/082

Abstract: This disclosure describes techniques for selectively providing access to a physical space. An example method includes identifying a location of a device associated with an authorized user based on an electromagnetic signal received by at least one sensor from the device. The electromagnetic signal has a frequency that is greater than or equal to 24 gigahertz (GHz). The example method further includes determining that the location of the device is within a threshold distance of a location of a threshold to a secured space and determining that an authentication score indicating that an individual carrying the device is the authorized user is greater than a threshold score. The authentication score is associated with multiple authentication factors identified by the device. Based on determining that the authentication score is greater than the threshold score, the threshold is unlocked and/or opened.

公开(公告)号：US20240015779A1

公开(公告)日：2024-01-11

申请号：US17858662

申请日：2022-07-06

Applicant: Cisco Technology, Inc.

Inventor： Jerome Henry ,  Robert E. Barton ,  Thomas Szigeti

IPC: H04W72/12 ,  H04W28/02

CPC classification number: H04W72/1236 ,  H04W28/0268 ,  H04W84/12

Abstract: Method for application control and Quality of Service (QoS) handling may be provided. A request may be received for scheduling a communication between an Access Point (AP) and a user device for sending data of an application. It may be determined that the request does not comprise network characteristics of the application. In response to determining that the request does not comprise the network characteristics of the application, the network characteristics may be requested from a Wireless Local Area Network (WLAN) controller. The network characteristics may be received from the WLAN controller. Schedules for the application may be determined based on the network characteristics. The schedules may be enabled.

公开(公告)号：US20230421651A1

公开(公告)日：2023-12-28

申请号：US17846146

申请日：2022-06-22

Applicant: Cisco Technology, Inc.

Inventor： Walter T. Hulick, JR. ,  Carlos M. Pignataro ,  David John Zacks ,  Thomas Szigeti

IPC: H04L67/50 ,  H04L67/1396 ,  H04L67/10 ,  G06Q10/10

CPC classification number: H04L67/535 ,  H04L67/1396 ,  H04L67/10 ,  G06Q10/10

Abstract: Techniques are provided for an “on demand” or event-triggered end user monitoring/remote user monitoring (EUM/RUM) solution that is activated when the user has requested it, or an event (conditions of which are set by a user) occurs that triggers activation of the EUM/RUM solution. This EUM/RUM may be completely integrated into an enterprise IT Help Desk system, whereby support “tickets” are automatically generated when the monitoring solution is instantiated.