CyberArk Software Ltd.
Detecting and actively resolving security policy conflicts

Abstract:

Disclosed embodiments relate to systems and methods for identifying inconsistencies between network security applications. Techniques include identifying a plurality of network security applications, each having a corresponding network security policy; determining that at least one of the plurality of network security applications has a corresponding network security policy that does not comply with a normalization model; implementing the network security policy that does not comply with the normalization model on an endpoint computing resource; determining a result of the implementing with respect to a requested action on the endpoint computing resource; identifying, based on the result of the implementing, at least one inconsistency between how the plurality of network security applications address the requested action; and performing, based on the identifying of the inconsistency, at least one of: generating a report identifying the inconsistency, or reconciling the identified inconsistency.