US Patent 11233815 Vulnerability remediation based on tenant specific policy

A method and system for policy driven vulnerability management of a network equipment of an enterprise. A plurality of routes delivers services to a plurality of end user devices. A plurality of vulnerabilities associated with an end user device and a plurality of policies associated with the plurality of vulnerabilities is identified by a mid-link server. Remediation for the plurality of vulnerabilities is determined based on the plurality of policies. The plurality of policies is based on a cloud service selected from the end user device, a tenant, and a role associated with the end user device. A route corresponding to the plurality of policies and the cloud service is identified. The remediation of the vulnerabilities is executed at the end user device or the mid-link server based on the plurality of policies. The cloud service is provided to the end user device via the route.