Patent attributes
The techniques described herein related to methods, apparatuses, and computer readable media configured to provide automatic mitigation of security threats. The automatic mitigation includes monitoring network switch traffic that is associated with a port of the network switch, a MAC address of a connected device, or both. Based on a set of switch traffic rules, it is determined whether the network switch traffic is indicative of a potential network security threat. When is indicative of a potential network security threat, the network switch traffic associated with the port of the network switch, the MAC address of the device, or both, is restricted. Identification information for a user associated with the port of the network switch is provided to an authentication process that the user associated with the port may access. Upon receiving a valid authentication from the authentication process, derestricting the network switch traffic associated with the port.