US Patent 12063255 Security group differencing utility to assess changes and adoption risks

Embodiments disclosed are directed to a computing system that performs steps for providing security group differencing for applications stored in a cloud-based computing environment. The computing system receives a request to update an application stored in a cloud-based computing environment from a first version of the application to a second version of the application. The computing system identifies a first set of security group rules for the first version of the application and a second set of security group rules for the second version of the application. The computing system determines security group differencing data based on the first set of security group rules and the second set of security group rules. Subsequently, the computing system determines a security score based on the security group differencing data and provisions an adoption rule based on a comparison between the security score and a predetermined security score threshold.