US Patent 9952790 Application security policy actions based on security profile exchange

In one embodiment, a method includes receiving, at a first host, a security profile related to a first data socket descriptor indicating risk to data security of a second host. The method also includes, in response to the risk indicated by the security profile, performing by the first host, at least one action selected from a group of actions. The group of actions includes a cache flush on a cache of the first host according to a cache flush policy, cache locking on data stored in the cache of the first host, data redaction on data of a payload prior to being sent by the first host, memory locking of data stored in an in-memory database of the first host, and encryption of data stored in the in-memory database of the first host or encryption of selected data fields of a payload prior to being sent from the first host.