Computer-based policy manager for cloud-based unified functions

The technology discloses a computer-implemented policy manager device for a cloud-based security system that manages cloud-based unified functions of packet-level and protocol-level access control and traffic inspection, threat detection and activity contextualization on inspectable and non-inspectable traffic. Packet-level access control inspects packet headers for malformation, protocol-level access control performs deep packet inspection for malicious signatures, threat detection determines whether traffic in an HTTP/S stream as directed to a threat destination, and activity contextualization recognizes whether an activity in an HTTP/S stream accessing a cloud-based application is a compromising activity. Policy manager for a superset of fields specifying security policies across the cloud-based unified functions includes common fields shared by the unified functions, specification receiver handles policy specifications in a common format for values of the common fields, and policy manager is configured to validate, save and distribute policy specifications applicable to respective functions among the cloud-based unified functions.