Abstract: Among other things, we describe techniques for encoding data that is included in electronic communications. In one aspect, a first electronic communication system sends, to an entity, a first email message that includes a Message-ID field including data that identifies an action to be carried out by a second electronic communication system. The first electronic communication system receives, from the entity, a second email message that includes an In-Reply-To field containing the data that identifies the action to be carried out by the second electronic communication system. The first electronic communication extracts the data from the In-Reply-To field in a message header of the first electronic communication. The second electronic communication system may be the same as the first electronic communication system, or may be an electronic communication system other than the first electronic communication system.

Abstract: The invention is related to security systems and methods for proactively informing a user about an artifact associated with a clickable object on a user interface with which the user is interacting, where such information is provided to the user prior to selection of the clickable object. The information includes a safety assessment of the clickable object, details about the underlying artifact, such as the contents of an archive file, and general information helpful in assisting the user with making a decision as to whether to select the clickable object.

Abstract: In various exemplary embodiments, a security continuity system allows users to continue accessing certain user accounts (e.g., email, calendar, contacts, documents, instant messaging, cloud storage, etc.) through alternate logon identity credentials that are automatically provisioned such as when a security event is detected or suspected. The alternate logon identity credentials may be temporary (e.g., just used during security continuity until the original user logon identity credentials can be secured such as by establishing a new password or by having the user select a new logon identity) or permanent (e.g., the alternate logon identity can become the user's new logon identity). Security continuity may be invoked manually (e.g., by the user or by an administrator) or automatically when certain conditions are detected (e.g., through detection of suspicious activities such as repeated user lockouts due to multiple failed logon attempts or upon detection of a successful breach by an attacker).

Abstract: Among other things, we describe techniques for encoding data that is included in electronic communications. In one aspect, a first electronic communication system sends, to an entity, a first email message that includes a Message-ID field including data that identifies an action to be carried out by a second electronic communication system. The first electronic communication system receives, from the entity, a second email message that includes an In-Reply-To field containing the data that identifies the action to be carried out by the second electronic communication system. The first electronic communication extracts the data from the In-Reply-To field in a message header of the first electronic communication. The second electronic communication system may be the same as the first electronic communication system, or may be an electronic communication system other than the first electronic communication system.

Abstract: The invention is a security system providing domain name authentication for intrusion and malware prevention. The system is configured to analyze domain names, specifically analyze network metadata associated with said domain names, and further identify domain names attempting to impersonate or spoof domain names associated with a trusted entity or party.

Abstract: The invention is related to security systems and methods for proactively informing a user about an artifact associated with a clickable object on a user interface with which the user is interacting, where such information is provided to the user prior to selection of the clickable object. The information includes a safety assessment of the clickable object, details about the underlying artifact, such as the contents of an archive file, and general information helpful in assisting the user with making a decision as to whether to select the clickable object.

Abstract: The present disclosure relates generally to the field of data processing and electronic messaging systems, and, more particularly, to systems and methods for mediating a user's access to a resource to thereby prevent potential security breaches, including phishing and impersonation, malware, and security issues, particularly with respect to websites and electronic communications.

Abstract: A system that transforms electronic messages into annotated messages that include contextual information to aid a recipient in utilizing the electronic message, understanding its meaning, and responding to the message. Annotations are additions or modifications to the original message with contextual information that is related to the features and contents of the original message. Message features are extracted and used to search one or more sources of contextual information. Relevant items are retrieved and added to the message, for example as attachments, hyperlinks, or inline notes. Machine learning techniques may be used to generate or refine modules for feature extraction and information selection. Feedback components may be used to track the usage and value of annotations, in order to iteratively improve the annotation system.

Abstract: Virtually every online account requires login credentials like username and password for access. Using different credentials for each account can reduce the likelihood of unauthorized access to these accounts. Remembering all the different credentials, however, can be a challenge and it is not uncommon for a user to mistakenly provide credentials to a site that are for another, sensitive site. Accordingly, a system for warning a user of such an error is provided. The system includes a browser plugin that responds to a user entering their credentials at a requesting site by looking up an identifier of a trusted site associated with the user's credentials. The identifiers of the requesting and trusted sites are compared, and if they do not match, the browser plugin blocks the user from submitting their credentials to the requesting site. Advantageously, the system reduces the likelihood that credentials to sensitive accounts are provided by accident.

Abstract: The present disclosure relates generally to computer security and human-computer interaction, and, more particularly, to systems and methods for providing improved user authentication and verification techniques by way of credential-less or near credential-less user input.

Abstract: Among other things, we describe techniques for receiving a list of artifacts that are stored in an archive and are responsive to a search query issued by an entity. A set of artifacts are identified that each have a permission attribute indicating that the respective artifact is accessible to the entity when the respective artifact is responsive, above a threshold responsiveness value, to the search query issued by the entity.

Abstract: Among other things, we describe techniques for encoding data that is included in electronic communications. In one aspect, a first electronic communication system sends, to an entity, a first email message that includes a Message-ID field including data that identifies an action to be carried out by a second electronic communication system. The first electronic communication system receives, from the entity, a second email message that includes an In-Reply-To field containing the data that identifies the action to be carried out by the second electronic communication system. The first electronic communication extracts the data from the In-Reply-To field in a message header of the first electronic communication. The second electronic communication system may be the same as the first electronic communication system, or may be an electronic communication system other than the first electronic communication system.

Abstract: The invention is related to security systems and methods for proactively informing a user about an artifact associated with a clickable object on a user interface with which the user is interacting, where such information is provided to the user prior to selection of the clickable object. The information includes a safety assessment of the clickable object, details about the underlying artifact, such as the contents of an archive file, and general information helpful in assisting the user with making a decision as to whether to select the clickable object.

Abstract: The present disclosure relates generally to computer security and human-computer interaction, and, more particularly, to systems and methods for providing improved user authentication and verification techniques by way of credential-less or near credential-less user input.

Abstract: Today's user is facing an ever increasing number of cyber threats from infectious software to scam artist phishing for their passwords and other personal information. Accordingly, a technique is provided to mediate a user's access to electronic resources, which can include malware and sites that trick the user into giving their password. Based on information known about the resource at the time the user accesses it, the technique can warn the user that the resources is suspicious and it is not safe to provide their password. Even if the resource is safe, the technique can warn the user not reuse their password, thereby promoting good password hygiene.

Abstract: Among other things, in an aspect, a method includes receiving an indication of a condition at a first component of a computer system. The method also includes performing a search of one or more archives that identifies, among artifacts of at least one of the archives, information relevant to the condition. The method also includes displaying, in a user interface, information determined based on at least one of the artifacts in association with a visual representation indication of the condition.

Abstract: Among other things, an aspect includes a data storage system associated with a provider entity and storing data on behalf of a client entity, the data being accessible from the data storage system by the client entity, a data interface enabling access by the provider entity to the data of the data storage system, and an analysis engine maintained by the provider entity to, at times determined by the analysis engine, access the data using the data interface, analyze the data, and generate results of the analysis for use by the client entity.

Abstract: Virtually every online account requires login credentials like username and password for access. Using different credentials for each account can reduce the likelihood of unauthorized access to these accounts. Remembering all the different credentials, however, can be a challenge and it is not uncommon for a user to mistakenly provide credentials to a site that are for another, sensitive site. Accordingly, a system for warning a user of such an error is provided. The system includes a browser plugin that responds to a user entering their credentials at a requesting site by looking up an identifier of a trusted site associated with the user's credentials. The identifiers of the requesting and trusted sites are compared, and if they do not match, the browser plugin blocks the user from submitting their credentials to the requesting site. Advantageously, the system reduces the likelihood that credentials to sensitive accounts are provided by accident.

Abstract: Among other things, we describe identifying, in first data available to a first user and not available to a second user, and in second data available to the second user not available to the first user, data pertaining to a common topic, and enabling the first user and the second user to communicate about the common topic based on the identification.

Abstract: Among other things, at a client computer system in communication with a computer network, a request object is generated that includes logic to control the handling of requests. At least one of the requests depends on (for example, simply by being part of a sequence) a result of at least one of the other of the requests. The request object is sent to a server computer system that is in communication with the computer network. A response object is received that includes results of at least some of the requests.