Abstract: The present invention describes an architecture for increasing the performance of blockchain using a virtual actor model to provide stateful RESful services that are highly scalable and responsive to events as they support publishing and/or subscribing to streaming messages and/or events. The architecture as described leverages established distributed design practices to achieve what would otherwise require costly resource intensive hardware.

Abstract: A system comprising a processor in electrical communication with a network and a non-transitory memory having instructions that, in response to an execution by the processor, cause the processor to monitor a routing information base (“RIB”) of the network, identify a change in the RIB, calculate a probability of suspiciousness of the change in the RIB, and classify the change in the RIB based on a continuum of trust are disclosed. Methods of managing routers are also disclosed.

Abstract: Network requests are made to download a data object for a display page with different time delays. Page load outcomes of the display page are determined. A criticality of downloading the data object with respect to the display page is determined using page load outcomes. Criticalities of data objects of the display page are used to generate a specific data object download order that prioritizes critical and/or blocking objects of the display page.

Abstract: There are provided systems and methods for a user-controlled session manager to provide remote disabling of session tokens. An online service provider, such as a user-controlled session manager, may provide service to manage sessions between user's devices and other online service provider platforms, such as login and use sessions that exchange messages and data. The session manager may receive hashed values of session IDs from the service providers hosting the sessions, which may be used to securely identify the sessions without compromising the session IDs to malicious parties. The session manager may provide a functionality to allow the user to view session statuses, as well as change their statuses to indicate that the sessions can be terminated. The session manager may update the status so that when the service provider pings the session manager for the status, the session's status is updated to be inactive.

Abstract: A security monitor monitors network communications at a loopback interface of a pod in the container system. The pod includes a service mesh proxy and an application container. The application container includes computer-readable instructions and is initiated via a container service and is isolated using operating system-level virtualization. The application container communicates with the service mesh proxy using the loopback interface. The security monitor extracts network address and port information from packet data in the network communications at the loopback interface. The security monitor determines one or more connection contexts of the network communications at the loopback interface, each connection context used to identify a network session of the application container with a remote application container.

Abstract: A method begins by receiving a data access request regarding a data object. The method continues by determining whether the data object is a primary data object. When the data object is the primary data object, the method continues by identifying one or more other data objects based on information associated with the data object. The method continues by sending a modified data object retrieval request regarding the data object and the one or more other data objects to a storage entity, where the modified data object retrieval request includes a modified header. The method continues by receiving a modified data object retrieval response from the storage entity that includes a modified response header and a modified response body that includes the primary data object and the one or more other data objects. The method continues by outputting the data object and the one or more other data objects.

Abstract: Embodiments of the present invention provide a Social Networking and video sharing platform for children and parents. A private video sharing system enables children to send and receive videos, comment on videos, and add friends who interact with the videos. The Social Networking platform disclosed herein provides parental drop-in features for enabling a parent account to “drop-in” to an associated child account to review the account activity and report any inappropriate, unwanted, or offensive behavior or media.

Abstract: Technology related to scheduling services on a platform including configurable computing resources is disclosed. In one example, a method includes scheduling a first service to execute on a computing node based on an availability of general-purpose computing resources at the computing node. The computing node can be selected from a plurality of computing nodes. Network traffic transiting the computing node can be analyzed during the execution of the first service to determine a hardware accelerator of the computing node is capable of assisting the execution of the first service. The hardware accelerator can be used to assist with the execution of the first service. A second service can be scheduled on the computing node based on the availability of the general-purpose computing resources and the usage of the hardware accelerator on the computing node.

Abstract: Computerized methods and systems reduce the false positive rate of Web Application Firewalls (WAFs), by operating automatically and utilizing system defined “trusted sources”.

Abstract: Methods and systems for configuring a common security policy for a plurality of nodes included within an enterprise network. Example methods can include grouping nodes within profiles based on IP address, in addition to concordance data. Additionally, nodes may be added to profiles based on a classification of the node being common to classifications of nodes within the profile. Still further, profiles may be grouped into a solution based at least in part on classification of the profile, in addition to grouping of profiles into solutions based on affinitization using concordance data. The methods described also include determining a common security policy to apply to each of the nodes within the profile.

Abstract: This application relates to apparatus and methods for identifying and remediating poor user experiences on computing devices. In some examples, a user speed determination device is configured to receive a content delivery request for delivery of content to a user device. The computing is also configured to obtain user identification data, obtain user device data and determine a user device speed based on the user identification data and the user device data. The computing device then sends a user device speed indicator to a content delivery device to cause the content delivery device to deliver remediated content to the user device when the user device speed is determined to be less than a predetermined speed threshold. The user identification data can include an IP address and the user device data can include user agent data, user connection data and user resource timing data.

Abstract: A trust-less system for sharing event information among autonomous nodes may include: a plurality of autonomous nodes, each of which creates an event related to a condition, a first ledger configured to collect and store a record of each event; a second ledger configured to store reputation information for the plurality of autonomous nodes; and a bookmaker module operable to determine a reward and a penalty for each event. The bookmaker module may be operable to modify the reputation information based on a status of the condition determined by subsequent events created by autonomous nodes where the subsequent events either validate or invalidate the condition.

Abstract: The technology described herein visibly depicts hidden message traits to help users determine whether an email is genuine or deceptive. The hidden message traits are revealed by identifying and changing attributes that keep the hidden traits from being displayed in a rendered message. Spam messages, phishing messages, and messages that include or link to malicious programs (e.g., malware, ransomware) are examples of unwanted messages that can harm a recipient. These messages often rely on deception to get past email filtering systems and to trick a user into acting on content in a message. The deception often involves including hidden traits in a message that fool an automated filtering system. The technology described herein shows the visible traits to a user by including them in the rendered version of the message.

Abstract: An approach is provided in which the approach locates a web services call in a set of software code that is executable on a computer system. The approach determines a cost to call a web service from the set of software code and displays both the cost of the web services call and at least a portion of the set of software code comprising the web services call on a display.

Abstract: Embodiments of the disclosure relate to proxying one or more email resources in transit to the client devices from the email services, removing one or more email attachments from the email resources, and encoding the stripped email attachments based at least in part on one or more cryptographic keys.

Abstract: Techniques for enabling fast user access to the desktop computing environment of a remote computer via a user device in response to notification of a change in the display screen of the remote computer. The techniques include specifying an area of the display screen, setting a policy for determining whether to notify a subscribed user of a change within the specified display screen area, generating a notification packet containing information for validating the subscribed user and establishing a connection to the remote computer, encrypting the notification packet, sending or pushing the notification packet to the user device of the subscribed user, decrypting the notification packet, extracting the information for validating the subscribed user and establishing the connection from the notification packet, and constructing and rendering an image of a shortcut icon on a display of the user device for providing fast user access to the remote computer desktop computing environment.

Abstract: Classification management is disclosed, including: obtaining, via a user interface, mappings of stored elements to a plurality of classifications, wherein the mappings include prescribed security attributes corresponding to the plurality of classifications; obtaining, via the user interface, a policy that includes identifying information associated with a set of actors and a specified at least portion of the plurality of classifications; comparing a set of configured security attributes associated with the set of actors to at least a portion of the prescribed security attributes corresponding to the specified at least portion of the plurality of classifications; and outputting information pertaining to a set of discrepancies determined based at least in part on the comparison.

Abstract: An attachment to an e-mail message received at an e-mail gateway is scanned by a scan server and then is converted into an HTML file. The HTML file includes preview data of the attachment (minus any macro scripts), the entire original data of the attachment, scan functionality enabling a user to send the attachment back to a scan server for a second scan, or extract functionality enabling a user to extract the original attachment data for saving or opening in an application. The recipient is able to open or save the attachment directly if he or she believes it comes from a trusted sender. If the attachment seems suspicious, the recipient previews the attachment first before performing a scan, opening the attachment or deleting it. The recipient performs a scan of the attachment by clicking a “scan” button to send the attachment to a backend server for a second scan where an updated virus pattern file may be available to detect any zero-day malware.

Abstract: The present disclosure relates to a method for tamper-proof storage of data of a field device operated by means of automation technology, wherein the field device comprises a sensor and/or actuator and an electronic unit, the field device generating data. The method comprises steps of creating at least one transaction containing generated data of the field device and storing the transaction in a data block of Blockchain technology comprising a data field containing stored transactions and a hash value. The method also includes steps of linking the data block to previously created data blocks, storing the data block in a service platform and creating and storing a security data block in the service platform.

Abstract: Disclosed are computer-implemented methods for ranking importance of assets of an entity, in which the assets can include hosts and/or IP addresses associated with the entity. The exemplary methods can include receiving datasets from one or more sources indicating frequency of system access, system configuration, and/or application configuration. The methods can include determining one or more input data based on the datasets. The methods can include determining, for each host and/or IP address associated with the entity, an importance ranking based on the input data. In some examples, the importance ranking may be based on a weighting of two or more input data.