Abstract: Systems and methods include providing virtual certification number (VCN) authorizations to an external entity by receiving a plurality of secure entity global authorizations comprising global VCN authorizations and global primary account number (PAN) authorizations, identifying the global VCN authorizations, identifying a subset of the global VCN authorizations, each of the subset of the global VCN authorizations corresponding to an external entity authorization, comparing the subset of global VCN authorizations to previously provided VCN authorizations, to identify an unsent VCN authorization, storing a transmittable unsent VCN authorization based on the unsent VCN authorization, providing an unsent authorization indication to the external entity, receiving, from the external entity, a request for the unsent VCN authorization based on providing the unsent authorization indication to the external entity, and providing the transmittable unsent VCN authorization to the external entity, based on storing the tran

Abstract: The present invention is directed to a method, apparatus and computer-readable medium for utilizing a shared computer system. The method includes receiving, by way of at least one interface, an access request associated with a potential user of a financial entity for access to a secure data processing center of a financial regulatory system, wherein the secure data processing center is configured to share information associated with specified financial activities. The method includes determining a classification of the potential user with respect to one or more potential or actual access rights to be associated with the potential user for accessing the secure data processing center. The determined classification of the potential user is that the potential user is an eligible user of the secure data processing center as defined by an accrediting organization of the financial regulatory system.

Abstract: User reputation regarding exposure of data objects in a cloud computing environment is determined. Behavioral information, which indicates behavior of a user for a cloud computing environment corresponding to one or more data objects in the cloud computing environment that are associated with the user, is analyzed. Based on analyzing the behavior information, a plurality of characteristics for the user that indicate exposure of the data object(s) associated with the user is determined. Each of the plurality of characteristics reflects the behavior of the user pertaining to the one or more data objects. Based on compliance of the plurality of characteristics with corresponding ones of a plurality of rules, a reputation of the user for exposing data objects in the cloud computing environment is determined. The reputation of the user is indicated to an entity with which the user is associated.

Abstract: A computer program component configured to collect configuration item data from information technology resources of an air-gapped network for an information technology configuration management database is provided. Configuration item data collected from the information technology resources of the air-gapped network is obtained using the provided computer program component, wherein the obtained configuration item data is physically transferred between a device within the air-gapped network and a device outside the air-gapped network at least in part via a portable physical storage medium, and the collected configuration item data has been reviewed and filtered within the air-gapped network prior to being physically transferred via the portable physical storage medium. The obtained configuration item data is imported to the information technology configuration management database outside the air-gapped network.

Abstract: Churn-aware training of a classifier which reduces the difference between predictions of two different models, such as a prior generation of a classification model and a subsequent generation. A second dataset of labelled data is scored on a prior generation of a classification model, wherein the prior generation was trained on a first dataset of labelled data. A subsequent generation of a classification model is trained with the second dataset of labelled data, wherein in training of the subsequent generation, weighting of at least some of the labelled data in the second dataset, such as labelled data threat yielded an incorrect classification, is adjusted based on the score of such labelled data in the prior generation.

Abstract: An over-the-air (OTA) upgrade method includes obtaining, by a server, a new version of encrypted data and an old version of encrypted data of system software applied to a mobile terminal, decrypting, by the server, the new version of encrypted data to obtain a new version of original data, decrypting, by the server, the old version of encrypted data to obtain an old version of original data, performing, by the server, differentiation on the new version of original data and the old version of original data to obtain differential data, generating, by the server, OTA data based on the differential data, and sending, by the first server, the OTA data to the mobile terminal.

Abstract: Aspects of the present disclosure are drawn to client device for use with a network controller and an external server, the network controller being configured to manage a wireless network, to change a critical parameter of the wireless network, to transmit a request for a one time password (OTP). The external server being configured to generate the OTP in response to the request for the OTP, to provide a notification of the OTP and to transmit the OTP to the network controller. The network controller being configured to additionally receive the OTP from the external server. The client device including a memory having a data structure stored therein, the data structure including a list of configurable critical parameters of the wireless network, and including a processor configured to execute instructions stored on the memory to cause the client device to receive a request to configure a configurable parameter of the wireless network.

Abstract: Exemplary embodiments include a method for managing user authentication credentials in relation to different types of core networks, CNs. The exemplary methods can include receiving (1010) a request to authenticate a user for access via a first CN, and determining (1020) that user authentication credentials are unavailable in relation to the first CN. The exemplary methods can also include sending (1030), to a translator function associated with a second CN that is different than the first CN, a request to provide user authentication credentials associated with the first CN. The exemplary methods can also include receiving (1040) user authentication credentials associated with the first CN and, based on the received user authentication credentials, authenticating (1050) the user for access via the first CN. Embodiments also include data management nodes configured to perform the exemplary methods, as well as complementary methods and nodes configured to perform such methods.

Abstract: Disclosed is a system for managing access to a plurality of remote digital platforms, wherein the system comprising a plurality of platform databases, wherein a given platform database is associated with a given remote digital platform and stores metadata related thereto, the system further comprising: a user device, wherein an existing user generates a user-request, and provides a remote digital platform identifier; an access-control database comprising information relating to roles and permissions associated with a plurality of users; a key-store database comprising private key associated with the plurality of users; and a server arrangement, the server arrangement: identifies a given remote digital platform server; obtains credentials from the existing user and verifies the credentials; determines roles and permissions associated with the existing user; retrieves a private key; verifies the private key with a public key stored at the given remote digital platform server; and enables a data communication ne

Abstract: An information processing apparatus includes a processor configured to control a display unit in such a manner that a first message, a second message, and storage-location candidate information are displayed on a screen of the display unit. The first message has been input and confirmed by an apparatus user or at least one different user. The apparatus user uses a terminal apparatus having the display unit. The second message has been input by the apparatus user and has not been confirmed. The storage-location candidate information indicates a storage location candidate of a file related to the first message or the second message.

Abstract: Systems, methods, and computer-readable storage media for protecting data. One system includes a readiness system configured to access entity data of an entity, determine a security posture of the entity based on the entity data, and model the security posture and a plurality of security objectives of the entity to generate a set of cybersecurity attributes of the entity. The system can further include a cybersecurity connection system configured to determine and provide, utilizing one or more protection parameters, a cybersecurity protection plan corresponding to a new cybersecurity attribute to protect the entity, wherein the cybersecurity protection plan is configured to be activated in response to an acceptance by the entity and an incident system configured to model a plurality of cybersecurity protection plans between the entity and a third-party.

Abstract: An example storage medium includes instructions that, when executed, cause a processor of a computing device to read, during start-up of the computing device, first configuration data from a first storage device of the computing device; read second configuration data from a second storage device of the computing device; determine that there is an inconsistency between the first configuration data and the second configuration data; check a tamper status of the computing device; based on the tamper status and the determination that there is an inconsistency between the first configuration data and the second configuration data: (i) clear a secure storage location of the computing device, the secure storage location storing data to access protected data; or (ii) replace the first configuration data on the first storage device of the computing device based on second data and continue the start-up of the computing device.

Abstract: A system and method for adapting one or more cybersecurity microservices to accelerate cybersecurity threat mitigation includes constructing a subscriber-specific data corpus comprising a plurality of distinct pieces of computing environment-informative data of a target subscriber; adapting a subscriber-agnostic microservice of the cybersecurity service to a subscriber-specific microservice, wherein: the subscriber-agnostic microservice includes a plurality of subscriber-agnostic cybersecurity event handling instructions, and adapting the subscriber-agnostic microservice to the subscriber-specific microservice includes generating a plurality of context-informed cybersecurity event handling instructions; augmenting the subscriber-agnostic microservice to include the plurality of context-informed cybersecurity event handling instructions; computing for a target cybersecurity event a subscriber-specific threat severity level based on one or more of the plurality of context-informed cybersecurity event handling i

Abstract: The disclosure is directed towards the detection of supply chain-related security threats to software applications. One method includes identifying differences between updated source code and previous source. The updated source code corresponds to an updated version of an application. The previous source code corresponds to a previous version of the application. A risk score is determined for the updated version. The risk score is based on a machine learning (ML) risk model. The ML risk model analyzes the differences between the updated source code and the previous source code. A value of the risk score corresponds to potential security threats that are associated with the updated version. The potential security threats are not associated with the previous version of the application. The risk score is provided to interested parties.

Abstract: An indication of a key generation function may be received from a server. A random value may be received based on a volatile memory of a device. A cryptographic key may be generated based on the key generation function from the server and the random value that is based on the volatile memory of the device. The cryptographic key may be stored at a non-volatile memory of the device.

Abstract: A device that is configured to receive user activity information that includes information about user interactions with a network device for a plurality of users. The device is further configured to input the user activity information into a first machine learning model that is configured to receive user activity information and to output a set of bad actor candidates based on the user activity information. The device is further configured to filter the user activity information based on the set of bad actor candidates. The device is further configured to input the filtered user activity information into a second machine learning model that is configured to receive the filtered user activity information and to output system exposure information that identifies network security threats. The device is further configured to identify network security actions based on the network security threats and to execute the network security actions.

Abstract: Provided in the embodiments of the present application is a blockchain hybrid consensus-based system for maintaining domain name information. A gTLD blockchain is formed by first network nodes where international generic top-level domain registries are located, and a ccTLD blockchain is formed by second network nodes where various countries codes top-level domain registries are located. In each blockchain, various network nodes of the blockchain participate in the domain name information update process, so that the domain name information update process will not be affected by a mistake or an attack on one network node. Compared to centralized maintenance methods, this decentralized maintenance method is more secure and is beneficial to maintaining the stability of the system.

Abstract: Attacks on a network device, e.g. an IoT device, are detected by analyzing network traffic and subsequently quarantining or blocking the network device on the network to prevent lateral movement of malware. The techniques described herein relate to developing a baseline of network device activity corresponding with a network device during a learning period and comparing the baseline of network device activity with new network activity by the network device in order to identify potentially unusual network device activity by the network device. If unusual network activity is found, remedial actions such as quarantining the network device or restricting some access to a network may be initiated.

Abstract: Systems and methods for improving security event classification by leveraging user-behavior analytics are provided. According to an embodiment, a UEBA-based security event classification service of a cloud-based security platform maintains information regarding historical user behavior of various users of an enterprise network. An endpoint protection platform running on an endpoint device that is part of the enterprise network performs an initial classification of the event, based on which the endpoint protection platform blocks activity by the process. The endpoint production platform requests input from the cloud-based security platform which causes the cloud-based security platform performs a reclassification of the event based on contextual information, multiple data feeds and the UEBA-based security event classification service.

Abstract: A method for accessing cloud resources via a local application development environment on a computing device. The method includes invoking an access management client at the computing device; obtaining an account identifier associated with a user account and communicating the account identifier to an identity platform; receiving an authentication message from the identity platform in response to the identity platform validating the account identifier, the authentication message comprising a role identifier; communicating the authentication message to the cloud platform; receiving security credentials associated with the role identifier from the cloud platform in response to the cloud platform validating the authentication message and the associated role identifier; setting a variable in the local development environment based on the received security credentials for use by the local development environment to request access to one or more resources maintained by the cloud platform.