Abstract: Systems and methods may simulate traffic to identify malicious activity. A dynamic analysis system comprising a processor in communication with a network may receive a copy of a malware program and load the copy of the malware program into a simulated endpoint. The system may monitor simulated endpoint network traffic to or from the simulated endpoint, assess the simulated endpoint network traffic to determine a source and/or destination for the simulated endpoint network traffic and/or content of the simulated endpoint network traffic, and capture and store metadata associated with the simulated endpoint network traffic. A comparison system may compare simulated network traffic metadata to observed network traffic metadata to determine whether the metadata are statistically similar. When the metadata are not statistically similar, the system may generate a low infection confidence score. When the metadata are statistically similar, the system may generate a high infection confidence score.

Abstract: Systems and methods of classifying network traffic may monitor network traffic. Monitored traffic may be compared with a control protocol template (CPT). When a similarity between the monitored traffic and the CPT exceeds a match threshold, the monitored traffic may be associated with the CPT.

Abstract: Systems and methods may determine suspicious network traffic. A monitoring system comprising a processor in communication with a network may monitor network traffic to or from an asset associated with the network. The monitoring system may assess the network traffic to determine a source and/or destination for the network traffic anchor content of the network traffic. The monitoring system may determine whether the network traffic is suspicious network traffic based on the assessed source and/or destination and/or content. When the network traffic is determined to be suspicious network traffic, the monitoring system may capture metadata associated with the suspicious network traffic and store the metadata in a database in communication with the processor. When the network traffic is not determined to be suspicious network traffic, the monitoring system may disregard metadata associated with the network traffic.

Abstract: Systems and methods of classifying network traffic may monitor network traffic. Monitored traffic may be compared with a control protocol template (CPT). When a similarity between the monitored traffic and the CPT exceeds a match threshold, the monitored traffic may be associated with the CPT.

Abstract: Systems and methods may use historical analysis to identify malicious activity. A discovery/recovery system may comprise a processor in communication with a network and in communication with a database. The discovery/recovery system may gather filtered historical network data associated with an asset associated with the network. The discovery/recovery system may analyze the filtered historical network data to determine whether a subset of the filtered historical network data is associated with a malware infection of the asset.

Abstract: Systems and methods of classifying network traffic may monitor network traffic. Monitored traffic may be compared with a control protocol template (CPT). When a similarity between the monitored traffic and the CPT exceeds a match threshold, the monitored traffic may be associated with the CPT.

Abstract: Systems and methods may use automation discovery to identify malicious activity. An automation discovery system comprising a processor in communication with a network and in communication with a database may receive potentially automated network traffic data. The system may analyze the potentially automated network traffic data to determine whether the potentially automated network traffic data is likely to be automated. When the potentially automated network traffic data is not likely to be automated, the system may generate a low automation confidence score associated with the potentially automated network traffic data. When the potentially automated network traffic data is likely to be automated, the system may generate a high automation confidence score associated with the potentially automated network traffic data.

Abstract: A method of managing risk associated with at least one compromised network asset, comprising: performing processing associated with receiving evidence regarding the at least one compromised network asset; performing processing associated with assessing at least one risk associated with the at least one compromised network asset; and/or performing processing associated with prioritizing at least two compromised network assets in order to determine how to respond to the at least one risk.

Abstract: The present invention relates to compounds of formula (I) wherein X, R, Y0, T0A, T0B have the meaning as cited in the description and the claims. Said compounds are useful as JAK inhibitors for the treatment or prophylaxis of immunological, inflammatory, autoimmune, allergic disorders, and immunologically-mediated diseases. The invention also relates to pharmaceutical compositions including said compounds and their use as medicaments.

Abstract: Systems and methods of classifying network traffic may monitor network traffic. Monitored traffic may be compared with a control protocol template (CPT). When a similarity between the monitored traffic and the CPT exceeds a match threshold, the monitored traffic may be associated with the CPT.

Abstract: Systems and methods may simulate traffic to identify malicious activity. A dynamic analysis system comprising a processor in communication with a network may receive a copy of a malware program and load the copy of the malware program into a simulated endpoint. The system may monitor simulated endpoint network traffic to or from the simulated endpoint, assess the simulated endpoint network traffic to determine a source and/or destination for the simulated endpoint network traffic and/or content of the simulated endpoint network traffic, and capture and store metadata associated with, the simulated endpoint network traffic. A comparison system may compare simulated network traffic metadata to observed network traffic metadata to determine whether the metadata are statistically similar. When the metadata are not statistically similar, the system may generate a low infection confidence score. When the metadata are statistically similar, the system may generate a high infection confidence score.

Abstract: Systems and methods may use automation discovery to identify malicious activity. An automation discovery system comprising a processor in communication with a network and in communication with a database may receive potentially automated network traffic data. The system may analyze the potentially automated network traffic data to determine whether the potentially automated network traffic data is likely to be automated. When the potentially automated network traffic data is not likely to be automated, the system may generate a low automation confidence score associated with the potentially automated network traffic data. When the potentially automated network traffic data is likely to be automated, the system may generate a high automation confidence score associated with the potentially automated network traffic data.

Abstract: Systems and methods may determine suspicious network traffic. A monitoring system comprising a processor in communication with a network may monitor network traffic to or from an asset associated with the network. The monitoring system may assess the network traffic to determine a source and/or destination for the network traffic anchor content of the network traffic. The monitoring system may determine whether the network traffic is suspicious network traffic based on the assessed source and/or destination and/or content. When the network traffic is determined to be suspicious network traffic, the monitoring system may capture metadata associated with the suspicious network traffic and store the metadata in a database in communication with the processor. When the network traffic is not determined to be suspicious network traffic, the monitoring system may disregard metadata associated with the network traffic.

Abstract: Systems and methods may use historical analysis to identify malicious activity. A discovery/recovery system may comprise a processor in communication with a network and in communication with a database. The discovery/recovery system may gather filtered historical network data associated with an asset associated with the network. The discovery/recovery system may analyze the filtered historical network data to determine whether a subset of the filtered historical network data is associated with a malware infection of the asset.

Abstract: The invention relates to compounds of formula (I) wherein R1, R2, R1a, R1b have the meaning as cited in the description and the claims. Said compounds are useful as JAK inhibitors for the treatment or prophylaxis of immunological, inflammatory, autoimmune, allergic disorders, and immunologically-mediated diseases. The invention also relates to pharmaceutical compositions including said compounds, the preparation of such compounds as well as the use as medicaments.

Abstract: The invention relates to compounds of formula (I) wherein X1 to X3, R, R2 to R7 and AA have the meaning as cited in the description and the claims. Said compounds are useful as JAK inhibitors for the treatment or prophylaxis of immunological, inflammatory, autoimmune, allergic disorders, and immunologically-mediated diseases. The invention also relates to pharmaceutical compositions including said compounds, the preparation of such compounds as well as the use as medicaments.

Abstract: A method of managing risk associated with at least one compromised network asset, comprising: performing processing associated with receiving evidence regarding the at least one compromised network asset; performing processing associated with assessing at least one risk associated with the at least one compromised network asset; and/or performing processing associated with prioritizing at least two compromised network assets in order to determine how to respond to the at least one risk.

Abstract: The invention relates to compounds of formula (I) wherein AA, R2 to R7 and X1 to X3 have the meaning as cited in the description and the claims. Said compounds are useful as selective inhibitors of JAK3 over JAK2 for the treatment or prophylaxis of immunological, inflammatory, autoimmune, allergic disorders, and immunologically-mediated diseases. The invention also relates to pharmaceutical compositions including said compounds, the preparation of such compounds as well as the use as medicaments.