Abstract: Methods, systems, and computer program products for content management systems. Multiple components are operatively interconnected to carry out operations for content management systems. A security threat management facility (STMF) is identified. The STMF contains a database of threat assessment values in addition to further information pertaining to one or more users. Concurrent with operation of the STMF, a content management system (CMS) tracks user-initiated content object interaction events. Based on analysis of the tracked user-initiated content object interaction events, a further threat assessment value is generated by the CMS. Such a further threat assessment is determined based on one or more user-to-user relationships or one or more user-to-file relationships as determined at the content management system. An augmented threat assessment is formed using both the threat assessment values of the STMF with the further threat assessment value from the CMS.

Abstract: Methods, systems, and computer program products for content management systems. Multiple components are operatively interconnected to carry out operations for content management systems. Content objects of a content management system (CMS) are managed from original creation through to final disposition (e.g., deletion). The CMS communicates with a security threat management facility (STMF). In operation, the STMF establishes a first set of security parameters corresponding to information derived from packet inspection, whereas the CMS establishes a second set of security parameters corresponding to information derived at least in part by analysis of user activities or contents of the content object. A security perimeter is formed by combining the first set of security parameters and a second set of security parameters. Risks or vulnerabilities corresponding to the content object are minimized by choosing the lower of any two compared parameters to define a lower risk perimeter for the content object.

Abstract: Methods, systems, and computer program products for content management systems. Multiple components are operatively interconnected to carry out operations for establishing a user device trust level. A content management system facilitates interactions between a plurality of user devices and a plurality of shared content objects. The plurality of user devices are network connected to the content management system. One of the user devices issues a request to access a particular one of the content objects. Responsive to the request, a two-step device check is performed before granting access to the particular one of the content objects. A first step of the two-step device check process is based on environmental information, and a second step of the two-step device check process is based at least in part on analysis of the content of the particular one of the content objects. The actual bits of the content object itself are inspected.