Abstract: In one embodiment, a device instruments an application to generate OpenTelemetry trace data during execution of the application. The device identifies, based on where the application was instrumented, a particular method of the application. The device determines that a circuit breaker should be inserted for the particular method of the application. The device inserts a circuit breaker for the particular method.

Abstract: A method, computer system, and computer program product are provided for peer risk benchmarking. Customer data for a first network is obtained, wherein the customer data comprises a role of one or more network devices in the first network and a plurality of risk reports corresponding to the one or more network devices, and wherein each risk report is associated with a particular dimension of a plurality of dimensions of risk for the one or more network devices. A network profile image is generated by processing the plurality of risk reports. A generative adversarial network generates a synthetic network profile image from the network profile image, wherein the synthetic network profile image does not include the customer data. A second network is evaluated using the synthetic network profile image to identify differences between the first network and the second network.

Abstract: Systems and methods provide for performing performance analytics processing of network traffic by copying packets of network traffic to a switch CPU based on a flag. The systems and methods disclosing receiving network traffic comprising one or more packet, generating a network traffic flow record associated with the received network traffic, the network traffic flow record including a copy-to-CPU bit and one or more function flag bits, setting the copy-to-CPU bit to an on configuration, processing the one or more packets by one or more functions to generate network flow analytics, wherein the one or more function flag bits are set in response to the one or more functions generating network flow analytics, and setting the copy-to-CPU bit to an off configuration.

Abstract: The present technology pertains to increasing security of devices that leverages an integration of an authentication system with at least one corporate service. The present technology includes receiving a request from a user device to authenticate a person as a particular user by the authentication system. The present technology also includes capturing a photo of the person attempting to be authenticated as the particular user. The present technology also includes mapping nodal points to the captured photo of the person attempting to be authenticated as the particular user to a device or service. The present technology also includes comparing the nodal points from the photo against a reference model for facial recognition of the particular user. The present technology also includes determining that the nodal points do not sufficiently match the reference model for the particular user.

Abstract: Methods and apparatuses for prioritizing transactions are disclosed. An example method of an application performance monitor (APM) comprises intercepting a first packet being transmitted in a network that is monitored by the APM; determining that the first packet is associated with a transaction of the web application that is to be provided with an alternate level of service; modifying a field in the first packet to include metadata interpretable by at least one network device in the network to cause the at least one network device to provide the alternate level of service; and injecting the first packet into the network. The APM may cause network devices to prioritize a specific transaction of an application based on importance.

Abstract: According to one or more embodiments of the disclosure, the techniques herein are directed toward a dynamic transaction-aware web application authentication using call intercepts. In one embodiment, a method comprises: intercepting, by a monitoring process, calls made for transactions within an executing application; determining, by the monitoring process, whether a particular intercepted call triggers an enhanced user authentication requirement for a particular transaction; initiating, by the monitoring process in response to the particular intercepted call triggering the enhanced user authentication requirement, a corresponding challenge to adequately authenticate a user for the particular transaction; and allowing, by the monitoring process, the particular intercepted call to proceed for the particular transaction in response to an adequately authenticated user for the particular transaction.

Abstract: According to one or more embodiments of the disclosure, a service identifies a packet sent by a first device in a network to a second device as being of a particular protocol. The service identifies a control command within the packet for the second device, based in part on the particular protocol identified for the packet. The service determines, based on the control command within the packet, a quality of service policy for the packet. The service causes the quality of service policy to be applied to the packet along a path in the network via which the packet is sent from the first device to the second device.

Abstract: The present technology includes applying a security policy by an application security system to a transaction within an application that is monitored by the application security system. The present technology includes monitoring transaction occurring between a client device an application over a network. The present technology also includes identifying a first transaction from the transactions as a sensitive transaction. The sensitive transaction is associated with an authentication policy requiring an authentication. The present technology also includes interrupting the application. The present technology also includes prompting the client device for the authentication.

Abstract: A method relates to providing arbitrary and custom application traffic generation on network devices. The method includes identifying, via a network controller, an application associated with a network to yield an identified application, spinning up, by the network controller, a traffic generator in a container on a network device, wherein the traffic generator is configured to emulate traffic associated with the network device and the identified application and monitoring performance of at least one of the identified application in the network and the traffic generator on the network device.

Abstract: Disclosed are methods, systems, and non-transitory computer-readable media for utilizes a collaboration application to provide data beneficial to the authentication of the user. The present application discloses receiving at least one item of personal identifying information for a user from a primary multi-factor authentication device. The present application further discloses receiving at least one item of personal identifying information for a user from a conferencing service in which the user is engaged in a conference. The present application also discloses determining whether to authenticate the user based on the items of personal identifying information from the primary multi-factor authentication device and from the conferencing service.

Abstract: Disclosed are methods, systems, and non-transitory computer-readable media for determining a trust score associated with a user, comprising detecting entities near a user device operated by the user; calculating the trust score for the user based on a policy that incorporates data about the entities near the user device, the trust score being a score that is indicative of a trust worthiness of data received from the user device, wherein trusted entities near the user device result in an increased trust score, and untrusted entities near the user device result in a decreased trust score; and permitting access to a resource when the trust score is above a threshold.

Abstract: Disclosed are methods, systems, and non-transitory computer-readable media for detecting a presentation attack in a biometric factor domain, such as a multi-factor authentication environment. The methods, systems, and non-transitory computer-readable media comprise analyzing data relevant to a plurality of factors for evaluating whether an authentication attempt by a user is subject to the presentation attack and determining that the authentication attempt is subject to the presentation attack based on analysis of the data from the plurality of factors. The methods, systems, and non-transitory computer-readable media can detect a presentation attack even when the authentication attempt is successful.

Abstract: A method, computer system, and computer program product are provided for peer risk benchmarking. Customer data for a first network is obtained, wherein the customer data comprises a role of one or more network devices in the first network and a plurality of risk reports corresponding to the one or more network devices, and wherein each risk report is associated with a particular dimension of a plurality of dimensions of risk for the one or more network devices. A network profile image is generated by processing the plurality of risk reports. A generative adversarial network generates a synthetic network profile image from the network profile image, wherein the synthetic network profile image does not include the customer data. A second network is evaluated using the synthetic network profile image to identify differences between the first network and the second network.

Abstract: A method, computer system, and computer program product are provided for peer risk benchmarking. Customer data for a first network is obtained, wherein the customer data comprises a role of one or more network devices in the first network and a plurality of risk reports corresponding to the one or more network devices, and wherein each risk report is associated with a particular dimension of a plurality of dimensions of risk for the one or more network devices. A network profile image is generated by processing the plurality of risk reports. A generative adversarial network generates a synthetic network profile image from the network profile image, wherein the synthetic network profile image does not include the customer data. A second network is evaluated using the synthetic network profile image to identify differences between the first network and the second network.

Abstract: A method, computer system, and computer program product are provided for peer risk benchmarking. Customer data for a first network is obtained, wherein the customer data comprises a role of one or more network devices in the first network and a plurality of risk reports corresponding to the one or more network devices, and wherein each risk report is associated with a particular dimension of a plurality of dimensions of risk for the one or more network devices. A network profile image is generated by processing the plurality of risk reports. A generative adversarial network generates a synthetic network profile image from the network profile image, wherein the synthetic network profile image does not include the customer data. A second network is evaluated using the synthetic network profile image to identify differences between the first network and the second network.

Abstract: Systems, methods, and computer-readable for determining performance metrics of a network include obtaining, from a network assurance system, one or more network performance metrics, the network performance metrics corresponding to execution of one or more applications in a network domain. An Application Performance Management (APM) system provides one or more applications performance metrics, the applications performance metrics corresponding to execution of the one or more applications in an applications domain. The one or more network performance metrics are integrated with the one or more applications performance metrics to determine integrated performance metrics for the one or more applications across the network domain and the applications domain.

Abstract: A method, computer system, and computer program product are provided for network risk analysis. A plurality of risk reports relating to a network device in a network are obtained, wherein each risk report is associated with a particular dimension of a plurality of dimensions of risk for the network device in the network. A count of the plurality of risk reports is determined for each dimension of the plurality of dimensions of risk. A regression model is applied to determine a risk value for the network device in the network based on the count of the plurality of risk reports for each dimension and based a role of the network device in the network.

Abstract: In an implementation, a method is provided. The method may include: receiving a sensor application by a network platform, the network platform comprising a processing module and a plurality of ports, and wherein a first portion of the processing module is allocated to an operating system of the network platform; allocating a second portion of the processing module to the sensor application by the network platform; executing the sensor application by the second portion of the processing module; emulating a port of the plurality of ports by the second portion of the processing module; and allowing the executed sensor application to interact with the operating system through the emulated port.

Abstract: Systems, methods, and computer-readable for determining performance metrics of a network include obtaining, from a network assurance system, one or more network performance metrics, the network performance metrics corresponding to execution of one or more applications in a network domain. An Application Performance Management (APM) system provides one or more applications performance metrics, the applications performance metrics corresponding to execution of the one or more applications in an applications domain. The one or more network performance metrics are integrated with the one or more applications performance metrics to determine integrated performance metrics for the one or more applications across the network domain and the applications domain.

Abstract: Wireless access point locations can be determined by processing a combination of wired and wireless telemetry. Wireless telemetry can be combined with backend network management information to isolate a set of access points within a radio frequency neighborhood cluster. Wired telemetry, including time domain reflectometer operations performed by a local switch, can be used to refine location estimates of the isolated set of access points. Trilateration can be used to pinpoint the access point locations and the pinpointed locations can be overlaid on a floor plan map.