Abstract: Techniques are disclosed relating to authenticating a client computer system to a server computer system. In some embodiments, a client computer system sends, to a server computer system, authentication information for an initial access request for one or more resources. This information may include authentication credentials and attributes that collectively identify the client computer system. In some embodiments, the client computer system receives, from the server computer system, an authentication response that indicates an initial authentication of the client computer system. In some embodiments, the authentication response includes a cryptographic key. While the initial authentication is valid, in some embodiments, the client computer system repeatedly re-authenticates for subsequent access requests. Each of the subsequent access request may include a single-use password generated using a cryptographic key and the attributes of the client computer system.

Abstract: Techniques are disclosed relating to user authentication based on password-specific cryptographic keys. In some embodiments, a user device receives, from an authentication server, an authentication challenge that includes an item of challenge information. Further, in some embodiments, the user device receives user input indicative of a password and then performs a cryptographic function on the password to generate a password-specific cryptographic key. The computing device may access an initial seed value that was previously provided by the authentication server and generate an updated cryptographic key based on the initial seed value and the password-specific key. Further, in various embodiments, the user device generates authentication information based on the updated cryptographic key and the item of challenge information. The user device may then send an authentication response, including the authentication information, to the authentication server.

Abstract: Techniques are disclosed relating to authenticating a client computer system to a server computer system. In some embodiments, a client computer system sends, to a server computer system, authentication information for an initial access request for one or more resources. This information may include authentication credentials and attributes that collectively identify the client computer system. In some embodiments, the client computer system receives, from the server computer system, an authentication response that indicates an initial authentication of the client computer system. In some embodiments, the authentication response includes a cryptographic key. While the initial authentication is valid, in some embodiments, the client computer system repeatedly re-authenticates for subsequent access requests. Each of the subsequent access request may include a single-use password generated using a cryptographic key and the attributes of the client computer system.

Abstract: The invention relates to a system and method for customizing and storing workflow processes for use in remediation incidents such as security events. One aspect of the invention relates to providing tools to enable creation of customized workflow processes for event driven incident remediation, monitoring and analyzing system activity to identify occurrence of incidents, assigning a workflow process to an incident, applying the assigned workflow process to remediate the incident, and tracking and graphically displaying the status of the workflow process, among other things.

Abstract: Techniques for secure debugging and monitoring are presented. An end user requests a secure token for logging information with a remote service. A secure monitoring and debugging token service provides the secure token. The remote service validates the secure token and configures itself for capturing information and reporting the captured information based on the secure token.

Abstract: Techniques for secure debugging and monitoring are presented. An end user requests a secure token for logging information with a remote service. A secure monitoring and debugging token service provides the secure token. The remote service validates the secure token and configures itself for capturing information and reporting the captured information based on the secure token.

Abstract: The invention relates to a system and method for customizing and storing workflow processes for use in remediation incidents such as security events. One aspect of the invention relates to providing tools to enable creation of customized workflow processes for event driven incident remediation, monitoring and analyzing system activity to identify occurrence of incidents, assigning a workflow process to an incident, applying the assigned workflow process to remediate the incident, and tracking and graphically displaying the status of the workflow process, among other things.

Abstract: Techniques for secure debugging and monitoring are presented. An end user requests a secure token for logging information with a remote service. A secure monitoring and debugging token service provides the secure token. The remote service validates the secure token and configures itself for capturing information and reporting the captured information based on the secure token.

Abstract: The invention relates to a system and method for customizing and storing workflow processes for use in remediation incidents such as security events. One aspect of the invention relates to providing tools to enable creation of customized workflow processes for event driven incident remediation, monitoring and analyzing system activity to identify occurrence of incidents, assigning a workflow process to an incident, applying the assigned workflow process to remediate the incident, and tracking and graphically displaying the status of the workflow process, among other things.

Abstract: Techniques for privileged network routing are provided. As traffic is received at a gateway of a network backbone provider environment it is interrogated for predefined criteria. If the traffic satisfies the predefined criteria, then the information is routed within the network backbone provider environment to use a set of reserved and restricted resources to provide premium service for the traffic being routed through the network backbone provider environment.

Abstract: Techniques for secure debugging and monitoring are presented. An end user requests a secure token for logging information with a remote service. A secure monitoring and debugging token service provides the secure token. The remote service validates the secure token and configures itself for capturing information and reporting the captured information based on the secure token.

Abstract: Techniques for secure debugging and monitoring are presented. An end user requests a secure token for logging information with a remote service. A secure monitoring and debugging token service provides the secure token. The remote service validates the secure token and configures itself for capturing information and reporting the captured information based on the secure token.

Abstract: The system and method described herein relates to managing multiple network device connections, collecting event source data from one or more network devices with one or more collectors, filtering the event source data, continuously monitoring the network device connections, controlling raw data collection from the one or more network devices, parsing the event source data into normalized data structures, and managing configurations for the collectors, among other things. Event sources may be physical or logical network devices distributed across a network, including but not limited to, firewalls, routers, biometric devices, mainframes, databases, and applications. The network devices may be sources from which the collectors may receive or request the event source data.

Abstract: The system and method described herein relates to managing multiple network device connections, collecting event source data from one or more network devices with one or more collectors, filtering the event source data, continuously monitoring the network device connections, controlling raw data collection from the one or more network devices, parsing the event source data into normalized data structures, and managing configurations for the collectors, among other things. Event sources may be physical or logical network devices distributed across a network, including but not limited to, firewalls, routers, biometric devices, mainframes, databases, and applications. The network devices may be sources from which the collectors may receive or request the event source data.

Abstract: Techniques for privileged network routing are provided. As traffic is received at a gateway of a network backbone provider environment it is interrogated for predefined criteria. If the traffic satisfies the predefined criteria, then the information is routed within the network backbone provider environment to use a set of reserved and restricted resources to provide premium service for the traffic being routed through the network backbone provider environment.

Abstract: Techniques for secure debugging and monitoring are presented. An end user requests a secure token for logging information with a remote service. A secure monitoring and debugging token service provides the secure token. The remote service validates the secure token and configures itself for capturing information and reporting the captured information based on the secure token.

Abstract: Techniques for privileged network routing are provided. As traffic is received at a gateway of a network backbone provider environment it is interrogated for predefined criteria. If the traffic satisfies the predefined criteria, then the information is routed within the network backbone provider environment to use a set of reserved and restricted resources to provide premium service for the traffic being routed through the network backbone provider environment.

Abstract: Techniques for privileged network routing are provided. As traffic is received at a gateway of a network backbone provider environment it is interrogated for predefined criteria. If the traffic satisfies the predefined criteria, then the information is routed within the network backbone provider environment to use a set of reserved and restricted resources to provide premium service for the traffic being routed through the network backbone provider environment.

Abstract: A system for pluggable event correlation may include an input manager that receives a plurality of events and converts the events into a format compatible with one or more of a plurality of correlation engines. The correlation engines may then evaluate the converted events using various rules and generate correlated events when the evaluated events trigger at least one of the rules. An action manager may execute remedial actions when the correlation engines generate the correlated events. Moreover, extensibility may be provided by enabling a user to define rules to be triggered when events occur in a predetermined pattern, and actions to be executed when a predetermined rule triggers a correlated event. Further, to plug a new correlation engine into the system, adapters may be deployed to handle input and output, while the user-defined rules may be validating according to semantic requirements of the new correlation engine.

Abstract: The system and method described herein relates to managing multiple network device connections, collecting event source data from one or more network devices with one or more collectors, filtering the event source data, continuously monitoring the network device connections, controlling raw data collection from the one or more network devices, parsing the event source data into normalized data structures, and managing configurations for the collectors, among other things. Event sources may be physical or logical network devices distributed across a network, including but not limited to, firewalls, routers, biometric devices, mainframes, databases, and applications. The network devices may be sources from which the collectors may receive or request the event source data.