Abstract: Computer system security is often implemented using rules-based systems (e.g., allow traffic to this network port, deny it for those network ports; user A is allowed access to these files, but not those files). In enterprises, multiple such systems may be deployed, but fail to be able to intelligently handle anomalies that may technically be permissible but in reality represents a high possibility that there is an underlying threat or problem. The present disclosure describes the ability to build adaptive models using machine learning techniques that integrate data from multiple different domains (e.g. user identity domain, system device domain) and allow for automated decision making and mitigation actions that can provide greater effectiveness than previous systems allowed.

Abstract: Techniques are disclosed relating to determining whether geographic locations of a user computing device satisfy a location consensus threshold. A computer system receives results of a plurality of location determination operations, each of which specifies a geographic location of a computing device initiating an action. The computer system then makes a determination whether the received results satisfy a consensus threshold as to geographic location of the computing device. In some embodiments, the determination is usable to select, from a plurality of sets of rules for different geographic regions, a particular set of rules for processing the action. In some cases, the particular set of rules is usable to determine whether to process the action. Such techniques may advantageously allow a processing system to understand how to process actions initiated by a computing device associated with different geographic locations.

Abstract: A method for phishing detection using uniform resource locators is discussed. The method includes accessing data from one or more of a monitored portion of website data and a monitored portion of emails, the data indicating a suspect Uniform Resource Locator (URL). The method includes assigning a rule score based on partial rule scores of each portion of the suspect URL, the rule score indicating a phishing potential based on URL rules. The method includes determining a uniqueness score of the suspect URL, the uniqueness score indicating a degree of uniqueness of the suspect URL from a plurality of known phishing URLs. The method also includes determining a URL phishing score based, at least in part, on the rules scores and the uniqueness score for the suspect URL.

Abstract: A method for using a malware and phishing detection and mediation platform is discussed. The method includes accessing data from one or more of a monitored portion of website data and a monitored portion of emails, the data indicating a respective potential malware or a suspect phishing element (e.g., Uniform Resource Locator (URL)). The method includes selecting one of a plurality of detection engines for processing the data, where the selecting is based on previous results of previous processing by one or more detection engines. Each of the plurality of detection engines can be for performing one or more respective investigation actions on the plurality of data to determine a particular issue with one of the monitored data. The method also includes determining a mediation action based on a result of processing of the detection engine and the previous processing.

Abstract: A method for phishing detection using certificates associated with uniform resource locators (URLs) is discussed. The method includes accessing certificate portions of a certificate associated with a suspect URL, the certificate accessed at a database that includes certificates obtained by monitoring certificate logs. The method includes accessing a URL score for the suspect URL. The method includes assigning a certificate rule score based on partial certificate scores of certificate portions, the certificate rule score indicating a phishing potential for the certificate, each of the partial certificate scores indicating a likelihood of phishing of each portion based on certificate rules. The method includes using a machine learning model based on the URL score and the certificate to determine a uniqueness certificate score. The method also includes determining a phishing certificate score based on the certificate rule score and the uniqueness certificate score for the certificate.

Abstract: Computer system security is often implemented using rules-based systems (e.g., allow traffic to this network port, deny it for those network ports; user A is allowed access to these files, but not those files). In enterprises, multiple such systems may be deployed, but fail to be able to intelligently handle anomalies that may technically be permissible but in reality represents a high possibility that there is an underlying threat or problem. The present disclosure describes the ability to build adaptive models using machine learning techniques that integrate data from multiple different domains (e.g. user identity domain, system device domain) and allow for automated decision making and mitigation actions that can provide greater effectiveness than previous systems allowed.

Abstract: Computer system security is often implemented using rules-based systems (e.g., allow traffic to this network port, deny it for those network ports; user A is allowed access to these files, but not those files). In enterprises, multiple such systems may be deployed, but fail to be able to intelligently handle anomalies that may technically be permissible but in reality represents a high possibility that there is an underlying threat or problem. The present disclosure describes the ability to build adaptive models using machine learning techniques that integrate data from multiple different domains (e.g. user identity domain, system device domain) and allow for automated decision making and mitigation actions that can provide greater effectiveness than previous systems allowed.

Abstract: A method for phishing detection using uniform resource locators is discussed. The method includes accessing data from one or more of a monitored portion of website data and a monitored portion of emails, the data indicating a suspect Uniform Resource Locator (URL). The method includes assigning a rule score based on partial rule scores of each portion of the suspect URL, the rule score indicating a phishing potential based on URL rules. The method includes determining a uniqueness score of the suspect URL, the uniqueness score indicating a degree of uniqueness of the suspect URL from a plurality of known phishing URLs. The method also includes determining a URL phishing score based, at least in part, on the rules scores and the uniqueness score for the suspect URL.

Abstract: Techniques are disclosed relating to determining whether geographic locations of a user computing device satisfy a location consensus threshold. A computer system receives results of a plurality of location determination operations, each of which specifies a geographic location of a computing device initiating an action. The computer system then makes a determination whether the received results satisfy a consensus threshold as to geographic location of the computing device. In some embodiments, the determination is usable to select, from a plurality of sets of rules for different geographic regions, a particular set of rules for processing the action. In some cases, the particular set of rules is usable to determine whether to process the action. Such techniques may advantageously allow a processing system to understand how to process actions initiated by a computing device associated with different geographic locations.

Abstract: A method for using a malware and phishing detection and mediation platform is discussed. The method includes accessing data from one or more of a monitored portion of website data and a monitored portion of emails, the data indicating a respective potential malware or a suspect phishing element (e.g., Uniform Resource Locator (URL)). The method includes selecting one of a plurality of detection engines for processing the data, where the selecting is based on previous results of previous processing by one or more detection engines. Each of the plurality of detection engines can be for performing one or more respective investigation actions on the plurality of data to determine a particular issue with one of the monitored data. The method also includes determining a mediation action based on a result of processing of the detection engine and the previous processing.

Abstract: A method for phishing detection using certificates associated with uniform resource locators (URLs) is discussed. The method includes accessing certificate portions of a certificate associated with a suspect URL, the certificate accessed at a database that includes certificates obtained by monitoring certificate logs. The method includes accessing a URL score for the suspect URL. The method includes assigning a certificate rule score based on partial certificate scores of certificate portions, the certificate rule score indicating a phishing potential for the certificate, each of the partial certificate scores indicating a likelihood of phishing of each portion based on certificate rules. The method includes using a machine learning model based on the URL score and the certificate to determine a uniqueness certificate score. The method also includes determining a phishing certificate score based on the certificate rule score and the uniqueness certificate score for the certificate.

Abstract: A method for phishing detection based on modeling of web page content is discussed. The method includes accessing suspect web page content of a suspect Uniform Resource Locator (URL). The method includes generating an exemplary model based on an exemplary configuration for an indicated domain associated with the suspect URL, where the exemplary model indicates structure and characteristics of an example web page of the indicated domain. The method includes generating a suspect web page model that indicates structure and characteristics of the suspect web page content. The method includes performing scoring functions for the potential phishing web page content based on the suspect web page model, where some of the scoring functions use the exemplary model to perform analysis to generate respective results. The method includes generating a web page content phishing score based on results from the scoring functions.

Abstract: A biological fluid collection device that allows a blood sample to be collected anaerobically is disclosed.

Abstract: A biological fluid collection device that allows a blood sample to be collected anaerobically is disclosed.

Abstract: Invention includes a non-enclosed tape dispensing apparatus and system that is adapted to communicate with spools of tape or spooled material and allow the material to pass through the middle of the apparatus and then to be cut to a desired length by a cutting surface. The apparatus may also be made of different types of material and can be varied in size and shape to communicate with rolls of tape or spooled material of varying widths.

Abstract: Computer system security is often implemented using rules-based systems (e.g., allow traffic to this network port, deny it for those network ports; user A is allowed access to these files, but not those files). In enterprises, multiple such systems may be deployed, but fail to be able to intelligently handle anomalies that may technically be permissible but in reality represents a high possibility that there is an underlying threat or problem. The present disclosure describes the ability to build adaptive models using machine learning techniques that integrate data from multiple different domains (e.g. user identity domain, system device domain) and allow for automated decision making and mitigation actions that can provide greater effectiveness than previous systems allowed.

Abstract: Invention generally includes a non-enclosed tape dispensing apparatus that is adapted to communicate with spools of tape or spooled material and allow the material to pass through the middle of the apparatus and then to be cut to a desired length by a cutting surface. The apparatus may also be made of different types of material and can be varied in size and shape to communicate with rolls of tape or spooled material of varying widths.

Abstract: The presently disclosed inventive concepts relate generally to lift chairs, such as a lift chair comprising a frame having a back portion and a front portion defining an interior space, and a first horizontal member positioned between the back portion and the front portion; a foot platform positioned at least partially in the interior space of the frame, the foot platform having a lowered position and a raised position; a seat positioned at least partially in the interior space of the frame and above the platform and pivotally connected to the first horizontal member, the seat having a first end portion and a second end portion, and pivotable between a standing position and a seated position; and a motion translation system configured such that pivoting the seat between the standing position and the seated position moves the platform vertically between the lowered position and the raised position.

Abstract: A biological fluid collection device that allows a blood sample to be collected anaerobically is disclosed.

Abstract: A device for selectively engaging and depressing the slide lock of a firearm includes a pair of engagement tabs that may be utilized in the field stripping of a firearm. In particular, the tabs have slots that are configured to accept the slide lock of the firearm, and facilitate disengagement of the lock to the slide assembly of the firearm.