Abstract: Systems and methods may include receiving real-time data about a real component operating in a real-world environment. The systems and methods may further include generating a virtual representation of the real component based on the real-time data about the real component and historical data associated with the real component. In addition, the systems and methods may include receiving injected data from a lab. The injected data may provide data about a lab component operating in the lab. The systems and methods may also include simulating, in a virtual environment, a real-time interaction in the real-world environment between the real component and the lab component using the virtual representation of the real component and the injected data. Moreover, the systems and methods may include determining a real-time performance characteristic of at least one of the lab component and the real component based on the simulated real-time interaction in the real-world environment.

Abstract: Systems and methods may include receiving performance data of a system. The systems and methods may include generating a virtual representation of the system based on the performance data. The systems and methods may include simulating interactions between the virtual representation and an environment based on the performance data. The systems and methods may include generating an alert indicating an occurrence of an anomalous event based on the simulated interactions. The systems and methods may include determining that the alert was a false positive indicator of the occurrence of the anomalous event. The systems and methods may include, in response to determining that the alert was a false positive indicator, determining differences between a behavior of the system and the simulated interactions. The systems and methods may include determining an adjustment to the virtual representation to mitigate the differences between the behavior of the system and the simulated interactions.

Abstract: Systems and methods may include receiving first data of components, which may represent performance characteristics of the components at a first time. The systems and methods may include performing a first cluster analysis of the first data to identify clusters of the components with similar characteristics. The systems and methods may include receiving second data of the components, which may represent performance characteristics of the components at a second time. The systems and methods may include performing a second cluster analysis of the second data to identify clusters of the components with similar characteristics. The systems and methods may include determining whether a component transitioned from a cluster identified in the first cluster analysis to a different cluster identified in the second cluster analysis. The systems and methods may include determining that an anomaly occurred in response to determining that the component transitioned from the cluster to the different cluster.

Abstract: Systems and methods may include receiving data of a physical system. The systems and methods may include determining whether an anomalous event has occurred based on the data. The systems and methods may include, in response to determining that the anomalous event has occurred, capturing data of the physical system and of an environment. The systems and methods may include generating a virtual representation of the physical system and the environment based on the captured data. The systems and methods may include repeatedly simulating data of the virtual representation by varying parameters of the captured data. The systems and methods may include determining which parameters are a root cause of the anomalous event based on the simulated performance data. The systems and methods may include determining particular values of the parameters that are likely the root cause of the anomalous event to use as a trigger for a proactive process.

Abstract: Determining potential harm associated with a network endpoint external to an enterprise includes receiving information about a network-based communication by a resource of the enterprise directed to the network endpoint external to the enterprise, and calculating a plurality of individual scores related to a risk associated with the network-based communication, wherein each individual score corresponds to a different category of risk. The determination also includes receiving data specifying a policy related to rules defined by the enterprise regarding usage of cloud services; calculating a composite risk score related to the network-based communication, wherein the composite risk score is based on the individual scores and the policy; and notifying an entity of the enterprise about the composite risk score.

Abstract: A method of operating a wireless terminal communicating with a radio access network over a radio interface may include saving information in memory at the wireless terminal identifying locations associated with a wireless terminal location configuration. A configuration message may be received from a configuration management system over the radio interface at the wireless terminal, with the configuration message including information identifying a new location associated with the wireless terminal location configuration. Responsive to receiving the configuration message, the information identifying the new location associated with the wireless terminal location configuration may be saved in the memory at the wireless terminal thereby adding the new location to the locations associated with the wireless terminal location configuration.

Abstract: An apparatus, system, and method for identifying related content based on eye movements are disclosed. The system, apparatus, and method display content to a user concurrently in two or more windows, identify areas in each of the windows where a user's eyes focus, extract keywords from the areas where the user's eyes focus in each of the windows, search a communications network for related content using the keywords, and notify the user of the related content by displaying it concurrently with the two or more windows. The keywords are extracted from one or more locations in the two or more windows in which the user's eyes pause for a predetermined amount of time or, when the user's eyes pause on an image, from at least one of the text adjacent to and the metadata associated with that image.

Abstract: A method comprises extracting one or more document identifiers from a document currently displayed on the user's computer screen. The method further comprises searching an enterprise network, using the one or more document identifiers, for one or more related documents that are related to the document currently displayed on the user's computer screen. The one or more related documents may then be filtered, and the user may be notified of the one or more filtered related documents.

Abstract: A method includes detecting an incoming request from a first application to a second application. The method further includes performing an authentication that involves sending a challenge message to a first application. The challenge message may request an account of information associated with processed transactions between the first application and the second application during a particular period preceding the incoming request, a solution to a high-cost calculation associated with a high level of resource use, or a concatenated sequence of characters located at specific positions of a shared value. The authentication further involves receiving a challenge response to the challenge message from the first application, determining a verified response based on the challenge message, and determining whether the challenge response matches the verified response.

Abstract: Managing cloud service usage includes receiving an identity of a potential cloud service provider utilized by an entity of the enterprise, wherein the identity of the potential cloud service provider is based on network traffic information of the enterprise. Management also includes receiving additional information related to the potential cloud service provider, wherein the additional information is in addition to the network traffic information; and analyzing the identity of the potential cloud service provider and the additional information. Also, based on the analysis, a list of cloud service providers utilized by the enterprise is revised.

Abstract: Methods for automatically generating a report in response to detecting performance and/or availability issues that occur throughout multiple layers of a networked computing environment based on a role of a target recipient of the report are described. In some embodiments, a failure graph may be generated by a root cause identification tool that aggregates data from a plurality of performance management tools monitoring the networked computing environment. The root cause identification tool may acquire a plurality of report templates, determine a first report template of the plurality of report templates based on the role associated with the target recipient, identify a set of variables or an ontology associated with the first report template, assign values to the set of variables using the failure graph, generate a first report based on the first report template, and output the first report to the target recipient.

Abstract: Methods for preventing the transmission of sensitive information to locations outside of a secure network by a person who has legitimate access to the sensitive information are described. In some embodiments, in order for an end user of a computing device to establish a secure connection with a secure network and access data stored on the secure network, a client application running on the computing device may be required by the secure network. The client application may monitor visual cues (e.g., facial expressions and gestures) associated with the end user, detect suspicious activity performed by the end user based on the visual cues, and in response to detecting suspicious activity may perform mitigating actions to prevent the transmission of sensitive information such as alerting human resources personnel or requiring authorization prior to sending information to locations outside of the secure network.

Abstract: A method of operating an authentication node is disclosed. Transaction information for a transaction is received from a merchant node. The transaction information includes an identification for a credit/debit account, a name on the credit/debit account, and a transaction amount for the transaction. Responsive to receiving the transaction information, a complete account number for the credit/debit account is determined using the identification for the credit/debit account and the name on the credit/debit account. The identification for the credit/debit account is different than the complete account number for the credit/debit account. In addition, account information may be transmitted to an acquirer node, and the account information may include the complete account number for the credit/debit account, the name on the credit/debit account, and the transaction amount. Related methods of operating merchant nodes, related computer program products, and related computer systems are also disclosed.

Abstract: Methods for preventing the transmission of sensitive information to locations outside of a secure network by a person who has legitimate access to the sensitive information are described. In some embodiments, in order for an end user of a computing device to establish a secure connection with a secure network and access data stored on the secure network, a client application running on the computing device may be required by the secure network. The client application may monitor visual cues (e.g., facial expressions and gestures) associated with the end user, detect suspicious activity performed by the end user based on the visual cues, and in response to detecting suspicious activity may perform mitigating actions to prevent the transmission of sensitive information such as alerting human resources personnel or requiring authorization prior to sending information to locations outside of the secure network.

Abstract: A management server in a communications network receives information for display at a plurality of user devices. The information includes multiple user interface components for display on the user devices. Upon receiving the information, the management server identifies the different components and selectively distributes the components to different ones of the user devices based on predefined routing data stored in a memory accessible to the management server.

Abstract: Methods for automatically generating a report in response to detecting performance and/or availability issues that occur throughout multiple layers of a networked computing environment based on a role of a target recipient of the report are described. In some embodiments, a failure graph may be generated by a root cause identification tool that aggregates data from a plurality of performance management tools monitoring the networked computing environment. The root cause identification tool may acquire a plurality of report templates, determine a first report template of the plurality of report templates based on the role associated with the target recipient, identify a set of variables or an ontology associated with the first report template, assign values to the set of variables using the failure graph, generate a first report based on the first report template, and output the first report to the target recipient.

Abstract: Methods for automatically generating help desk tickets in response to detecting performance and/or availability issues that occur throughout multiple layers of a networked computing environment are described. In some embodiments, in response to detecting an alert corresponding with a performance issue affecting the networked computing environment, a root cause identification tool may aggregate a plurality of alarms from a plurality of performance management tools monitoring the networked computing environment, generate a failure graph associated with the performance issue, identify a first leaf node of the failure graph, determine a first remedy associated with the first leaf node, and automatically generate a help desk ticket corresponding with the first leaf node and the first remedy. The automatically generated help desk ticket may specify the failure associated with the first leaf node, the first remedy, a location associated with the first remedy, and an estimated time to fix the failure.

Abstract: Methods for visualizing and accessing data associated with causal relationships between failures occurring within a networked computing environment are described. In some embodiments, a failure graph may be generated by a root cause identification tool that aggregates data from a plurality of performance management tools monitoring the networked computing environment. The aggregated data may include a plurality of alarms spanning multiple layers of the networked computing environment, as well as log file data. The root cause identification tool may generate a graphical representation of the failure graph including pointers to portions of the aggregated data supporting directed edges of the failure graph. The root cause identification tool may also provide a user interface for accessing the portions of the aggregated data pointed to by the various links within the failure graph.

Abstract: Methods for monitoring a networked computing environment and for identifying root causes of performance and availability issues that occur throughout multiple layers of the networked computing environment are described. In some embodiments, a software service provided by a networked computing environment may experience a service-related performance or availability issue. In response to detecting the service-related issue affecting the service, a root cause identification tool may aggregate data from a plurality of information technology management software tools monitoring the networked computing environment, identify causal relationships between a plurality of failures associated with the service-related issue based on the aggregated data, determine a chain of failures of the plurality of failures based on the causal relationships, identify a root cause of the service-related issue based on the chain of failures, and transmit an alarm corresponding with the root cause.

Abstract: Methods for monitoring a networked computing environment and for consolidating multiple alarms under a single root cause are described. In some embodiments, in response to detecting an alert corresponding with a performance issue in a networked computing environment, a root cause identification tool may aggregate a plurality of alarms from a plurality of performance management tools monitoring the networked computing environment. The root cause identification tool may then generate a failure graph associated with the performance issue based on the plurality of alarms, determine a first set of leaf nodes of the failure graph, determine a first chain of failures based on the first set of leaf nodes, suppress (or hide) alarms that are not associated with the first chain of failures, and output a consolidated alarm associated with the first chain of failures.