Abstract: Properties associated with computing resources are received. At least a portion of the received properties is used to cluster the computing resources into one or more operating groups. At least a portion of the received properties is used to determine a recommendation of an operation schedule for at least one of the one or more operating groups. The recommendation is provided. A feedback is received in response to the recommendation.

Abstract: Properties associated with computing resources are received. At least a portion of the received properties is used to cluster the computing resources into one or more operating groups. At least a portion of the received properties is used to determine a recommendation of an operation schedule for at least one of the one or more operating groups. The recommendation is provided. A feedback is received in response to the recommendation.

Abstract: A method to manage Internet of Things (IoT) devices is described. In one embodiment, the method includes detecting a presence of a first IoT device in a network associated with the computing device, managing access to the first IoT device based at least in part on authentication information associated with the first IoT device, identifying one or more updates associated with the first IoT device, and applying at least one update to the first IoT device based at least in part on identifying the one or more updates. In one embodiment, the method further includes analyzing a packet stream to determine one or more identifiers associated with the first IoT device, and identifying the first IoT device based at least in part on the one or more determined identifiers.

Abstract: Privacy preserving secure task automation. A method may include generating, by a first section of a platform, a pair of encryption keys (private and shared secret keys); receiving, by a second section of the platform, platform user data, trigger service user data; and action service user data, wherein the user of the services and platform are the same; sending the shared secret key to the services; storing the private key in the first section; receiving from the trigger service, by the second section, a first communication encrypted with the shared secret key, regarding occurrence of a trigger; determining, by the first section, that the trigger corresponds to the user of the platform; encrypting a second message with the shared secret key, requesting invocation of the action based on the trigger; and transmitting the second encrypted message to the action service without the data related to the user of the platform.

Abstract: Determining security vulnerabilities of smart home devices.

Abstract: A method for implementing security of Internet of Things (IoT) home voice assistants is described. In one embodiment, a computer-implemented method for implementing a security policy with a voice assistant includes obtaining, by one or more computing devices, encrypted traffic from a voice assistant; identifying, by the one or more computing devices, a user voice command in the encrypted traffic based at least in part on one or more identifiable attributes of the encrypted traffic; determining, by the one or more computing devices, the user voice command triggers at least one security policy; and upon determining the user voice command triggers the at least one security policy, performing, by the one or more computing devices, a security action that implements the at least one security policy. In some cases, the method may include obtaining an audio recording of the user voice command with a microphone built into the router.

Abstract: A method for applying user profiles in electronic sessions is described. In one embodiment, the method includes detecting a request to initiate an electronic session with a web server; identifying a user profile associated with the request; generating an alternative profile; initiating the electronic session; and replacing the user profile with the alternative profile during the electronic session. In some examples, the method includes performing a security action, including modifying one or more data points in a set of metadata and/or a set of latent user characteristics associated with the user profile. In some cases, the alternative profile includes a set of modified metadata and a set of modified latent user characteristics. In some examples, the method includes replacing a cookie associated with the user profile with a cookie associated with the alternative profile.

Abstract: A method for implementing security of Internet of Things (IoT) home voice assistants is described. In one embodiment, a computer-implemented method for implementing a security policy with a voice assistant includes obtaining, by one or more computing devices, encrypted traffic from a voice assistant; identifying, by the one or more computing devices, a user voice command in the encrypted traffic based at least in part on one or more identifiable attributes of the encrypted traffic; determining, by the one or more computing devices, the user voice command triggers at least one security policy; and upon determining the user voice command triggers the at least one security policy, performing, by the one or more computing devices, a security action that implements the at least one security policy. In some cases, the method may include obtaining an audio recording of the user voice command with a microphone built into the router.

Abstract: Decrypting network traffic on a middlebox device using a trusted execution environment (TEE).

Abstract: Decrypting network traffic on a middlebox device using a trusted execution environment (TEE).

Abstract: A computer-implemented method for scalable network monitoring in virtual data centers may include (1) identifying a plurality of network monitoring agents executing on a plurality of virtual machine host systems within a virtual data center, (2) intercepting, at a receiving virtual machine host system, a traffic flow within a virtual network within the virtual data center, (3) determining a processor load on each of the plurality of virtual machine host systems, (4) selecting, based on the processor load on the receiving virtual machine host system exceeding an established threshold, an alternate virtual machine host system that executes a second network monitoring agent for inspecting the traffic flow, and (5) limiting the processor load on the receiving virtual machine host system by designating the second network monitoring agent executing on the alternate virtual machine host system to inspect the traffic flow. Various other methods, systems, and computer-readable media are also disclosed.

Abstract: Decrypting network traffic on a middlebox device using a trusted execution environment (TEE).

Abstract: The disclosed computer-implemented method for monitoring virtual networks may include (1) identifying a virtual network containing at least one virtualized switching device that routes network traffic from a source port within the virtual network to a destination port, (2) providing, within the virtualized switching device, a set of software-defined network rules containing criteria for identifying packets having at least one predetermined property associated with a security policy, (3) intercepting, at the source port, a packet destined for the destination port, (4) determining that at least one characteristic of the packet satisfies at least one of the rules, and (5) in response to determining that the characteristic of the packet satisfies at least one of the rules, forwarding a copy of the packet to a virtual tap port that analyzes the packet for security threats. Various other methods, systems, and computer-readable media are also disclosed.

Abstract: The disclosed computer-implemented method for monitoring encrypted data transmission may include (1) detecting a data transmission session between an application running on a first device and an application running on a second device, (2) identifying a shared library loaded by the application running on the first device to establish encryption for the data transmission session, (3) retrieving, from the shared library, a symmetric session key designated for the data transmission session, (4) intercepting data transmitted during the data transmission session, the data having been encrypted using the symmetric session key, and (5) decrypting the data utilizing the symmetric session key retrieved from the shared library. Various other methods, systems, and computer-readable media are also disclosed.

Abstract: A first graph comprises multiple nodes and edges. At least one successive summary graph is created, using the original graph as a predecessor. To create a second graph from a first, nodes of the first graph are grouped into a plurality of subsets, and each subset becomes a super-node. For each super-node, the edges of each corresponding node are replaced with one or more super-edges. Each super-edge represents a relationship between a pair of super-nodes. The nodes of the successor graph comprise the super-nodes and the edges of the successor graph comprise the super-edges. The steps are tracked for restoring each omitted edge of each predecessor graph. Based on a determined quantified value for the restoration of each omitted edge of each predecessor graph, customized summary graphs can be created for and presented to specific parties. Determined values can be, for example, monetary or based on trust levels.

Abstract: The disclosed computer-implemented method for monitoring virtual networks may include (1) identifying a virtual network containing at least one virtualized switching device that routes network traffic from a source port within the virtual network to a destination port, (2) providing, within the virtualized switching device, a set of software-defined network rules containing criteria for identifying packets having at least one predetermined property associated with a security policy, (3) intercepting, at the source port, a packet destined for the destination port, (4) determining that at least one characteristic of the packet satisfies at least one of the rules, and (5) in response to determining that the characteristic of the packet satisfies at least one of the rules, forwarding a copy of the packet to a virtual tap port that analyzes the packet for security threats. Various other methods, systems, and computer-readable media are also disclosed.