Abstract: The present invention is directed to systems and methods for enhancing electronic communication security. A communication transmitted over a communications network is received and tested by a collection engine to generate data associated with the received communication. An analysis engine analyzes the data generated by the collection engine along with data associated with previously received communications to whether an anomaly exists. If an anomaly exists with respect to the received communication, an action engine initiates a predetermined response.

Abstract: Methods and systems for operation upon one or more data processors to filter communications of users in accordance with content-based policy.

Abstract: Systems and methods for providing message reputation to an end user.

Abstract: Systems and methods for graphically displaying messaging traffic flows by collecting messaging data, converting a portion of the messaging data to a geographical position and collecting statistics related to the messaging data for overlaying upon a geographical map.

Abstract: The present invention is directed to systems and methods for detecting unsolicited and threatening communications and communicating threat information related thereto. Threat information is received from one or more sources; such sources can include external security databases and threat information data from one or more application and/or network layer security systems. The received threat information is reduced into a canonical term. Features are extracted from the reduced threat information; these features in conjuntion with configuration data such as goals are used to produce rules. In some embodiments, these rules are tested against one or more sets of test data and compared against the same or different goals; if one or more tests fail, the rules are refined until the tests succeed within an acceptable margin of error. The rules are then propagated to one or more application layer security systems.

Abstract: The present invention is directed to systems and methods for detecting unsolicited and threatening communications and communicating threat information related thereto. Threat information is received from one or more sources; such sources can include external security databases and threat information data from one or more application and/or network layer security systems. The received threat information is reduced into a canonical form. Features are extracted from the reduced threat information; these features in conjunction with configuration data such as goals are used to produce rules. In some embodiments, these rules are tested against one or more sets of test data and compared against the same or different goals; if one or more tests fail, the rules are refined until the tests succeed within an acceptable margin of error. The rules are then propagated to one or more application layer security systems.

Abstract: Computer-implemented systems and methods for identifying illegitimate messaging activity on a system using a network of sensors.

Abstract: The present invention is directed to systems and methods for enhancing electronic communication security. An electronic communication is received and stored. A plurality of risk assessments are made with respect to the received communication thereby generating a risk profile associated with the communication. The assessments are made in a sequential manner by assigning the stored communication and index and serially placing the index on queue associated with interrogation engines that perform the various assessments. The index is initially placed in a queue associated with an interrogation engine performing the first type of assessment on the communication. The index is placed in a subsequent queue only after the interrogation engine associated with the prior queue in which the index was placed has assessed the communication. This is repeated until all desired assessments have been performed.

Abstract: The present invention is directed to systems and methods for enhancing electronic communication security. A communication transmitted over a communications network is received and tested by a collection engine to generate data associated with the received communication. An analysis engine analyzes the data generated by the collection engine along with data associated with previously received communications to whether an anomaly exists. If an anomaly exists with respect to the received communication, an action engine initiates a predetermined response.

Abstract: The present invention is directed to systems and methods for enhancing electronic communication security. An electronic communication is received and stored. A plurality of risk assessments are made with respect to the received communication thereby generating a risk profile associated with the communication. The assessments are made in a sequential manner by assigning the stored communication and index and serially placing the index on queue associated with interrogation engines that perform the various assessments. The index is initially placed in a queue associated with an interrogation engine performing the first type of assessment on the communication. The index is placed in a subsequent queue only after the interrogation engine associated with the prior queue in which the index was placed has assessed the communication. This is repeated until all desired assessments have been performed.

Abstract: The present invention is directed to systems and methods for enhancing electronic communication security. An electronic communication is received and stored. A plurality of risk assessments are made with respect to the received communication thereby generating a risk profile associated with the communication. The assessments are made in a sequential manner by assigning the stored communication and index and serially placing the index on queue associated with interrogation engines that perform the various assessments. The index is initially placed in a queue associated with an interrogation engine performing the first type of assessment on the communication. The index is placed in a subsequent queue only after the interrogation engine associated with the prior queue in which the index was placed has assessed the communication. This is repeated until all desired assessments have been performed.