Abstract: Methods, systems, computer-readable media, and apparatuses may provide creation and management of composite tokens for use with services in a virtual environment without the user having to re-authenticate each time the user accesses a different service. A composite identity server may receive a request to upgrade a first authentication token for a user. The composite identity server may redirect a user agent to an identity provider for authentication and, in response, may receive a second authentication token for the user. The composite identity server may send the second authentication token to a federated microservice and, in response, may receive one or more claims of the second authentication token designated for inclusion in a composite token. The composite identity server may generate a composite token including the one or more claims of the first authentication token and one or more claims of the second authentication token.

Abstract: Described embodiments provide systems and method for intelligent path selection to reduce latency and maintain security. A client can request access to a server and multiple connections can be initiated to the requested destination, for example, a direct connection from a branch office and a backhauled connection through a data center. Traffic via the second connection can be controllable by application of at least one rule of the data center. A device can determine a delay in the exchange of data via the connections and a security level of the connections. The determination of the delay in the exchange of data via the another connection can be based on in part feedback about the application of the rule. The device can connect a client device to a server through one of the connections using the determination of the delay and the security level of the connection.

Abstract: Methods and systems for accessing conflicting frameworks and classes are presented. In some embodiments, a conflicting frameworks computing platform may receive an application classloader corresponding to a mobile application. The application classloader may indicate one or more child application-defined classloaders. Subsequently, the conflicting frameworks computing platform may create a framework-defined classloader comprising a first class that conflicts with a second class in the one or more child application-defined classloaders. Further, the conflicting frameworks computing platform may create a framework-termination classloader. The framework-termination classloader may be a parent classloader of the framework-defined classloader. Next, the conflicting frameworks computing platform may replace, using a reflection function, the application classloader with a new application classloader.

Abstract: Described embodiments provide for provisioning devices securely using zero touch deployments. A controller application can receive a first authentication code from the controller. The controller application can establish, responsive to receiving the first authentication code, a short-range wireless connection with the device within a pairing range of the controller application using at least one of one or more short-range wireless communication types. The controller application can receive a second authentication code from the device via the short-range wireless connection. The controller application can determine that the first authentication code received from the controller corresponds to the second authentication code received via the short-range wireless connection.

Abstract: Systems and methods of reconstructing execution call flows to detect anomalies is provided. A device can establish call flows using information extracted from a log file to. Each of the call flows can identify information from the log file of a call flowing through a plurality of modules. The device can identify a count of a number of occurrences of one or more keywords in information of each call flow. The device can generate a vector of numbers for each call flow based at least on the count for the one or more keywords for that call flow. The device can classify each call flow into one or more clusters that indicate whether an operation of the call flow is anomalous. The device can classify each call flow using the vector of numbers for each call flow.

Abstract: Described embodiments provide systems, methods, non-transitory computer-readable medium for initiating one-factor or multi-factor authentication. A device comprising one or more processors and coupled to memory. The device can receive a request to authenticate a user to enable access to an application by the user. The request can originate from an Internet Protocol (IP) address external to a network hosting the application. The device can determine that a previous request to authenticate the user originated from the IP address and was approved based on successful completion of multi-factor authentication by the user. The device can provide, responsive to the determination, the user with access to the application using one-factor authentication instead of the multi-factor authentication.

Abstract: A computer system is provided. The computer system includes a memory and at least one processor coupled to the memory. The processor is configured to identify a message to a plug and play (PnP) manager of an operating system, the message comprising an identifier of a device to be configured by the PnP manager, determine whether the device is targeted for device identifier translation at least in part by determining whether the device satisfies one or more target device criteria, and replace the identifier of the device with a reference identifier different from the identifier of the device in response to a determination that the device is targeted for device identifier translation, the reference identifier being usable by the PnP manager to install or configure the device.

Abstract: Methods and systems for path selection involving remote access protocols and/or user behavior are described herein. A request, from a first computing device, for content hosted on a second computing device may be received. Based on network state metrics, remote access protocol metrics, and/or user experience metrics, a path of a plurality of paths between the first computing device and the second computing device may be selected. The path need not be the most direct path between the first computing device and the second computing device, and may comprise remote access to a computing device on an intermediary server. Based on user behavior analysis performed with respect to user input data, a path may be re-selected, and/or the network state metrics, remote access protocol metrics, and/or user experience metrics may be weighted.

Abstract: Aspects of the present disclosure are directed towards responding to a touch gesture at a touch-enabled computing device. An interface control element may be presented at a first computing environment provided by a computing device. A touch gesture may be received at a touchscreen of the computing device, and it may be determined whether at least a portion of the touch gesture occurred at the interface control element. Based, at least in part, on whether at least a portion of the touch gesture occurred at the interface control element, a display of the first computing environment may be adjusted or information corresponding to the touch gesture may be transmitted to a second computing environment. The interface control element may be a preview pane.

Abstract: A method of casting a source device display screen to a target device includes, by an application on the source device, storing information about the target device in a shared memory and issuing a request to an operating system to initiate capturing and casting for the source device display screen. The operating system responds to the request by launching a casting extension and supplying a content stream containing content of the source device display screen. Upon being launched, the casting extension (1) obtains the information about the target device from the shared memory and uses the information to establish a display connection with the target device, and (2) forwards the content stream to the target device on the display connection.

Abstract: Systems and methods of handling sessions between client devices and one or more server based on session classifications are provided. A device identifies a time series of security metrics corresponding to requests received during a session established by a client device to access a resource provided by one or more servers. The device generates security features from the time series of security metrics based on one or more time windows. The device classifies the session as one of anomalous or genuine using the security features generated from the time series of security metrics based on the one or more time windows. The device handles subsequent requests received during the session based on the classification of the session as the one of anomalous or genuine.

Abstract: Described embodiments provide systems and methods for validating a request to perform an action to access at least one file. A computing device can receive a request from the client, the request being to perform an action to access at least one file and including a first computed value indicative of one or more previous actions on files. The computing device may compare the first computed value to a second computed value maintained by the computing device independently from the first computed value. The second computed value may be indicative of the one or more previous actions on the files. The computing device may perform secondary authentication in addition to primary authentication for the client, responsive to an indication of trustworthiness of the client or the file according to the comparison of the first computed value to the second computed value.

Abstract: Described embodiments provide systems and methods for selecting one or more firewall rules to apply to a server based at least on identifying a service of the server. A device intermediary to a plurality of clients and a serve may identify a pattern of a firewall to apply to a response from the server to a request from a client of the plurality of clients. The pattern may be to identify a service configured on the server. The device may determine that the response from the server matches the pattern. The device may identify, responsive to the response matching the pattern, that the service is configured on the server. The device may select, based at least on the service, one or more rules for the firewall to apply to responses from the server.

Abstract: Methods and systems for enabling file attachments in a mobile calendar application are presented. In some embodiments, a mobile device may receive a message comprising an electronic calendar invitation and an electronic file attachment. The mobile device may generate an association between the electronic file attachment received in the message and a calendar event in an electronic calendar mobile application executing on the mobile computing device, wherein the calendar event is associated with the electronic calendar invitation. In response to receiving a selection to display the calendar event in the electronic calendar mobile application, the mobile device may generate a display of the calendar event comprising a display of the associated electronic file attachment in the electronic calendar mobile application.

Abstract: Methods and systems for recommending files to users are described herein. Files may be recommended to a user within a file sharing service. A recommender system may intelligently recommend files to users according to their preferences through machine learning. In addition, a recommender system may recommend files based on what is popular within a group to which the user belongs. The recommendations may be adjusted based on user interaction with one or more recommended files.

Abstract: Methods and systems for providing services using mixed instance catalogs are described herein. A catalog may comprise a plurality of first virtual machines and a plurality of second virtual machines. The capacity of a first virtual machine may be larger than the capacity of a second virtual machine. Connection requests to access a service associated with the catalog may be distributed among the plurality of first virtual machines and the plurality of second virtual machines.

Abstract: A computer system including a memory, a network interface, and a processor is provided. The processor is configured to receive, via the network interface, one or more design attributes of a microapp from a microapp development tool hosted by an endpoint device, the one or more design attributes comprising an identifier of a system of record configured to supply data to the microapp; execute a machine learning process trained, using data regarding microapp usage within an organization, to predict at least one user engagement metric for the microapp based on the one or more design attributes; and transmit, via the network interface, the at least one user engagement metric to the microapp development tool hosted by the endpoint device.

Abstract: Systems and methods of vertical auto-scaling a networking stack by adjusting the number of packet engines executing on a device are provided. A device intermediary to clients and servers executes first packet engines to process network traffic of a first set of connections. The device determines to adjust the number of packet engines executing on the device based on trigger parameters. The device activates second packet engines to process network traffic for a second set of connections. The device mirrors the network traffic from the first and second set of connections. The first packet engines reject the traffic from the second connections, and the second packet engines reject the traffic from the first connections. The device deactivates the first packet engines when the first connections timeout.

Abstract: Described embodiments provide systems and methods for enhancing user engagement with micro applications. A computing device can include one or more processors and memory. The computing device can receive an indication of an action to be completed with use of a micro application. The computing device can be in communication with a client device and one or more computing systems of record to execute the micro application. The computing device can values for one or more attributes of the micro application. The computing device can generate, based on the identified values, a score for the micro application. The computing device can provide the score to the client device for display within a user interface. The user interface can be configured to initiate the action with use of the micro application.

Abstract: Described embodiments provide systems and methods for generating firewall configuration profiles for firewalls. An intermediary device may modify a request from a client to access the server to include a payload provided by the device. The payload may include an action type selected from a plurality of action types used to probe the server for a corresponding security vulnerability of a plurality of security vulnerabilities. The device may transmit, to the server, the request including the payload to cause the server to provide a response to the device. The device may determine that the server is susceptible to a security vulnerability of the plurality of security vulnerabilities corresponding to the action type based at least on the response. The device may generate a configuration profile for the firewall to restrict requests of the action type to access the server from clients.