Abstract: Described embodiments provide systems and methods for morphing or regenerating validation information. A client can receive, via a device, an authentication cookie for access to a server. The device may maintain a sequence number and a cryptographic secret. The client may use the cryptographic secret and a cookie engine to generate validation cookie information with an updated sequence number. The client may send the authentication cookie to the device via a hypertext transfer protocol (HTTP) message to validate the authentication cookie. The client may send the validation cookie information with the updated sequence number to the device via a HTTP message to validate the authentication cookie.

Abstract: Methods and systems for providing secure file sharing are described herein. A computing device may receive data from a resource provider in response to a request received by the resource provider. The data may include information about a user of a client device that made the request for a file and information about the file, and the request may be for access to the file and made by the user with an owner of the requested file being unknown to the user. The computing device may parse the received data to identify a subset of data. The subset of data may be configured to enable the owner to determine whether to permit the user to access to the file. Further, the computing device may provide a notification, which includes at least some of the subset of data, to an endpoint device of the owner.

Abstract: Described embodiments provide systems and methods for performing actions based on data of devices. A controller executing on at least one server may receive a first dataset from a first agent of a first device intermediary between a first plurality of client devices and a first plurality of servers. The first dataset may comprise a subset of data tracked at the first device and available to the first agent. The controller may receive a second dataset from a second agent of a second device intermediary between a second plurality of client devices and a second plurality of servers. The second dataset may comprise a subset of data tracked at the second device and available to the second agent. According to the first dataset and the second dataset, the controller may send an instruction to at least one of the first device, the second device or a third device.

Abstract: Systems and methods for selecting tunnels for transmitting application traffic by an SD-WAN application include a software-defined wide area network (SD-WAN) application executing on a client device establishing a connection between the SD-WAN application and one or more applications. The SD-WAN application maintains a plurality of tunnels between the SD-WAN application and respective tunnel destinations. The SD-WAN application receives application traffic from an application of the one or more applications. The SD-WAN application selects, based on the application traffic, a respective tunnel of the plurality of tunnels via which to transmit the application traffic of the application. The SD-WAN application transmits the application traffic via the selected tunnel.

Abstract: A method for video frame analysis includes determining a first dissimilarity metric and a second dissimilarity metric. The first dissimilarity metric may correspond to a first difference between a first foreground of a first key frame in a video and a second foreground of a second key frame following the first key frame in the video. The second dissimilarity metric may correspond to a second difference between the second foreground of the second key frame and a third foreground of a third key frame following the second key frame in the video. A playback of the video may be generated based on the first dissimilarity metric and the second dissimilarity metric. Related systems and computer program products are also provided.

Abstract: Aspects of the disclosure relate to various systems and techniques that provide methods and systems for identifying log event for computing systems. For example, a computing device may receive a log event of an application, and determine a value representative of an inverse relationship between a frequency of the log event and a criticality of the log event. The computing device may initiate an action to address the event indicated by the log event based on a comparison between the determined value and a threshold.

Abstract: A method may include receiving, by a computing system and from a first device, first data. The first data may be based at least in part on a first output from a first instance of a model processed by the first device. The method may further include receiving, by the computing system and from the first device, second data that was processed by the first instance of the model to produce the first output. The method may also include processing, by the computing system, the second data with at least a portion of a second instance of the model to produce a second output. The method may additionally include determining, by the computing system, third data based at least in part on the second output. Further, the method may include determining, by the computing system, that the third data is consistent with the first data.

Abstract: A contextual authentication method includes receiving a request to launch a web service and causing the web service to be launched on a remote browser. When a security event is detected, a security key obtained, based on a context of a client computing system, from a near-field communication (NFC) device connected to a mobile device. The security key is requested and received from the NFC device via the mobile device. The security key is delivered to the web service via the remote browser.

Abstract: Systems and methods of managing virtual application performance in a virtual computing environment are provided. A system determines an application interaction score based on corresponding application interaction factors associated with sessions. The system determines the application interaction score for each virtual application accessed during each of the sessions. The system generates an aggregated application interaction score for each of the sessions based at least on combining the application interaction score for each of the virtual applications accessed during a corresponding session. The system performs an action based at least in part on the aggregated application interaction score to improve performance of a virtual application accessed via the virtual computing environment.

Abstract: In some embodiments, a method includes: receiving, by a first computing device, text composed using a composition window of a second computing device; entering, by the first computing device, the composed text into a text input of an application executing on the first computing device; determining, by the first computing device, one or more attributes of a cursor of the text input, the one or more attributes of the cursor including at least a position of the cursor; and sending, by the first computing device, the one or more attributes of the cursor to the second computing device, the second computing device configured to display the application and to position the composition window relative to the displayed application based on the position of the cursor determined by the first computing device.

Abstract: A server includes a hardware platform, a hypervisor platform, and at least one virtual machine operating as an independent guest computing device. The hypervisor includes a memory facilitator, at least two hardware emulators, a toolstack and an emulator manager. The memory facilitator provides memory for a virtual machine, with the memory having state data associated therewith at a current location within the virtual machine. The at least one hardware emulator provides at least one set of hardware resources for the virtual machine, with the at least one set of hardware resources having state data associated therewith at the current location within the virtual machine. The toolstack controls the hypervisor including generation of a start state data transfer request. The emulator manager coordinates transfer of the respective state data from the current location to a different location, and tracks progress of the transfer of the respective state data to the different location.

Abstract: A computer system is provided. The computer system includes a memory and at least one processor coupled to the memory and configured to detect a request for a sign-up form from a client device to a remote server. The at least one processor is further configured to generate a code module based on the detection. The code module is configured to request a credential vulnerability check from an application management server. The at least one processor is further configured to provide the code module to the client device for execution on the client device in response to an attempted submission of the sign-up form. The at least one processor is further configured to receive a result of the credential vulnerability check from the client device and perform a security action in response to the credential vulnerability check indicating vulnerable credentials.

Abstract: A smart card may include a memory configured to store a user connection lease and user interface (UI) cache for a user and a private/public key pair of the smart card, with the user connection lease being bound to the private/public key pair of the smart card. The smart card may further include a processor coupled to the memory and configured to establish a communications link with a kiosk device to be shared by a plurality of different users, initiate a virtual session for the user at the kiosk device based upon the user connection lease and the private key responsive to establishing the communications link (with the smart card defining an endpoint for the virtual session authorization), and cause the kiosk device to launch the virtual session based upon the user UI cache.

Abstract: Systems and methods discussed for redirection of launch requests for local applications to corresponding remote applications, such as SaaS or network applications provided by an application server, and access of the corresponding remote application via an embedded browser of a client application. A client application executed by a client device may detect a request of a user to launch a local application of the client device. The client application may determine that the local application corresponds to a network application provided by an application server. The client application may intercept the request to launch the local application, responsive to the determination. An embedded browser of the client application may access the network application from the application server, responsive to interception of the request.

Abstract: A cloud-based management system for distributed datacenters provides remote management of the datacenters from terminals at various locations. A virtual cloud-based operating system facilitates a transparent system call architecture, permitting subscribers to deploy, configure and manage operations at machines operating on different local operating systems. The virtual operating system can canonicalize available resources into a namespace to expose the resources as files at terminals. Asynchronous execution of subscriber commands across a group of target machines is provided with a notification procedure to control bandwidth and resource allocation. A file distribution model without a central controller for a group of target machines is provided to alleviate interaction with the management cluster for file distribution.

Abstract: Described embodiments provide systems and methods for detection of the degradation of a virtual desktop environment. A computing device may receive data from a plurality of client devices. The computing device may identify a subset of client devices from the plurality of client devices with at least one characteristic in common based on the received data. The computing device may determine a ratio of the identified subset of client devices, the ratio being a comparison of client devices of the subset with a value above a first threshold to a total number of client devices of the subset, and the value being indicative of a characteristic of performance for that client device. The computing device may identify a cause of an anomaly in the performance of the application based on the ratio exceeding a second threshold.

Abstract: A computer system is provided. The computer system includes a memory and at least one processor coupled to the memory and configured to extract, from a website vulnerability scanner log, a uniform resource locator (URL) and a vulnerability score and vulnerability classification associated with the URL. The at least one processor is further configured to generate an application vulnerability graph comprising connected nodes that are associated with a field of the URL. The nodes are labeled to indicate the associated field of the URL and color coded based on the vulnerability score. The nodes are also associated with the vulnerability classification. The at least one processor is further configured to enable or disable security protection against a user-selected vulnerability classification of a user-selected node by generating web application firewall security rules and/or web application firewall relaxation rules.

Abstract: A method for validating a Uniform Resource Locator (URL) includes generating electronic media content including the URL, generating a Certificate Signing Request (CSR) including the URL, sending the CSR to a certificate signing server, receiving a signed certificate corresponding to the CSR from the certificate signing server, and encoding the signed certificate as metadata in the electronic media content and/or encoding a serial number associated with the signed certificate as metadata in the electronic media content. A user can send the URL to another user through a chat message, an email, a word processing document or other business application, or a document which has a URL through a pen drive, email, or chat message. The certificate-based mechanism is used to validate the origin (sender) of the URL so that the recipients know that the URL can be accessed without having to separately analyze the security risks.

Abstract: According to some embodiments, a method can include: receiving, by a first computing device, information about a meeting that a user is scheduled to attend; retrieving, by the first computing device, a plurality of messages sent to the user in one or more applications; analyzing, by the first computing device, the plurality of messages to identify one or more messages relevant to the meeting based on contents of the messages and the information received about the meeting; and sending, by the first computing device, the relevant messages to a second computing device, the second computing device configured to display the relevant messages to the user.

Abstract: Methods and systems for secure authentication of a first device through attestation by one or more other devices are described herein. A server may receive, from an untrusted client device, a request for access to one or more services associated with the server. The server may generate a challenge code. The server may send, to the untrusted client device, a request for attestation of the untrusted client device. The server may receive, from a trusted client device, an indication that the trusted client device attests to an identity of the untrusted client device. Based on the indication that the trusted client device attests to the identity of the untrusted client device, the server may grant, to the untrusted client device, access to the one or more services associated with the server.