Abstract: Described embodiments provide systems and methods for indicating virtual workspace performance on a graphical user interface of a computer system. In one such method, the computer system identifies one or more components of a virtual workspace executed on behalf of a user of the computer system, and analyzes a plurality of performance measurements of the identified one or more components of the virtual workspace. For each of the identified one or more components, the computer system determines an aggregated performance measurement for the component based on the plurality of performance measurements of the component, compares the aggregated performance measurement to a threshold, and selects a graphical indicator from a plurality of predetermined graphical indicators responsive to the comparison. The computer system renders, within a graphical user interface of the computer system, an identifier of the component and the selected graphical indicator.

Abstract: Techniques for encrypting keyboard data prior to its being received by an operating system of an endpoint device, reducing the possibility of unencrypted keyboard data being logged by a keylogger application running on the endpoint device. The techniques employ an encryption filter communicably coupled between a keyboard and the endpoint device. The encryption filter receives unencrypted keyboard data from the keyboard, encrypts the keyboard data, and provides the encrypted keyboard data to the operating system of the endpoint device. The techniques can be employed in association with a back-end data processing center of a security standard compliant organization, which can receive the encrypted keyboard data from the endpoint device, and decrypt the keyboard data for use on a host system. In this way, access and/or storage of unencrypted keyboard data at the endpoint device can be avoided.

Abstract: A primary domain controller maintains synchronization of directory information (e.g., Active Directory information) between local directory controllers in a local domain and cloud directory controllers in a cloud domain. The primary domain controller subscribes to directory event reports for selected directory events occurring at the local directory controllers, such as addition, deletion or modification of user accounts. Upon receiving the directory event reports, the primary domain controller creates corresponding directory event records in an event log, and regularly forwards contents of the directory event records of the event log to the cloud directory controllers for use in updating system directory information in the cloud domain.

Abstract: A system and method for securely encrypting and booting a headless appliance. A computerized method is disclosed that includes: providing the network appliance with content encrypted with a secret key; launching the network appliance in a fallback configuration that provides limited operational capabilities; forwarding a request for the secret key to an online service that independently utilizes an identity provider to establish trust with an appliance administrator; receiving the secret key from the online service upon establishment of trust with the appliance administrator; decrypting the content with the secret key received from the online service; and utilizing the content to launch the network appliance in a full configuration.

Abstract: Systems and methods for classification of log data at the source into sets of critical and non-critical data. Critical data may be indexed and processed normally, while non-critical data may be provided to and stored by the cloud-based log aggregation system without indexing, at significantly lower cost in terms of processing and storage. In the event that non-critical data is required for troubleshooting or analysis, the non-critical data may be indexed dynamically on request. Because the non-critical data is stored at the cloud-based log aggregation system, it may be quickly indexed and added to the critical data, without additional consumption of bandwidth or delays due to transmission. Dynamic selection and classification of critical and non-critical data may thus allow an enterprise to balance costs and availability of indexed data.

Abstract: A system that comprises a microapp server includes a memory and at least one processor coupled to the memory. The microapp server is configured to generate a recommendation to modify a set of one or more subscribed microapps. The microapp server is configured to gather observational data that characterizes interactions of a user with an endpoint. The user is associated with the set of one or more subscribed microapps. The microapp server is further configured to identify, based on the observational data, a modification to the set of one or more subscribed microapps. The microapp server is further configured to send, to an administration console, the recommendation to modify the set of one or more subscribed microapps in accordance with the identified modification.

Abstract: Described embodiments provide systems and methods for generating visualizations of data based on correlation measures and search history. An analysis engine may access data observed from a data source over time. The analysis engine may determine a variation of each of at least a first metric and a second metric of the data, over time. A correlation engine may determine a correlation measure between the first metric and a second metric, over time. The correlation engine may generate, responsive to the correlation measure being greater than a reference level, a visualization of the first metric and the second metric varying in time, on a device to display to a user.

Abstract: Methods, systems, and apparatuses for discovering dynamic path maximum transmission unit (PMTU) between a sending computing device and a receiving computing device (e.g., a client device and a host device) are described herein. A sending computing device may iteratively transmit bursts of probe packets, each burst being defined by a search range between a maximum packet size and a minimum packet size. The sending computing device may iteratively update the search range based on the previous iteration until the search converges on the PMTU. When the PMTU is discovered, each of the computing devices may update their transport and presentation layer buffers based on the discovered PMTU without any other protocol level disruption. In a multi-path scenario, the computing device may discover PMTU for each of the paths and select a performance optimal path based on the individual PMTUs and other network characteristics such as loss, latency, and throughput.

Abstract: Methods and systems for performing real time digital content concealment are described herein. A computing device may, in response to detecting a user within view of an image capture device of a client device, perform a first type of text recognition on a first region of digital content and a second type of text recognition on a second region of the digital content, where the first type of text recognition is determined based on a first type of content items contained in the first region and the second type of text recognition is determined based on a second type of content items contained in the second region. Based at least in part on rules corresponding to the user, the computing device may determine content items within the digital content to be concealed, and may modify the digital content to conceal the content items.

Abstract: A method for creating and executing a micro-application includes receiving a user selection of a user interface element within a user interface of a primary application. Source code associated with the selected user interface element is parsed to obtain at least one attribute associated with the selected user interface element. Data associated with the selected user interface element is identified based on the source code. A response based on the at least one attribute and the data is generated. A microapp configured to process the response to obtain the data from within the primary application is generated.

Abstract: Described embodiments provide systems and methods for recording metadata about a microservice for requests to the microservice. A device configured as a proxy to one or more microservices of a service can receive a registration request to register a microservice of the one or more microservices with the device. Metadata can be received during registration of the microservice with the device. The metadata can identify an identifier of the microservice, a deployment version of the microservice and a region of deployment of the microservice. The device can store the metadata in association with the microservice and record the metadata of the microservice registered with the device in association with a plurality of requests. The device can identify, via a user interface and the metadata recorded to the log, a change in operation of the microservice in connection with one of the deployment version or the region of the microservice.

Abstract: Described embodiments provide systems and methods for executing a plurality of validation tests to validate a plurality of microservices of one or more services. A device intermediary to a plurality of microservices of one or more services identifies a plurality of validation tests, each of the validation tests configured with a timeline, a target microservice and one of a synthetic error or a latency to implement to validate the target microservice. The device executes a first validation test of the plurality of validation tests to implement, over a first timeline, one of a first synthetic error or a first latency in responding to a first target microservice of the plurality of microservices. The device executes a second validation test of the plurality of validation tests to implement, over a second timeline, one of a second synthetic error or a second latency in responding to a second target microservice of the plurality of microservices.

Abstract: A client device includes a memory and at least one processor configured to cooperate with the memory. The at least one processor receives a virtual disk change notification from a server, with the virtual disk change notification including a new configuration for a virtual disk image. At least one change to the virtual disk image is determined based on a comparison of the virtual disk image with the new configuration of the virtual disk image. The virtual disk image is modified based on the determined at least one change.

Abstract: Described embodiments provide systems and methods for priority-based transport connection control. A first packet engine can read connection information of existing connections of a second packet engine written to a shared memory region by the second packet engine. The first packet engine can establish one or more virtual connections according to the connection information of existing connections of the second packet engine. Each of the first packet engine and the second packet engine can receive mirrored traffic data. The first packet engine can receive a first packet and determine that the first packet is associated with a virtual connection corresponding to an existing connection of the second packet engine. The first packet engine can drop the first packet responsive to the determination that the first packet is associated with the virtual connection.

Abstract: Described embodiments provide systems and method for intelligent path selection to reduce latency and maintain security. A client can request access to a server and multiple connections can be initiated to the requested destination, for example, a direct connection from a branch office and a backhauled connection through a data center. Traffic via the second connection can be controllable by application of at least one rule of the data center. A device can determine a delay in the exchange of data via the connections and a security level of the connections. The determination of the delay in the exchange of data via the another connection can be based on in part feedback about the application of the rule. The device can connect a client device to a server through one of the connections using the determination of the delay and the security level of the connection.

Abstract: Described embodiments provide for associating a user experience score with a location of a client. A device may identify a session between the client and an application service established via a first network. The device may receive, via the application service, a network address of the client associated with a second network. The device may determine a location of the client accessing the application service via the first network based at least on the network address associated with the second network. The device may receive, from an instrumentation service, performance factors for the client. Each of the performance factors may be associated with access to the application service by the client. The device may generate a user experience score for the client based at least on the performance factors. The device may provide an instruction based at least on an association between the user experience score and the location.

Abstract: Described embodiments provide for associating a user experience score with a location of a client. A device may identify a session between the client and an application service established via a first network. The device may receive, via the application service, a network address of the client associated with a second network. The device may determine a location of the client accessing the application service via the first network based at least on the network address associated with the second network. The device may receive, from an instrumentation service, performance factors for the client. Each of the performance factors may be associated with access to the application service by the client. The device may generate a user experience score for the client based at least on the performance factors. The device may provide an instruction based at least on an association between the user experience score and the location.

Abstract: The implementations described herein provide a tool for identifying security issues and applying security policies to the service(s) and/or microservices. Rather than a user (such as an administrator) reactively diagnosing security incidents, the systems and methods described herein may provide a tool by which the user can proactively monitor the use of the services and microservices for security issues and control the user of such microservices and services via policies. The systems and methods allow API granular policy control to determine which APIs may be granted or denies access based on a variety of criteria, such as but not limited to the source of the request, the specific API being called, temporal conditions, geography and so forth. The user can identify security concerns or issues on a per API basis.

Abstract: Methods and systems for shared file conflict detection on a computing device are described herein. A computing device may store a shared file that may be accessed by a variety of other computing devices. An operating system executing on one or more computing devices may generate file handles corresponding to file operations associated with the shared file. One or more of the computing devices may receive, from a remote computing device, a request for a file operation associated with the shared file. A notification corresponding to file handles associated with the shared file may be transmitted to a user. The request for the file operation may be implemented or rejected based on file handles associated with the shared file, the file operation, and/or whether the file operation may cause an application to crash or cause data corruption.

Abstract: A computer system is provided. The computer system includes a memory and at least one processor coupled to the memory and configured to extract, from a website vulnerability scanner log, a uniform resource locator (URL) and a vulnerability score and vulnerability classification associated with the URL. The at least one processor is further configured to generate an application vulnerability graph comprising connected nodes that are associated with a field of the URL. The nodes are labeled to indicate the associated field of the URL and color coded based on the vulnerability score. The nodes are also associated with the vulnerability classification. The at least one processor is further configured to enable or disable security protection against a user-selected vulnerability classification of a user-selected node by generating web application firewall security rules and/or web application firewall relaxation rules.