Abstract: Embodiments described include systems and methods for delivering a network application. An intermediary device between a client device and a server hosting a network application establishes a connection with the network application. The intermediary device receives encoded application data and decodes the encoded application data. The application data is encoded graphics data or audio data. The decoded application data is renderable at the client device. The intermediary device transmits the decoded application graphics and/or audio data to a client application of the client application for rendering to provide user access to the network application.

Abstract: A computer system is provided. The computer system can include a memory, a network interface, and at least one processor coupled to the memory and the network interface. The at least one processor can be configured to identify a file to provide to a computing device; predict a geolocation at which the computing device is to request access to the file; predict a network bandwidth to be available to the computing device at the geolocation; determine, based on the file and the network bandwidth, a first portion of the file to store in a cache of the computing device; and download, via the network interface, the first portion of the file to the cache.

Abstract: Described embodiments provide systems and method for establishing a collaboration channel between a plurality of devices to provide shared access to at least one memory location for each device of the plurality of devices. A server can detect an event identifying a plurality of participants and generate a template for the event. The server can create, based on the template, a folder to store one or more content items and establish a channel communicatively connecting the plurality of devices with the folder. The channel can provide shared access to the folder for each device of the plurality of devices. The server can receive, via the channel a first content item at the folder responsive to at least one device executing the first action and provide, responsive to receiving the first content item, a second action to the plurality of devices through the channel.

Abstract: Described embodiments provide systems and methods performing header protection. A device can receive from a client, a request relating to a first resource, for a second resource. The device can determine, using an identifier for the session, whether an address of the first resource has been previously accessed by the client during the session. The device can verify, using an address of the second resource, whether the address of the second resource is mapped to the address of the first resource for the session between the client and the device. The device can determine whether to provide access to the second resource responsive to the address of the first resource being previously accessed by the client during the session and the address of the second resource being mapped to the address of the first resource for the session.

Abstract: Described embodiments provide systems and methods for detecting outliers on a series of data. A device receives a plurality of data points and adds a received data point to a first window of data comprising at least a predetermined number of received data points from the plurality of data points, responsive to detecting that the received data point is not an outlier from the first window of data. The device detects that one or more next data points of the received plurality of data points are outliers from the first window of data and determines that a count of the one or more next data points that are outliers exceeds a predetermined threshold. In response, the device establishes a replacement window of data.

Abstract: A technique utilizes a security heat map associated with a geographic region. The technique involves receiving, by a server, current heat scores for one or more endpoint devices located within the geographic region. The technique further involves providing, by the server, for areas within the geographic region, respective aggregate heat scores based on the current heat scores for the one or more endpoint devices. The technique further involves, based on the respective aggregate heat scores for the areas within the geographic region, generating, by the server, a security heat map defining one or more security zones within the geographic region. The technique further involves imposing, by the server, security policies on the one or more endpoint devices based on the security heat map.

Abstract: A computer system is provided. The computer system includes a memory and at least one processor coupled to the memory and configured to measure one or more environmental factors; convert the one or more environmental factors to entropy values by truncation or rounding of the one or more environmental factors to a selected number of bits; and combine the entropy values to generate an encryption key. The one or more environmental factors may include a location of the computer system, a current date and time, parameters of a network environment to which the computer system is connected, or an identification of a server to which the computer system is connected. The at least one processor is further configured to encrypt and/or decrypt at least a portion of a data file and/or at least a portion of a binary executable application using the encryption key.

Abstract: Described embodiments improve the performance of a computer network via selectively forwarding packets to bypass quality of service (QoS) processing, avoiding processing delays during critical periods of high demand, increasing throughput and efficiency may be increased by sacrificing a small amount of QoS accuracy. QoS processing may be applied to a subset of packets of a flow or connection, referred to herein as “lazy” processing or lazy byte batching. Packets that bypass QoS processing may be immediately forwarded with the same QoS settings as packets of the flow for which QoS processing is applied, resulting in tremendous overhead savings with only minimal decline in accuracy. In case of backlog, packets may be collected together into an aggregated or ‘uber’ packet, with QoS processing applied based on a virtual size of the aggregated packet.

Abstract: Methods and systems for using and/or storing identity data associated with a device to direct communications to another device are described herein. A server may store identity data, such as subscriber identity module (SIM) data, associated with a device or user. The SIM data may be used to authenticate and/or register the device or user with a mobile network. Using the SIM data, other devices may use the capabilities of the first device. The server may receive, from another device, a request to access one or more capabilities of the first device. Based on the request, the server may send a request to register the SIM data with a mobile network. After registration of the SIM data with the mobile network, the server may be used to direct communications to the other device.

Abstract: A computer system is provided. The computer system includes a memory and at least one processor coupled to the memory and configured to receive a sequence of characters within a field of a web browser, the field being associated with a password entry field served to the web browser from a website. The processor is further configured to store the received sequence of characters and send an alternate sequence of characters to the website. The processor is further configured to encrypt the received sequence of characters to generate a received encrypted partial password and compare the received encrypted partial password to one or more entries in a list of encrypted partial passwords. The processor is further configured to, in response to the comparison resulting in a difference, delete the previously sent alternate sequence of characters, and send the stored sequence of characters to the website.

Abstract: Embodiments described include systems and methods of determining one or more links of one or more network applications to access to perform a task is provided. The method can include receiving, by a server, a request from a client application on a client device. The request can identify a name of a task to be performed. The client application can include an embedded browser for accessing one or more network applications. The method can include determining, by the server, one or more links of the one or more network applications hosted on one or more third party servers that are to be used to perform a task identified by the name of the task. The method can include causing, responsive to the request and to perform the task, the embedded browser of the client application on the client device to access the one or more links of the one or more network applications hosted on the one or more third party servers.

Abstract: Systems and methods described herein provide an automated workflow tool that automatically and efficiently creates an executable workflow while preventing or reducing the introduction of errors into the workflow. The tool receives a selection of a start tile. In response, the tool presents a number of selectable items to configure an action to detect that initiates execution of the start tile as the first step in the workflow. Responsive to saving a configuration of the start tile including the action, the tool determines that the configuration of the start tile instructs the tool to add a second tile connected to the start tile on the canvas of the workflow. The tool presents a number of selectable items to configure the second tile as a next step in the workflow. The tool executes the workflow configured with the start tile and the second tile responsive to detecting the action configured in the start tile.

Abstract: A method for validating a Uniform Resource Locator (URL) includes generating electronic media content including the URL, generating a Certificate Signing Request (CSR) including the URL, sending the CSR to a certificate signing server, receiving a signed certificate corresponding to the CSR from the certificate signing server, and encoding the signed certificate as metadata in the electronic media content and/or encoding a serial number associated with the signed certificate as metadata in the electronic media content. A user can send the URL to another user through a chat message, an email, a word processing document or other business application, or a document which has a URL through a pen drive, email, or chat message. The certificate-based mechanism is used to validate the origin (sender) of the URL so that the recipients know that the URL can be accessed without having to separately analyze the security risks.

Abstract: A computer system is provided. The computer system includes a memory and at least one processor coupled to the memory and configured to protect against theft of user credentials. The at least one processor is further configured to recognize a uniform resource locator (URL) to which a web browser is navigating, as a URL for which protection is to be provided. The recognition is based on an absence of the URL from a history of visited URLs for which a password has been entered. The at least one processor is further configured to extract a character sequence of selected length that is entered into a field of a website associated with the recognized URL; compare an encryption of the character sequence to entries in a list of encrypted partial passwords of the same selected length; and perform a security action in response to a match resulting from the comparison.

Abstract: A computer system is provided. The computer system includes a memory and at least one processor coupled to the memory and configured to provide protection against theft of user credentials by email phishing attacks. The at least one processor is further configured to identify a company name included in a received email; identify a link in the received email; extract a domain name from the identified link; search a linkmap for an existing record associated with the identified company name, wherein the linkmap comprises a collection of records, the records relating names of companies to trusted domain names; determine if the extracted domain name matches a trusted domain name of the existing record; and identify the received email as genuine in response to the determination of the match.

Abstract: Described embodiments provide systems and methods of using an error budget for monitoring performance of a service level of a service is provided. A device intermediary to a plurality of requestors and a plurality of services can identify an error budget for a service level of a service. The error budget can include an amount for which the service is allowed to fall below the service level. The device can monitor, via requests from the requestors to the service, performance of the service with respect to the service level. The device can determine one or more instances for which the service falls below the service level and allocate one or more amounts from the error budget. The device can display the usage of the error budget for the service in association with the service level.

Abstract: Passive display devices such as a passive magnifying device (e.g., a screen magnifier) or a projector (e.g., a built-in mobile phone projector) are useful in enlarging photos, documents, videos, etc. for view for small-sized small-screen device screens. However, optimal content resolution for the small-screen device screens may not be optimal for the passive display devices. Particularly, when a small-screen device receives content from a remote computing device, the initial content resolution may not be optimal even for the small-screen device screen because of low transmission speed and/or low bandwidth of a connection with an original data source. Content resolution adjustment may be performed by determining distance between the passive display device and the small-screen device, calculating magnification ratio for the passive display device, and adjusting the content resolution based on the calculated magnification ratio.

Abstract: In accordance with one example method, a computing system may determine that first user profile data of a first user of a relevance scoring service is similar to second user profile data of a second user of the relevance scoring service, where the relevance scoring service is configured to assign first relevance scores to first information chunks to be presented to the first user based at least part on at least a first portion of first stored behavior data of the first user, and where the first stored behavior data is indicative of the first user's interactions with second information chunks previously presented to the first user. In response to determining that the first user profile data is similar to the second user profile data, the relevance scoring service may be configured to assign second relevance scores to third information chunks to be presented to the second user based at least in part on at least a second portion of the first stored behavior data.

Abstract: Methods and systems for providing secure file sharing are described herein. A computing device may determine a maximum available bandwidth for a user device. The computing device may determine, based on a network bandwidth associated with one or more applications running on the user device, a currently available bandwidth for the user device. The computing device may determine an estimated network bandwidth associated with one or more applications available to be launched via the user device. The computing device may then determine a notification. The notification may comprise information indicating at least one suggested application of the one or more applications available to be launched. Further, the computing device may cause output of the notification via the user device.

Abstract: Described embodiments provide systems and methods for protecting private data or confidential information. A device can receive a request from a client for a page from a server that includes confidential information to be verified with an owner of the confidential information. The device may be intermediary between the client and the server. Prior to providing the page to the client for rendering, the device may replace a first user interface (UI) element having the confidential information in the page, with a second UI element to obfuscate the confidential information. The device may receive an activation of the second UI element to request the owner to verify the confidential information from the client. The device may send to the client an update to the page to include an indication of whether the confidential information has been correctly verified with the owner.