Abstract: A multi-factor authentication request of a user is received. For example, the multi-factor authentication request may include a valid username/password and a valid fingerprint scan. A first authentication factor of the multi-factor authentication request is an access authentication factor (e.g., the valid username/password) and a second authentication factor (e.g., the valid fingerprint scan) of the multi-factor authentication request is one of: a time-only authentication factor; a multi-session authentication factor; and a location-only authentication factor. The user is authenticated based on the first authentication factor and the second authentication factor. Access is granted to one or more resources according to one or more rules associated with the first authentication factor and second authentication factor.

Abstract: According to examples, an apparatus may include a processor and a memory on which are stored machine-readable instructions that when executed by the processor, may cause the processor to receive information regarding a performance characteristic of an application during predetermined time periods. The processor may calculate a rate of change in the performance characteristic over the predetermined time periods. Based on a determination that the performance characteristic of the application has changed over the predetermined time periods, the processor may tune values of a set of parameters for the application based on the calculated rate of change in the performance characteristic.

Abstract: Automated testing of an application under test (AUT) often requires providing valid responses to an authentication challenge. Many AUTs require a username and password and, increasingly, a time-based one-time password (TOTP) that complicate automated testing. By storing a shared secret on a client device, a human can train an automated testing application to select the shared secret and provide the shared secret to a shared secret provider. The shared secret provider then provides a token code as the TOTP. The shared secret may be stored as a graphical element, such as a quick response (QR) code, and may further correspond to a particular username used to test the AUT.

Abstract: An anomaly on a computer network is identified by processing data generated by the computer network. The anomaly is identified based on a first anomaly threshold of a plurality of anomaly thresholds associated with the anomaly. In response to determining that the anomaly has met the first anomaly threshold of the plurality of anomaly thresholds associated with the anomaly, a first authentication level associated with the first anomaly threshold is identified. The plurality of anomaly thresholds associated with the anomaly have a plurality of associated authentication levels. A user interface is displayed to an administrator that includes a prompt to authenticate the administrator at the first authentication level. Authenticating the administrator at the first authentication level allows the administrator to take an action associated with the anomaly. For example, the administrator may unload an application that may likely have been compromised.

Abstract: Techniques for Precision-Preserving Format-Preserving Encryption (PPFPE) to protect numeric values and strings with leading/trailing and special characters, while preserving their precision, both as a protected value (e.g., ciphertext) and when decrypted are provided. In one aspect, a plaintext string is parsed to detect a first and last sentinel characters, wherein any character(s) preceding the first sentinel character comprises a leading character(s) and any character(s) following the last sentinel character comprises a trailing character(s). Any leading character(s) preceding the first sentinel character and/or any trailing character(s) following the last sentinel character are passed through. A ciphertext string is generated by encrypting the first and last sentinel character using one or more subsets of a set of encryption characters; and encrypting the portion of the plaintext string between the first and last sentinel character using the set of encryption characters.

Abstract: In multi-threaded or multi-processor computing systems, a deadlock may occur when two or more processes or threads are unable to proceed because they are each waiting for a resource that the other holds. As a result, progress is halted because conflicting entities are stuck in a circular dependency, and none can release the resources they hold to let the others continue. Systems and methods are provided wherein a resource reservation is carried out in two steps. The first step causes query nodes to add an identifier to a queue and, upon a request and the identifier being in a first position, a non-sharable resource is reserved. As a result, non-sharable resources are reserved in order and when needed, thereby preventing deadlocks.

Abstract: A method includes determining, by a computer, measures of recency for a plurality of issues that are associated with a plurality of devices of a computer system; and determining, by the computer, measures of frequency for the plurality of issues. The method includes prioritizing, by the computer, the plurality of issues for review based on the determined measures of recency and frequency.

Abstract: Systems and methods are disclosed for configuring a testing device to only perform relevant tests, wherein the test results are more meaningful (e.g., few false-positives) and relevant to the application. Source code is analyzed to determine elements that indicate a particular environment for the source code's corresponding machine code. When the source code indicates that a particular environment is not a candidate for execution of the machine code, tests associated with that particular environment are excluded. The testing device is then configured to perform those tests that are relevant for those environments that actually apply.

Abstract: According to an example, a model is selected from models including an augmented buyer model based on probabilities of conceivable transitions, and each conceivable transition includes a multi-step transition between a first URL and a second URL via at least one intermediate URL of the website. A user is determined to likely be a buyer or a non-buyer based on interaction data and the selected model. The user is presented with an offer that encourages the user to buy from the website upon the determination that the user is a buyer.

Abstract: An apparatus may include a processor (102) that may generate automated test scripts to test graphical user interface (GUI) functions of an application under test (AUT) (235). The apparatus may generate a screen element (220) that is overlaid onto at least one or all of the GUIs (210). The screen element (220) may therefore receive user inputs directed at the GUI (210), but block such inputs from being provided to the GUI (210). The user inputs received at the screen element (220) may be recorded in an automated test script for later replay. Blocking the user input may prevent a change in appearance of a GUI element (212) that would otherwise result from the user input, facilitating automated location of the GUI element (212) during replay of the automated test script.

Abstract: Strings of a text file representing a configuration of a target device are respectively tokenized into tokens for the configuration. The tokens for the configuration are shingled. A target device signature representing the configuration of the target device is generated by applying a min-wise independent permutations locality sensitive hashing (MinHash) technique to the tokens as have been shingled. Whether the configuration of the target device is anomalous is identified based on the target device signature.

Abstract: Devices with low or no security are often added to networks. These devices have the ability to utilize the network and, accordingly, may pose a security risk. Systems and methods herein enable a device to be added to a network and, if the resulting new traffic matches a template, the device is established on an automatically created virtual local area network (VLAN) used solely for the new device. A router is automatically configured to allow traffic that matches the type of device that was newly added, but if other traffic is detected, the device may be treated as a threat and managed accordingly.

Abstract: According to examples, an apparatus may include a processor that may internationalize an automated test script that was generated to test a Graphical User Interface (GUI) in the first human language. When the GUI is internationalized into a second human language, the automated test script may no longer function. As such, the system may employ computer vision techniques to analyze the GUI in the first human language and the GUI in the second human language to identify text and GUI elements that correlate with one another. Based on the correlation, the system may internationalize the automated test script to function on the GUI in the second human language.

Abstract: Attacks on a first network can be targeted to the first network or components on the first network, or can be untargeted, wherein other networks each receive the same attack. By determining if an attack is targeted or untargeted, a more appropriate response may be initiated to protect the private network. A targeted attack may indicate that an actor, which may be an unfriendly state-sponsored actor, is directing their efforts to penetrate a particular network. In response, additional efforts to protect the network and/or other assets having common ownership of the network may be reinforced in anticipation of a broader attack.

Abstract: Attacks on a first network can be targeted to the first network or components on the first network, or can be untargeted, wherein other networks each receive the same attack. By determining if an attack is targeted or untargeted, a more appropriate response may be initiated to protect the private network. A targeted attack may indicate that an actor, which may be an unfriendly state-sponsored actor, is directing their efforts to penetrate a particular network. In response, additional efforts to protect the network and/or other assets having common ownership of the network may be reinforced in anticipation of a broader attack.

Abstract: Software is commonly built from a package of software packages, such as open-source packages. A package may require a number of interdependent packages, any one of which may have a security vulnerability. However, the dependencies between packages are often version specific and merely upgrading a package to the newest, or newest non-vulnerable, version may break a dependency and cause the software to be unbuildable (e.g., fail to compile or link) or, if built, faulty. By mapping dependencies to non-vulnerable versions a graphical representation may be built having one or more root-to-leaf paths identifying all the required packages by compatible version but exclude any vulnerable versions. The package may then be built to ensure the resulting software is both internally compatible between packages and absent known security vulnerabilities.

Abstract: Documents are often generated using a customer communication management (CCM) application that utilizes rules to select and/or modify certain fragments of a document. By analyzing the rules and content that produced a certain fragment, a second CCM application may be automatically provided with the rules, such as when the first set of rules are not available for porting to a second system. Accordingly, a server may access a rule comprising a condition, a document fragment, and a rule identifier. A server may generate a first document to comprise visible content and hidden content. Generating the first document may comprise evaluating the rule and, when the rule is true, including the document fragment as a portion of the visible content and including the rule identifier as a portion of hidden content. A server may provide the first document to a destination.

Abstract: A request to add a new block to a blockchain is received. Data associated with the new block is scanned to identify malware and/or an anomaly. In response to identifying the malware and/or the anomaly in the data associated with the new block, an action is taken. The action includes: rejecting the request to add the new block to the blockchain, or removing the malware/anomaly from the new block and adding the new block to the blockchain. In a second embodiment, a malware event is identified that identifies malware/an anomaly in a block in a blockchain. In response to the malware event, an action is taken. The action includes: consolidating the blockchain, bypassing the block in the blockchain, consolidating the blockchain and bypassing the block in the blockchain, and deleting an encryption key that was used to encrypt the associated data that comprises the malware and/or the anomaly.

Abstract: A request to install a first version of a software application is received. The first version of the software application is stored in a first blockchain in a first distributed blockchain ledger. In response to receiving the request to install the first version of the software application, the first version of the software application is validated by running a hash of the first blockchain. In response to validating the first version of the software application, the first version of the software application is installed from the blockchain to a device. The software application may also be validated after being installed to the device.

Abstract: A plurality of different types of resource access events are identified. For example, a resource access event may be an administration event where a user is given certain access rights to view/modify a resource, such as, a database record. A plurality of blocks are generated, where each block is associated with an individual one of the plurality of different types of resource access events. The plurality of blocks are added to a first resource access blockchain. The blockchain can be used to track the various types of resource access events.