Abstract: A snapshot event is received. The snapshot event is a snapshot of data that was sampled based on a snapshot metric. For example, the snapshot event may be a number of user logins (the data) over a specific time period (the snapshot metric). A destination analytical database is determined for the snapshot event. The snapshot event may then be sent to a queue. The snapshot event is then sent to the destination analytical database and stored in the destination analytical database.

Abstract: A request is received by a network management server, from a managed node, to get cluster information. The cluster information identifies a coordinator node and a leader node (a node hierarchy) that are used to track liveness of the managed node. The coordinator node and the leader node may be identified based on being in the same location as the managed node. The cluster information is sent to the managed node to make the managed node aware of the hierarchy. The coordinator node consolidates liveness of the nodes in its grouping in the cluster. The coordinator node sends a first liveness message of the managed node to the leader node. The leader consolidates a group of coordinator nodes by sending a second liveness message of the managed node to the network management server. This gives the network management server a status of all the managed nodes in the cluster.

Abstract: Current physical resources utilization of a computing system as a whole is monitored. The number of queries concurrently being executed against a database by a database management system (DBMS) running on a computing system is monitored. A query plan for a received query to be executed against the database is generated. The query plan includes operators; the generation of the query plan includes generation of query-based statistics for the received query on a per-operator basis without consideration of the queries concurrently being executed. An estimated execution time of the received query is dynamically predicted using a machine-learning model based on the query-based statistics generated for the received query on the per-operator basis, the current physical resources utilization of the computing system, and the number of queries concurrently being executed. The received query is executed against the database based on the dynamically predicted estimated execution time for the received query.

Abstract: A docker image is received. The docker image is for a container. The container contains files that allow for virtualization of applications that run within the container. The docker image is parsed to identify layer files in the docker image. Installed software components (e.g., installed files) and/or hardware components in the layer files are identified. Software application index calls are made to generate information that identifies relationships between the installed software components and/or hardware components. The relationships between the installed software components and/or hardware components are then displayed to a user.

Abstract: A technique includes displaying, by a computer using a graphical interface, a map of a geographical area, where the map includes political boundaries. The technique includes displaying, by the computer, graphical images on the map representing a plurality of aspects that are associated with the management of a plurality of projects as corresponding geographical features on the map. The technique includes graphically segregating, by the computer, the plurality of projects on the map using the political boundaries; receiving input, via interaction with the displayed map; and changing, by the computer, in response to the interaction, how a given aspect of the plurality of aspects of a given project of the plurality of projects is represented on the map.

Abstract: A nonce is sent to a user communication device. Obfuscated biometric data is received from the user communication device. The obfuscated biometric data is generated by an obfuscation process that uses the nonce and first biometric data. The first biometric data is generated from a biometric of a user at the user communication device. For example, the first biometric data may be biometric data from a fingerprint scan. The obfuscation process is reversed by using the first nonce to produce the first biometric data. The first biometric data is compared to known biometric data of the user. In response to the first biometric data being within a threshold of the known biometric data, the user is authenticated.

Abstract: Examples disclosed herein relate to source entities of security indicators. Some examples disclosed herein enable identifying, in a security information sharing platform, a security indicator that is originated from a source entity where the security indicator comprises an observable. Some examples further enable determining a reliability level of the source entity based on at least one of: security events, sightings of the observable, a first set of user feedback information that is submitted for the security indicator by users of the security information sharing platform, or a second set of user feedback information that is collected from external resources that are external to the security information sharing platform.

Abstract: A computing device includes a processor and a medium storing instructions. The instructions are executable by the processor to: in response to a receipt of an electronic request comprising one or more structured data fields and one or more unstructured data fields, identify a set of previous electronic requests using the one or more structured data fields of the received electronic request; train a probabilistic classification model using at least one structured data field of the identified set of previous electronic requests; execute the trained probabilistic classification model using the one or more unstructured data fields of the received electronic request; and automatically select a request handler using an output of the executed probabilistic classification model.

Abstract: A synchronization structure that indicates changes to files that are to be synchronized is created. The synchronization structure is stored as a series of synchronization blocks. A first synchronization message is received from a communication device. The first synchronization message includes a next block number. A second synchronization message is sent to the communication device. The second synchronization message comprises one or more synchronization blocks that are identified based on the next block number. A third synchronization message is received from the communication device. The third synchronization message requests a number of files to be synchronized. The number of files to be synchronized are sent to the communication device.

Abstract: In some examples, with respect to asymmetric-man-in-the-middle capture based application sharing protocol traffic recordation, a dynamic-link library that alters application programming interface calls with respect to communication between an application sharing protocol client and an application sharing protocol server may be injected into the application sharing protocol client. Based on the injected dynamic-link library, data from the communication between the application sharing protocol client and the application sharing protocol server may be ascertained. Further, based on the ascertained data, a test script may be generated to test operation of an application associated with the communication between the application sharing protocol client and the application sharing protocol server.

Abstract: An indication of a user being authenticated is received. For example, the user authenticates with a valid username/password. In response to receiving the indication of the user being authenticated, a watermark is associated with the user. The watermark is sent to a communication device of the user. For example, the watermark is sent to the user's personal computer. The communication device of the user embeds the watermark into a communication. For example, the watermark may be embedded into a communication session with a web server. The watermark is sent to a routing device on a network (e.g., a router and/or firewall). The routing device uses the watermark embedded in the communication to determine how to route the communication on the network.

Abstract: A first node in a distributed blockchain ledger validates all remaining nodes in the distributed blockchain ledger to secure the distributed blockchain ledger. The remaining nodes in the distributed blockchain ledger can be validated in various ways. For example, an encrypted package can be exchanged to obtain a unique session key for each of the remaining nodes in the distributed blockchain ledger. Another alternative is to receive split-key fragments from all the nodes in the distributed blockchain ledger. The received split-key fragments are used to generate a common key for validating all the remaining nodes in the distributed blockchain ledger.

Abstract: An input regarding security characteristics of a project is received. For example, a security characteristic of a project may be insecure storage of data related to confidentiality. The project is scanned for one or more security requirements based on the received security characteristics. A list of security requirements is built for the project based on the received first input. A machine learning process is used to identify addition of one or more security requirements and/or removal of one or more security requirements from the list of security requirements. A first security vulnerability scan is run using the list of security requirements with the one or more additional security requirements and/or the removed one or more security requirements. Results for the first security vulnerability scan are generated and displayed to a user.

Abstract: A query is converted into a structured query tokenization. One or more query results visualizations for the query are determined by applying a supervised machine learning model to the structured query tokenization into which the query has been converted. Query results of the query are displayed using the determined query results visualizations.

Abstract: An event is identified. The event is associated with device content (e.g., one or more files) and a network location (e.g., a branch location of a corporation). One or more rules are retrieved. The one or more rules are associated with the device content, the network location, and a number of communication devices at the network location. A number of shards (e.g., erasure encoding shards) are determined based on the rules. The number of shards are generated. The number of shards are sent to a plurality of communication devices at the network location according to the rules. The plurality of communication devices at the network location are equal to or less than the number of communication devices at the network location.

Abstract: A multi-factor authentication request of a user is received. For example, the multi-factor authentication request may include a valid username/password and a valid fingerprint scan. A first authentication factor of the multi-factor authentication request is an access authentication factor (e.g., the valid username/password) and a second authentication factor (e.g., the valid fingerprint scan) of the multi-factor authentication request is one of: a time-only authentication factor; a multi-session authentication factor; and a location-only authentication factor. The user is authenticated based on the first authentication factor and the second authentication factor. Access is granted to one or more resources according to one or more rules associated with the first authentication factor and second authentication factor.

Abstract: Thread information generated by one or more computing systems is captured. A thread pattern is identified from the captured thread information. The thread pattern is compared to a learned thread pattern. An anomaly is identified in the thread pattern based on a variance from the learned thread pattern. In response to identifying the anomaly in the thread pattern, an action is taken based on the anomalous thread pattern. For example, a user may be notified. The thread patterns may be extended to compare between operating systems, hypervisors, containers, and/or virtual machines.

Abstract: Software is commonly built from a package of software packages, such as open-source packages. A package may require a number of interdependent packages, any one of which may have a security vulnerability. However, the dependencies between packages are often version specific and merely upgrading a package to the newest, or newest non-vulnerable, version may break a dependency and cause the software to be unbuildable (e.g., fail to compile or link) or, if built, faulty. By mapping dependencies to non-vulnerable versions a graphical representation may be built having one or more root-to-leaf paths identifying all the required packages by compatible version but exclude any vulnerable versions. The package may then be built to ensure the resulting software is both internally compatible between packages and absent known security vulnerabilities.

Abstract: According to examples, an apparatus may include a processor and a memory on which are stored machine-readable instructions that when executed by the processor cause the processor to receive a first IP address using a type of a discovery process for discovery of network configuration information. The processor may determine whether the first IP address is a private IP address or a public IP address. The processor may determine a second attribute of the first IP address, which may include information on a routing domain for the first IP address based on the type of the discovery process used for discovery of the network configuration information. The processor may merge the first IP address with a second IP address based on the second attribute of the first IP address, in which the second IP address may be replaced with the first IP address.

Abstract: In some examples, a system renders, in a user interface, data fields of an interface code, the interface code to input or output the data fields in a transaction, and receives a selection, made in the user interface, of a first data field from among the data fields of the interface code. The system modifies the interface code by adding an indicator associated with the first data field, the indicator specifying anonymization of the first data field during the transaction that uses the first data field, the modifying of the interface code producing a modified interface code.