Abstract: A plurality of different types of resource access events are identified. For example, a resource access event may be an administration event where a user is given certain access rights to view/modify a resource, such as, a database record. A plurality of blocks are generated, where each block is associated with an individual one of the plurality of different types of resource access events. The plurality of blocks are added to a first resource access blockchain. The blockchain can be used to track the various types of resource access events.

Abstract: A technique includes accessing, by at least one hardware processor, a recorded request and a recorded response associated with an integration test involving a first computer system and a second computer system. The recorded request was previously issued by the first computer system to the second computer system to cause the second computer system to provide the recorded response. The technique includes, in a virtualized integration test involving the second computer system and initiated using the recorded request, comparing, by the hardware processor(s), the recorded response to a request produced by the second computer system in the virtualized integration test. The technique includes identifying, by the hardware processor(s), an action taken by the second computer system as being likely to be associated with a regression based on the comparison.

Abstract: Method and system to automatically verify the layout of a webpage on various screen sizes. The method includes retrieving screen size data associated with the webpage. The method further includes determining anchor points for the webpage based on the retrieved screen size data. The method also includes rendering the plurality of elements of the webpage based on the retrieved screen size data and the determined anchor points and identifying a respective location of each of the plurality of elements of the webpage to verify the layout of the plurality of elements of the webpage. If an error in the layout of the webpage is detected, a visual and/or audio alert is sent.

Abstract: A docker image is received. The docker image is for a container. The container contains files that allow for virtualization of applications that run within the container. The docker image is parsed to identify layer files in the docker image. Installed software components (e.g., installed files) and/or hardware components in the layer files are identified. Software application index calls are made to generate information that identifies relationships between the installed software components and/or hardware components. The relationships between the installed software components and/or hardware components are then displayed to a user.

Abstract: According to examples, an apparatus may include a processor and a memory on which are stored machine-readable instructions that when executed by the processor cause the processor to receive parameters for a partition range for a partition key associated with a table. The table may have a vertical table structure. The processor may generate an index of vertical table columns based on the received parameters for the partition range. The generated index may be a physical store for data from the table and may have a subset of rows of the table correlating to the partition range. The processor may receive a query having a predicate associated with the partition key associated with the table and, based on a determination that the predicate included in the received query is within a partition range for the generated index, the processor may execute the query using the generated index.

Abstract: According to examples, an apparatus may include a processor and a memory on which are stored machine-readable instructions that when executed by the processor cause the processor to receive a first IP address using a type of a discovery process for discovery of network configuration information. The processor may determine whether the first IP address is a private IP address or a public IP address. The processor may determine a second attribute of the first IP address, which may include information on a routing domain for the first IP address based on the type of the discovery process used for discovery of the network configuration information. The processor may merge the first IP address with a second IP address based on the second attribute of the first IP address, in which the second IP address may be replaced with the first IP address.

Abstract: A login macro to automatically log into a web application running on a server computing device is generated from a provided username, a provided password, and a provided network address of the web application. The login macro can be generated regardless of whether the web application is logged into at a starting web page at the provided network address or at a sign-in web page navigable from the starting web page. After the login macro has been generated, that usage the login macro successfully results in logging into the web application running on the server computing device can be verified.

Abstract: A service receives, from client computing devices of client networks, information regarding incoming network traffic addressed to dark Internet Protocol (IP) address spaces the of client networks. The service can predict a cyber attack based on the information received from the client computing devices of the client networks. The server computing device notifies the client computing device of each client network affected by the predicted cyber attack.

Abstract: Examples herein involve detection of entities in unstructured data. Terms are extracted from unstructured data. Entities scores for the terms are calculated using information from a name probability source, a known entity database, and historical context information. The entity scores indicate a probability that the respective terms refer to entities. The presence of detected entities are indicated based on the entity scores.

Abstract: A first message is received from a first communication device. The first message comprises an authentication token. For example, the authentication token may be a username/password. A determination is made if the first message also comprises a valid temporary password. The temporary password is used to prevent a Denial-of-Service (DOS) attack. In response to the first message comprising the valid temporary password, a determination is made if the authentication token is valid. In response to the authentication token being valid, the first message is responded to in a normal manner. If the first message does not contain the temporary password, the first message is handled based on a DOS message handling process.

Abstract: A first network device nonce is computed. The first network device nonce is based on a first network device secret. A Change Token Table message (CTTM) is sent to a second network device. The CTTM comprises the first network device nonce. A Change Token Table Ack Message (CTTAM) with a second network device nonce is received from the second network device. A new token for a tokenization table is computed based on the first network device secret, the second network device nonce, a prime number, and a key derivation function. The new token for the tokenization table is also computed by the second network device based on a second network device secret, the first network device nonce, the prime number, and the key derivation function.

Abstract: A request to install a first version of a software application is received. The first version of the software application is stored in a first blockchain in a first distributed blockchain ledger. In response to receiving the request to install the first version of the software application, the first version of the software application is validated by running a hash of the first blockchain. In response to validating the first version of the software application, the first version of the software application is installed from the blockchain to a device. The software application may also be validated after being installed to the device.

Abstract: Back end calls triggered by a user interaction with a client user interface may be identified. The user interaction may be correlated with a logic flow, and the logic flow may be associated with the back end calls. A supervised learning model may be trained using a labeled data set comprising the back end calls and their associated logic flow. Rules may be derived from the supervised learning model for classifying other back end calls. The rules may be outputted to a classifier that utilizes the rules to associate the other back end calls with the logic flow.

Abstract: According to examples, an apparatus may include a processor and a memory on which are stored machine-readable instructions that when executed by the processor, may cause the processor to receive information regarding a performance characteristic of an application during predetermined time periods. The processor may calculate a rate of change in the performance characteristic over the predetermined time periods. Based on a determination that the performance characteristic of the application has changed over the predetermined time periods, the processor may tune values of a set of parameters for the application based on the calculated rate of change in the performance characteristic.

Abstract: Context information associated with a network node is determined. For example, a network node (e.g., a server) has indicated that an application on the network node appears to be having performance problems. The context information may be to gather data about the application, such as, load, number of users accessing the application, etc. The context information comprises one or more rules for dynamically configuring how data is collected on the node. For example, the rule may indicate what specific statistics should be gathered from the application in real-time. The context information is sent to the network node. Node information is received from the network node in response to sending the context information. The node information is collected based on the one or more rules for configuring how data is collected on the network node. The node information is organized and is displayed on a user interface to a user.

Abstract: An apparatus may include a processor that may be caused to access handholding information indicating a hand configuration in which the apparatus is being held and compare the handholding information with previously-stored handholding authentication data of an authentic user. The previously-stored handholding authentication data may represent an authentic configuration in which the apparatus is held by the authentic user. The processor may be caused to determine that the apparatus is being held by the authentic user based on the comparison and cause an authenticated action to occur based on the determination.

Abstract: A device context of a device is identified based on device data including a current state of the device, and a user context of a user is identified based on user data including user interaction with a user interface for the device. A current task that the user is performing on the device in relation to the current state of the device is identified, and knowledge regarding how the user is performing the current task using the user interface is extracted, using an artificial intelligence technique with respect to the identified device context and the identified user context. The extracted knowledge for the identified current task is stored within a knowledge base, and can be used to adapt the user interface for another user performing the current task on the device in the current state.

Abstract: A request to add a new block to a blockchain is received. Data associated with the new block is scanned to identify malware and/or an anomaly. In response to identifying the malware and/or the anomaly in the data associated with the new block, an action is taken. The action includes: rejecting the request to add the new block to the blockchain, or removing the malware/anomaly from the new block and adding the new block to the blockchain. In a second embodiment, a malware event is identified that identifies malware/an anomaly in a block in a blockchain. In response to the malware event, an action is taken. The action includes: consolidating the blockchain, bypassing the block in the blockchain, consolidating the blockchain and bypassing the block in the blockchain, and deleting an encryption key that was used to encrypt the associated data that comprises the malware and/or the anomaly.

Abstract: A request to load an application into memory for execution is received. The application is stored in one or more blocks in a blockchain. The application is validated by running a blockchain hash. In response to validating the application by running the blockchain hash, the application is loaded from the blockchain into a memory. The application is then executed in the memory. This provides a secure method of loading an application into memory.

Abstract: An endpoint device monitors loading of dynamically loaded libraries (DLLs) by a process, such as during execution of the process on the endpoint device. The endpoint device can generate an endpoint-independent representation of the DLLs upon exiting of the process. The endpoint device may generate a hash, such as a one-way hash, of the endpoint-independent representation. The endpoint device may transmits the process and the hash to a management device to detect in a machine learning manner whether loading of the DLLs during the execution of the process was anomalous.