Abstract: The technology disclosed relates to identifying connection maps between entities (persons and organizations) and generating so-called connection stories between them based on the connection maps. The connection stories are graphic and visual representations of the connection paths that present to entities topological and chronological aspects of their relationships with other entities.

Abstract: A system and method for providing features in a database system. In one embodiment, a method includes receiving, from a user, a request for a feature, where the feature is a functionality of the database system. The method further includes upgrading the database system, where the upgrading includes one or more provisioning steps that are based on the request from the user.

Abstract: Computer-implemented methods and systems are provided for writing events to a data store. An application server generates events, the data store that stores the events, and a temporary events file storage system (TEFSS) temporarily stores groups of events as events files. When events are unable to be written directly to the data store, an indirect events writer is invoked that includes event capture threads each being configured to generate a particular events file, and write it to the TEFSS. Each events file includes a plurality of events flushed from an in-memory buffer service. An events file uploader service reads the events file(s) from the TEFSS, and then writes the events from each of the events files to the data store.

Abstract: In accordance with embodiments, there are provided mechanisms and methods for facilitating dynamic cross-block joining of reports in an on-demand services environment in a multi-tenant environment according to one embodiment. In one embodiment and by way of example, a method includes receiving, at a server computing device, a joining request to merge a plurality of reports into a joined report, each of the plurality of reports having data including customer relationship management (CRM) data, where the request is placed at a client computing device, and merging the plurality of report into the joined report. The joined report comprises a single report representing the merged plurality of reports. The method may further include facilitating access, via a user interface at the client computing device, to the plurality of reports represented as the joined report.

Abstract: This disclosure relates to a system and related operating methods. A computer-implemented server device receives a request from a device that includes an identifier proposed for a potential account holder. The computer-implemented server device determines whether the identifier is available for use with a new account, and communicates a response to the device that indicates whether the identifier is available for use with the new account. The response is presented at the device and includes an image that contains a visually obfuscated representation of an alphanumeric message that indicates either a success or a failure.

Abstract: A predicate-based row level security system is used when workers build or split an analytical data store. According to one implementation, predicate-based means that security requirements of source transactional systems can be used as predicates to a rule base that generates one or more security tokens, which are associated with each row as attributes of a dimension. Similarly, when an analytic data store is to be split, build job, user and session attributes can be used to generate complementary security tokens that are compared to security tokens of selected rows. Efficient indexing of a security tokens dimension makes it efficient to qualify row retrieval based on security criteria.

Abstract: A system detects a security attack through a network-based application. The system receives a runtime request for invocation of a function and dynamically determines if the request for invocation of the function is associated with a cross-site scripting attack. In response to determine the function is associated with a cross-site scripting attack, the system stores information associated with the request, which is used for determining if the request is a legitimate request or a cross-site scripting attack.

Abstract: Disclosed are methods, apparatus, systems, and computer readable storage media for capturing information regarding an interaction to a database. A client device receives an indication of an interaction with the client device that satisfies a user-defined trigger. A user interface is provided to the client device having input controls capable of receiving one or more information items. The one or more information items include values for a first data field regarding a user-selected expression and a second data field regarding at least one entity associated with the interaction. The one or more information items may generate a custom object that is stored in a database of the on-demand database service. A profile object for the at least one entity may be generated based on an aggregation of the stored one or more items with attributes of the at least one entity.

Abstract: Techniques described herein can be implemented as one or a combination of methods, systems or processor executed code to form embodiments capable of improved protection of data or other computing resources based at least in part upon limiting access to a select number of delegates. Limited access to cloud data based on customer selected or other criterion, reducing the possibility of security exposures and/or improving privacy is provided for.

Abstract: Examples of methods, apparatus, and computer program products are disclosed for facilitating access to one or more services in a network environment. At a host, a request is received from a client machine in communication with the host over a network. An asynchronous service description file indicates one or more asynchronous communication techniques configured to be performed to access or communicate with a service over the network. The asynchronous service description file is a conversion of a synchronous service description file indicating one or more synchronous communication techniques for accessing or communicating with a synchronous service. The asynchronous service description file is provided to the client machine.

Abstract: The technology disclosed relates to thwarting attempts in between software releases to take advantage of security holes in web applications. A virtual patch is a data object comprising an identifier that indicates a relevant local context for the patch and may be created while the application is running. One or more conditions included in the patch are evaluated using data from a service request or from the local context. A patch directive specifies an action to perform when the one or more conditions are satisfied. A virtual patch may be applied to the running application without requiring replacing the application code. Responsive to a request for a web service, a web application may execute code in multiple distinct local contexts such as session management, authorization, and application-specific business logic. The code for each local context may independently retrieve a set of virtual patches relevant to its particular local context.

Abstract: Disclosed are methods, apparatus, systems, and computer-readable storage media for recommending an event to a user. In some implementations, one or more servers receive information identifying a plurality of events. The one or more servers store data of the plurality of events in a first one or more data tables having an action field, an item field, and a user field, and analyze the data of the first one or more data tables to generate one or more pairs, each pair including information identifying a set of events and a target event. The one or more servers may calculate a similarity score for each of the one or more pairs and store the respective similarity score in a second one or more data table having a set field, a target event field, and a similarity score field.

Abstract: In one embodiment, a computer-implemented method executable by a computer to process metadata of a data source is provided. The method includes: processing, by a processor of the computer, the metadata to determine a graph of nodes and edges; converting, by the processor of the computer, the graph from a cyclic graph to an acyclic graph; converting, by the processor of the computer, the acyclic graph to a listing; performing, by the processor of the computer, a topological sort on the listing; and generating a report that includes the sorted listing.

Abstract: In accordance with embodiments, there are provided mechanisms and methods for facilitating spin mode-based dynamic updating of application servers in an on-demand services environment. In one embodiment and by way of example, a method includes upgrading a first set of application servers of a plurality of application servers at one or more computing devices, holding a first set of requests received at the first set of application servers from being processed while the first set of application servers is being upgraded, and upgrading a second set of application servers of the plurality of application servers upon completion of the first set of application servers. The method may further include holding a second set of requests received at the second set of application servers from being processed while the second set of application servers is being upgraded, and resuming processing of the first set of requests at the upgraded first set of application servers.

Abstract: Disclosed are examples of systems, apparatus, methods and computer program products for providing a user interface customizable to define state transitions of panes in a bounding window. For example, a bounding window including one or more resizable panes is displayed in a user interface on a display device. Breakpoints situated at respective spatial positions in the bounding window are graphically represented in the user interface. Each breakpoint defines a transition of a pane from one state to another when the pane is resized to traverse the breakpoint. The spatial position of one or more of the breakpoints can be updated in accordance with a request indicating user customization of breakpoints.

Abstract: In accordance with disclosed embodiments, there are provided methods, systems, and apparatuses for accepting late joiners with screen sharing including, for example, means for receiving, at a server, a key frame from a publishing client sharing its screen, the key frame defining the screen of the publishing client in its entirety at the beginning of a screen sharing session with one or more viewing clients; transmitting the key frame to the one or more viewing clients; iteratively processing each of a plurality of delta frames from the publishing client specifying changes to the screen of the publishing client, wherein the iterative processing includes: (i) receiving each delta frame, (ii) updating an aggregated current key frame with the delta frame received, and (iii) sending the delta frame to the one or more viewing clients.

Abstract: In accordance with embodiments, there are provided mechanisms and methods for managing a risk of access to an on-demand service as a condition of permitting access to the on-demand service. These mechanisms and methods for providing such management can enable embodiments to help prohibit an unauthorized user from accessing an account of an authorized user when the authorized user inadvertently loses login information. The ability of embodiments to provide such management may lead to an improved security feature for accessing on-demand services.

Abstract: In an enterprise environment that includes multiple data centers each having a number of first servers, computer-implemented methods and systems are provided for detecting faulty storage device(s) that are implemented as redundant array of independent disks (RAID) in conjunction with each of the first servers. Each first server monitors lower-level health metrics (LHMs) for each of the storage devices that characterize read and write activity of each storage device over a period of time. The LHMs are used to generate high-level health metrics (HLMs) for each of the storage devices that are indicative of activity of each storage device over the period of time. Second server(s) of a monitoring system can use the HLMs to determine whether each of the storage devices have been inactive or active, and can generate a fault indication for any storage devices that were determined to be inactive while storage device(s) at the same first server were determined to be active.