Abstract: A computer-implemented method may include determining that a plurality of computing devices comprising first and second computing devices are paired via a wireless communication technology that facilitates communication between the computing devices. The computer-implemented method may also include establishing a maximum distance that the first and second computing devices are allowed to move away from one another. The computer-implemented method may further include calculating a current distance between the first and second computing devices and then determining that the current distance exceeds the maximum distance. In addition, the computer-implemented method may include providing a notification to at least one of the first and second computing devices to alert a user of the first computing device that the current distance between the first and second computing devices exceeds the maximum distance and to indicate a location of the second computing device.

Abstract: A method for correlating software inventory information with delivered software. The method may include delivering a software application to a first client system. The method may also include receiving, from an agent that monitors installations on the first client system, application registration information written to the client system during installation of the software application. The method may further include identifying delivery information that corresponds to the software application and associating the application registration information with the delivery information. Various other methods, systems, and computer-readable media are also disclosed.

Abstract: A computer-implemented method for preventing failures of nodes in clusters may include (1) identifying a node that is part of a cluster of nodes and that communicates, via a heartbeat sent at a regular interval to the cluster, that the node is functional and connected to the cluster, (2) calculating a current workload for the node based on a utilization of computing resources on the node, (3) determining, based on the current workload, that the node is functional and connected but is in an excessive load condition and a failure to send the heartbeat within the regular interval is due to the excessive load condition, and (4) setting a new interval for the heartbeat of the node that is longer than the regular interval in response to determining that the node cannot send the heartbeat at the regular interval. Various other methods, systems, and computer-readable media are also disclosed.

Abstract: Out-of-band notifications are used to inform users of clients of security policy enforcement actions, such as enforcement of a data loss prevention (DLP) policy. Code for instantiating a notification agent at a client used by a user is inserted into network traffic inbound to the client. Outbound network traffic sent from the client to a server is monitored for compliance with one or more security policies. If it is determined that the network traffic violates a security policy, an enforcement action is taken. An out-of-band notification message describing the enforcement action is inserted into a response to the outbound network traffic and sent to the client. The notification agent at the client receives the notification message and presents the message to the user.

Abstract: A computer-implemented method may include tracking a child's usage of a computing system. The computer-implemented method may also include generating an event history based on the child's usage of the computing system and identifying a restricted event that violated a parental-control policy. The computer-implemented method may further include creating an event trail by identifying at least one event in the event history that led to the restricted event. Various other methods, systems, and computer-readable media are also disclosed.

Abstract: Various systems and methods for management and provisioning of virtual machines are disclosed. For example, embodiments include selecting a potential node to host a virtual machine, where the node is selected from among a plurality of potential nodes. The selection may be based on a virtual machine (VM) configuration of a virtual machine, which may include various requirements needed to host the VM. Embodiments also include provisioning the VM on the host node after the host node is selected from among the plurality of potential nodes, and determining whether a currently-hosted node are operating in accordance with various criteria needed for the VM.

Abstract: A computer-implemented method for validating application signatures may include maintaining a signature-validation database that associates application publishers with signature keys by, for each application in a set of applications, (1) identifying a key used to sign the application, (2) determining that the application claims to be provided by a publisher, (3) verifying that the claimed publisher provides the application, and (4) maintaining, in response to verifying that the claimed publisher provides the application, an association that indicates that the publisher of the application is authorized to use the key. Various other methods, systems, and computer-readable media are also disclosed.

Abstract: A computer-implemented method for protecting users from website security risks using templates may include (1) identifying a section of a website, the section being arranged according to a template that defines a layout for the website, (2) identifying a profile for the section that includes an attribute specific to the section, the attribute indicating acceptable content for the section of the website as distinct from acceptable content for the entire website, (3) identifying content placed within the section of the website in accordance with the template that defines the layout for the website, and (4) determining whether the identified content is acceptable by comparing the attribute specified in the profile for the section of the website to an attribute of the content placed within the section of the website. Various other methods, systems, and computer-readable media are also disclosed.

Abstract: Systems and methods for inode use are presented. In one embodiment; an inode reuse method includes: receiving an indication of an operation that involves access to file related information; assigning an inode to the access; identifying one of a plurality of inode reuse scenarios for the inode; and making the inode available for reuse in accordance with the one of the plurality of inode reuse scenarios. In one embodiment, the one of the plurality of inode reuse scenarios is a relatively expedited reuse scenario. In one exemplary implementation, the relatively expedited inode reuse scenario is utilized if the inode is not required for further processing associated with the operation. The inode can be reused for another immediately subsequent operation.

Abstract: Systems and methods for synchronizing verification data in a distributed database including client and server databases. The server database may exchange verification data regarding one-time passwords to multiple client databases. An update to the server database may be initiated based on information stored in the client database by pushing updated verification information from the client database to the server database via an SSL tunnel. An update to the client database may be initiated based on information stored in the server database by pulling updated verification data from the server database to the client database via an SSL tunnel. The client database and the server database may include a two-dimensional data field including the verification data and an associated key identifier, and a site ID. The site ID may include a unique identifier to identify the respective database in which it is included.

Abstract: Multiple apps of an ecosystem on a computer securely exchange encrypted data according to an information control policy of an enterprise, without allowing unauthorized access from outside of the ecosystem. An ecosystem agent creates an ecosystem directory, which contains policy information and identification information concerning each specific app in the ecosystem, including the ecosystem agent. Each ecosystem app generates an asymmetric key pair, the public key of which it shares only with apps in the ecosystem through the directory. The ecosystem agent's private key is used to encrypt the directory. Data is securely communicated between apps in the ecosystem, by encrypting and decrypting messages and data objects with the appropriate ecosystem app keys. Each specific app in the ecosystem complies with enterprise information control policy. Ecosystem apps can read a policy from the directory, and receive policy updates from the enterprise.

Abstract: A query is received from a client device regarding an object. The query includes an identifier of the object and a set of associated usage attributes describing a usage of the object on the client device. A set of usage facts associated with the identified object is identified. The set of usage facts describe typical usages of the object on a plurality of client devices. A determination is made whether the usage of the object on the client device is suspicious based on the set of usage facts associated with the object and the set of usage attributes included in the query. A report is provided to the client device based on the determination.

Abstract: A set of trigrams can be generated for each document in a plurality of documents processed by an e-discovery system. Each trigram in the set of trigrams for a given document is a sequence of three terms in the given document. A set of trigrams for each similar document is then determined based on the set of trigrams for the original document. To facilitate identification of the similar documents, a full text index is then generated for the plurality of documents and the set of trigrams for each document are indexed into the full text index, as individual terms. Queries can be generated into the full text index based on trigrams of a document to determine other similar or near-duplicate documents. After a set of potentially similar documents are identified, a separate distance criteria can be applied to evaluate the level of similarity between the two documents in an efficient way.

Abstract: A computer-implemented method for detecting selective malware attacks is described. A website visited by a user is identified based on a number of visits to the website satisfying a predetermined threshold. A web crawl is performed on the identified website. Results of the web crawl are analyzed to determine whether the identified website includes a malicious software attack designed to selectively attack visitors to the website.

Abstract: A data protection agent or server running on a computing device receives a cluster configuration of a high availability cluster. The data protection agent or server identifies highly available data of an application running on the high availability cluster based on the clustering. The data protection agent or server then implements a data protection policy that backs up the highly available data.

Abstract: A computing device receives data access records and determines a user data access behavior pattern for a user based on the data access records. The computing device receives new data access records and identifies any deviation from the user data access behavior pattern based on the new data access records. Upon identifying deviation from the user data access behavior pattern, the computing device generates an alert indicating that the user has deviated from the user data access behavior pattern.

Abstract: The disclosed computer-implemented method for managing security certificates through email may include (1) receiving an encrypted email that contains both identifying information that identifies a security certificate for authenticating a website and a management command relating to the security certificate, (2) determining whether authentication of the encrypted email succeeded such that the management command is authorized, and (3) when a determination is made that authentication of the encrypted email succeeded, identifying the security certificate using the identifying information and executing the management command with respect to the identified security certificate. Various other methods, systems, and computer-readable media are also disclosed.

Abstract: Various systems and methods for seeding a storage device. For example, a method involves accessing a policy that identifies a number of clients. The method then involves selecting a most recent backup image for each of the clients and copying the most recent backup images from a source storage device to a target storage device. Once a most recent backup image has been copied from the source storage device to the target storage device for each of the clients, the method switches a destination value in the policy from the source storage device to the target storage device.

Abstract: A method and apparatus for securing a computer using an optimal configuration for security software based on user behavior is described. In one embodiment, the method for providing an optimal configuration to secure a computer based on user behavior includes examining computer user activity to produce behavior indicia with respect to computer security from malicious threats and determining an optimal configuration for security software based on the behavior indicia.

Abstract: Techniques for multimedia metadata security are disclosed. In one particular embodiment, the techniques may be realized as a method for multimedia metadata security comprising receiving an indication that multimedia metadata has been created for a multimedia file, and encrypting, using at least one computer processor, the multimedia metadata stored in a body of the multimedia file.