Abstract: A system and method for partitioning a data stream into a plurality of segments of varying sizes. A data stream manager partitions a received data stream into segments which are then conveyed to a deduplication engine for processing. The data stream received by the data stream manager includes metadata corresponding to the data stream. Based upon the metadata, which may include an indication as to a type of data included in the data stream, the data stream is partitioned into segments for further processing. A size of a segment used for partitioning given data is based at least in part on a type of data being partitioned. The variable segment sizes may be chosen to balance between maximizing the deduplication ratio and minimizing both the segment count and the size of the fingerprint index.

Abstract: A computer-implemented method for disaster recovery of multi-tier applications may include 1) identifying a multi-tier application that is provisioned with a plurality of production clusters at a production site, 2) identifying a disaster recovery site including a plurality of recovery clusters, 3) identifying, at the disaster recovery site, a failure of the multi-tier application at the production site, and 4) initiating, from the disaster recovery site, a migration of the multi-tier application from the production site to the disaster recovery site. Various other methods, systems, and computer-readable media are also disclosed.

Abstract: A computer-implemented method to provide a contextual message for a web-based service is described. An application executing on a computing device is monitored. A link between the application and a mobile telephone number is detected. Reputation information for a service provided by the application is determined. A first informational message regarding the service is generated based on the reputation information. The first informational message is displayed.

Abstract: A computer-implemented method for selecting file-recall modes based on environmental properties may include: 1) identifying a request to recall a file from a secondary storage system to a primary storage system, 2) identifying at least one environmental property associated with the file, 3) selecting, based at least in part on the identified environmental property, a recall mode for recalling the file, and then 4) recalling the file from the secondary storage system to the primary storage system using the selected recall mode. Various additional methods, systems, and configured computer-readable-storage media are also disclosed.

Abstract: A computer-implemented method for using event-correlation graphs to detect attacks on computing systems may include (1) detecting a suspicious event involving a first actor within a computing system, (2) constructing an event-correlation graph that includes a first node that represents the first actor, a second node that represents a second actor, and an edge that interconnects the first node and the second node and represents a suspicious event involving the first actor and the second actor, (3) calculating, based at least in part on the additional suspicious event, an attack score for the event-correlation graph, (4) determining that the attack score is greater than a predetermined threshold, and (5) determining, based at least in part on the attack score being greater than the predetermined threshold, that the suspicious event may be part of an attack on the computing system. Various other methods, systems, and computer-readable media are also disclosed.

Abstract: A computer-implemented method for protecting virtual machine data may include (1) receiving a request to perform a granular backup operation on data stored by a guest system within a virtual machine, (2) identifying a storage container that comprises an agent that performs backup operations, (3) attaching the storage container to the virtual machine in response to the request, and (4) performing the granular backup operation by sending an instruction to the guest system within the virtual machine to execute the agent. Various other methods, systems, and computer-readable media are also disclosed.

Abstract: Misspelled words are identified in incoming email messages. The presence of misspelled words in emails is used to help determine which the emails are spam. Various statistical information concerning the number, prevalence, distribution, etc. of misspelled words in email messages is analyzed to detect spam or other forms of undesirable email, such as phishing emails. In some embodiments, the language in which an email is written is identified in order to aid in the identification of misspelled words. In some embodiments, the analysis of the misspelling information is combined with other techniques used to identify undesirable email.

Abstract: Method for monitoring an online identity of a user on a network is described. In one example, data exchanged between a browser client on a device associated with the user and the network is monitored. Creation or use of an online identity by the user is detected within the data. The online identity is associated with a host site. The host site may be any of a plurality of point of presence sites. A notification of the online identity is generated for presentation to a custodian of the user. The notification may then be sent to the custodian.

Abstract: A method and apparatus for detecting malicious software activity, using at least one processor, based on an Internet resource information database in memory is described. In one embodiment, a method for detecting malicious software activity, using at least one processor, based on an Internet resource information database in memory includes processing Internet activity to determine source and time information associated with at least one application download, comparing the Internet resource information database with the source and time information associated with the at least one application download to identify at least one suspicious application, and monitoring execution of the at least one suspicious application.

Abstract: A secure component communication management system provides secure, trusted communication between components in a hypervisor based virtual computing environment. A hypervisor security extension generates a container level private key/public key pair. The hypervisor security extension container injects the container level public key into one or more VM(s) that are to securely receive trustworthy data. The hypervisor security extension container encrypts data to transmit to VMs with the container level private key, and injects the encrypted data into one or more target VM(s), such that the injected data is trusted by the VM(s). The one or more VM(s) receive the container level public key and data encrypted with the container level private key, injected by the hypervisor security extension container. These VM(s) use the public key to decrypt injected data encrypted with the private key, such that the decrypted data is trusted.

Abstract: A system, apparatus and method for reporting a failure in execution of a software transaction (e.g., scripts and executables to install software on a computer) to a network resource that can then store the error-related information and automatically provide a previously determined solution to the error or links to resources to which the customer can refer for help in resolving the problem is provided. Automatically searching a database of reported errors and their solutions for a variety of products and providing a found solution to a customer experiencing an error (e.g., an installation error) is further provided. In the event that a solution to a customer-experienced error is not found by the network resource, alternate sites for information such as a customer support website can also be provided.

Abstract: A unique (or nearly unique) set of search terms (called a “Search Resource Locator,” or SRL) is used to locate information on a web page. An SRL can be used like a Uniform Resource Locator (URL) as a navigational element that finds and brings up a corresponding web site. Unlike a URL, however, an SRL is not a static address for the web site, but is instead a representation of a collection of search terms that can be used to find the site or a substantially similar site. A provided tool generates SRLs for web pages.

Abstract: A computer-implemented method for creating a rights management system (RMS) with superior layers and subordinate layers is described. A separate trust network for one or more layers of the RMS is established. The trust network includes one or more computing nodes within the one or more layers. A data object is created on a computing node that is a member of trust network in a superior layer. The data object is encrypted to a ciphertext data object. A publishing license is created for each of the one or more layers of the RMS. Access rights and attributes associated with the ciphertext data object are controlled within each layer based on the publishing license of each of the one or more layers of the RMS.

Abstract: A method and apparatus for streaming applications to a plurality of clients within a peer-to-peer network is provided. In one embodiment, a method for distributing application blocks to facilitate application streaming within a peer-to-peer network includes processing location information regarding a plurality of data chunks amongst a plurality of clients, wherein the plurality of data chunks form at least a portion of an application block and communicating the location information amongst the plurality of clients, wherein the location information is used to request at least one data chunk of the plurality of data chunks.

Abstract: Reservation conflicts are resolved in a clustering and storage system with SCSI-3 PR fencing enabled. For each specific node, all paths to shared storage are registered with a unique key. Only registered nodes can access the shared storage, and only one reservation can exist amidst multiple registrations. A command failure with a reservation conflict resulting from an attempt to access the shared storage is detected. In response, it is determined whether the specific node is registered with its unique key. If so, it is determined that the node is not fenced off from the shared storage, and the reservation conflict is to be resolved. To do so, the node is re-registered for all paths to the shared storage with the node's unique key. The failed command is then re-started. If the node is not registered, it is determined that the node is fenced off.

Abstract: Application usage is profiled based on application streaming. Code pages of multiple applications are streamed from a server to multiple client computers (endpoints) for execution. The streaming of the code pages is monitored, and usage data is collected such as which pages are streamed to which endpoints, under what circumstances and when. By referencing the streamed code pages and the underlying source code, the code pages are mapped (at least approximately) to corresponding application features. The collected usage data usage and the relevant mapping are analyzed, to create application usage profile data for streamed applications. The application usage profile data can include such information as how often, when, where and by whom application components are being executed, as well as which components cause errors, are most popular, confuse users, etc.

Abstract: A computer-implemented method for identifying private keys that have been compromised may include (1) identifying a private key that enables a signatory to digitally sign applications, (2) collecting information about the private key from at least one public source, (3) determining, based on the information collected from the public source, that the private key has been compromised and is accessible to unauthorized signatories, and (4) performing a security action in response to determining that the private key has been compromised and is accessible to the unauthorized signatories. Various other methods, systems, and computer-readable media are also disclosed.

Abstract: A computer-implemented method for protecting platform-as-a-service platforms may include 1) identifying a platform-as-a-service platform that is configured to allow installations of third-party application packages, 2) intercepting a third-party application package in transit to the platform-as-a-service platform for installation, 3) extracting metadata from the third-party application package, and 4) applying a compliance policy to the third-party application package to determine whether to allow an installation of the third-party application package on the platform-as-a-service platform based on the metadata. Various other methods, systems, and computer-readable media are also disclosed.

Abstract: A computer-implemented method for archiving related items may include: 1) identifying a data element on a computing device, 2) identifying at least one additional data element on the computing device that is related to the data element, the data element and the additional related data element collectively representing a group of related data elements, 3) determining, by applying an archiving policy to the group of related data elements, that the entire group of related data elements is eligible for archiving, and then 4) archiving the group of related data elements. Corresponding systems and computer-readable media are also disclosed.

Abstract: A computer-implemented method for preserving individual backed-up files in accordance with legal-hold policies may include (1) providing at least one legal-hold policy that specifies the manner in which individual backed-up files that potentially relate to legal proceedings are to be preserved, (2) identifying at least one file that has been backed up, (3) identifying at least one legal purpose for preventing deletion of the backed-up file, (4) applying, in response to the identification of the legal purpose, the legal-hold policy to the backed-up file, and then (5) preserving the backed-up file in accordance with the legal-hold policy identified in the file metadata associated with the backed-up file. Various other systems, methods, and computer-readable media are also disclosed.