Abstract: The instant disclosure describes various exemplary systems and methods for exonerating an untrusted software component based solely on a trusted software component's non-optional or “hard” dependency on the untrusted software component. In one example, a method for exonerating untrusted software components in this manner may include: 1) identifying a dependent software component, 2) determining that the dependent software component is a non-optional dependent component of at least one trusted software component, and then 3) classifying the dependent software component as a trusted software component. As detailed herein, such a method may enable security software to quickly and efficiently exonerate untrusted components by association without having to scan or perform other intrusive and/or resource-intensive security operations on such untrusted software components.

Abstract: A computer-implemented method for proactively evaluating failover nodes prior to the occurrence of failover events may include (1) identifying at least one primary node that services at least one application, (2) identifying at least one failover node designated to service the application if the primary node were to fail, (3) prior to detecting failure of the primary node, proactively evaluating the failover node's ability to service the application if the primary node were to fail, and then (4) in response to determining that the failover node would be unable to adequately service the application if the primary node were to fail, proactively performing at least one corrective action that would cause the application to be adequately serviced if the primary node were to fail. Various other methods, systems, and computer-readable media are also disclosed.

Abstract: Techniques for providing incremental backups are disclosed. In one particular exemplary embodiment, the techniques may be realized as a computer implemented method for providing incremental backup validation comprising setting one or more electronic storage indicators each indicating a respective allocated portion of electronic storage, setting one or more changed data indicators each indicating data changed in a respective allocated portion of the electronic storage since a prior backup, and comparing the one or more electronic storage indicators with the one or more changed data indicators to identify one or more allocated portions of the electronic storage containing data that is unchanged since the prior backup for backup validation.

Abstract: A computer-implemented method for classifying applications configured for cloud-based platforms may include 1) identifying an online platform that hosts an online service and that is capable of hosting a plurality of third-party applications integrated with the online service and configured to operate on the online platform, 2) identifying at least one third-party application that is integrated with the online service and configured to operate on the online platform, 3) identifying metadata describing at least one characteristic of the third-party application, and 4) generating a classification of the third-party application based at least in part on the characteristic. Various other methods, systems, and computer-readable media are also disclosed.

Abstract: A method may include identifying a computer-usage trend of a first user that reflects a history of computer-related activities engaged in by the first user. The computer usage trend may indicate at least one software program and/or website accessed by the user. The method may also include determining that a current user is logged into a computing system under a user account of the first user. The method may further include tracking activities of the current user while the current user is logged into the computing system as the first user, comparing the tracked activities of the current user with the computer-usage trend of the first user, and determining that the tracked activities of the current user do not correspond to the computer-usage trend of the first user. The method may additionally include, performing at least one remedial action. Various other methods, systems, and computer-readable media are also disclosed.

Abstract: A method and apparatus for optimizing computer network bandwidth usage to prevent congestion is described. In one embodiment, the method comprises comparing a permissible bandwidth usage with a data transfer rate to produce a comparison result and adjusting the data transfer rate for performing at least one data transfer operation based on the comparison result.

Abstract: An interstitial manager (100) monitors (210) network communications received by a client computer and detects (215) a potential to initiate contact with a remote computer system. When a potential to initiate contact with a remote computer system is detected (215), the interstitial manager (100) determines (220) whether the potential to initiate contact with the remote computer system entails redirection to an alternate location. The determination (220) of whether the potential to initiate contact with the remote system entails redirection is responsive to satisfying at least one condition from the group of conditions consisting of determining whether a client browser attempts to contact an address associated with the remote computer system, and identifying at least one link embedded within the network communication possessing characteristics consistent with interstitial redirection.

Abstract: Various embodiments of a system and method for providing input/output virtualization for a file are disclosed. The system may include a filter program that intercepts a write request for a particular file and stores change information specifying the data and the write location indicated by the write request. However, the file itself is not modified. The filter program may also intercept a read request referencing the file and determine whether change information representing a write request to write data at the location specified by the read request has been previously stored. If so then the data specified by the change information is returned in response to the read request.

Abstract: A computer-implemented method for establishing secure mobile communications is described. A virtual private network (VPN) between a mobile device and a server is established. A transmission of at least a portion of data between a first application and the server is blocked. It is determined whether the first application on the mobile device is a trusted application. Upon determining the first application is an untrusted application, a transmission of at least a portion of data between the untrusted application and the server continues to be blocked.

Abstract: File management systems and methods are presented. In one embodiment, implementation of a method for determining the accurate ownership of a file within a data system includes: identifying a first plurality of access events for a file, wherein the file is associated with a directory of related files; identifying a second plurality of access events for the related files within the directory, wherein access events in the first and second plurality of access events occur within a period; determining a pool of users accessing files within the directory within the period; and selecting a user from the pool of users as an inferred owner of the file based on access metrics related to the plurality of access events.

Abstract: A computer-implemented method for classifying an unclassified process as a potentially trusted process based on dependencies of the unclassified process is described. A component loaded by the unclassified process is identified. A determination is made as to whether a hard dependency exists between the unclassified process and the loaded component. A hard dependency exists if the unclassified process depends on the loaded component in order to execute. The unclassified process is classified as a potentially trusted process if a hard dependency exists between the unclassified process and the loaded component.

Abstract: A system and method for backing up files to a single-instance storage system are disclosed. The files may be split into segments, and the file data may be stored in the single-instance storage system as individual segments. The single-instance storage system uses the concept of a file region which covers multiple segments of the file. If a region of a file is unchanged from one backup to the next, the system may use a region object to refer to the unchanged region. This avoids the need to update the reference information for each of the segments within the region, thus increasing the efficiency of backing up the new version of the file.

Abstract: A computer-implemented method for facilitating access to shared resources within computer clusters may include identifying a quick response code captured by at least one computing system. The method may also include identifying information encoded in the quick response code captured by the computing system. The method may further include determining that the information encoded in the quick response code contains an activation key that facilitates activation of a software application. The method may additionally include applying, in response to this determination, the activation key to the software application in order to activate the software application without requiring a user of the software application to manually enter the activation key. Various other methods, systems, and computer-readable media are also disclosed.

Abstract: A computer-implemented method for validating client authentication using timing data is described. A connection request is received from a client. Data are transmitted to the client. The client is instructed to retransmit the data. The retransmitted data are received from the client. Timing data that indicates a time to transmit the data to the client and receive the retransmitted data from the client are calculated. A protective element is applied to the timing data.

Abstract: A computer-implemented method for host communication in a clustered file system may include 1) identifying a cluster file system site comprising at least one host that performs data operations on a storage unit, 2) identifying a storage management application that manages the storage unit, 3) transmitting, by an initial host, an initial data operation directed to a location of the storage unit, where the data operation comprises a notification signal that commands the notification of the initial host upon a subsequent host attempting to access the location, 4) transmitting, by the subsequent host, a subsequent data operation directed to the location of the storage unit, and 5) notifying the initial host, by the storage management application, that the subsequent host attempted to access the location of the storage unit. Various other methods, systems, and computer-readable media are also disclosed.

Abstract: A computer-implemented method for mitigating mobile device loss may include (1) identifying historical data specifying a plurality of past locations of a mobile computing device, (2) identifying a current location of the mobile computing device, (3) determining that the current location deviates from an expected location based on the historical data, and (4) performing a security measure on the mobile computing device in response to determining that the current location deviates from the expected location. Various other methods, systems, and computer-readable media are also disclosed.

Abstract: Registry information systems and methods are presented. In one embodiment, an application resource switchover method comprises receiving a switchover indication wherein the switchover indication includes an indication to switchover execution of at least one service of an application running on a primary system resource to running on a secondary system resource; performing a switchover preparation process, wherein the switchover preparation process includes automatically generating a switchover plan including indications of switchover operations for performance of a switchover process; and performing the switchover process in which the at least one of the application services is brought up on the secondary system resource in accordance with the plan of switchover operations. In one embodiment, automatically generating a plan of switchover operations includes analyzing the switchover indication, wherein the analyzing includes determining a type of switchover corresponding to the switchover indication.

Abstract: A method and apparatus to provide a cryptographic protocol for secure authentication, privacy, and anonymity. The protocol, in one embodiment, is designed to be implemented in a small number of logic gates, executed quickly on simple devices, and provide military grade security.

Abstract: A computer-implemented method to identify candidate duplicate memory pages in a virtual environment is described. At least one memory page in memory is analyzed. The at least one memory page is associated with an application executing in a virtual machine. Information for the at least one memory page in memory is collected when the at least one memory page is identified as being a candidate duplicate memory page. The information identifies the application associated with the at least one memory page. A report is generated that includes the collected information for the at least one memory page.

Abstract: A method for inserting endpoint management agents into virtual machines. The method may include 1) identifying a process space of a virtual machine, the process space comprising at least one process of the virtual machine, 2) interrupting the process of the virtual machine by causing execution to transfer from the process of the virtual machine to an agent-insertion module that executes outside the process space of the virtual machine, 3) injecting, via the agent-insertion module, an endpoint management agent into the virtual machine, and 4) performing one or more endpoint management tasks on the virtual machine by causing the endpoint management agent to execute within the process space of the virtual machine. Various other methods, systems, and computer-readable media are also disclosed.