Abstract: A system and method detect a malware infection path in a compute environment. The method includes detecting a malware object on a first workload in a computing environment including a plurality of workloads, wherein the first workload is represented by a resource node on a security graph, the security graph including an endpoint node representing a resource which is accessible to a public network; generating a potential infection path between the resource node and the endpoint node including at least a second resource node connected to the resource node; inspecting a second workload of the plurality of workloads represented by the second resource node; determining that the potential infection path is a confirmed infection path, in response to detecting the malware on the second workload; and determining that the potential infection path is not an infection path, in response to detecting that the second workload does not include the malware.

Abstract: A system and method detects a vulnerable code object in configuration code for deploying instances in a cloud computing environment. The method includes: accessing a configuration code, including a plurality of code objects, where a code object of the plurality of code objects corresponds to a deployed principal; detecting in a log a plurality of access events, each access event associated with a first principal deployed in the cloud computing environment based on a first code object of the plurality of code objects; determining a first set of permissions associated with the first code object. The method also includes determining a second set of permissions based on the plurality of access events. The method also includes detecting a difference between the second set of permissions and the first set of permissions; and generating an updated code object based on the first code object and the detected difference.

Abstract: A system and method detect a malware infection path in a compute environment. The method includes detecting a malware object on a first workload in a computing environment including a plurality of workloads, wherein the first workload is represented by a resource node on a security graph, the security graph including an endpoint node representing a resource which is accessible to a public network; generating a potential infection path between the resource node and the endpoint node including at least a second resource node connected to the resource node; inspecting a second workload of the plurality of workloads represented by the second resource node; determining that the potential infection path is a confirmed infection path, in response to detecting the malware on the second workload; and determining that the potential infection path is not an infection path, in response to detecting that the second workload does not include the malware.

Abstract: A system and method provide detection of a malware attack path. The method includes detecting at a first time a malware object on a first workload deployed in the compute environment, wherein the first workload is represented by a first node in a security graph, the security graph including a representation of the compute environment; querying the security graph to detect a second node connected to the first node, wherein the connection indicates that the first workload represented by the first node can access a second workload represented by the second node; and generating an instruction to inspect the second workload represented by the second node at a second time, occurring after the first time.

Abstract: A method and system for determining reachability of objects deployed in a cloud environment to an external network is presented. The method includes identifying a plurality of network paths in the cloud environment, wherein each network path includes at least two objects deployed in the cloud environment; statistically analyzing each object in each respective network path to determine its reachability properties; analyzing the reachability properties determined for each object to determine if the respective object is reachable through its respective network path from at least a network external to the cloud environment; and saving each object together with its respective network path and reachability properties in a database.

Abstract: A method for detecting escalation paths in a cloud environment is provided. The method includes accessing a security graph representing cloud objects and their connections in the cloud environment; analyzing each cloud object to detect an escalation hop from a current cloud object to a next cloud object, wherein the analysis is based, in part, on a plurality of risk factors and reachability parameters determined for each cloud object; and marking the security graph with each identified escalation path in the security graph, wherein an escalation path is a collection of escalation hops from a source cloud object to a destination cloud object.

Abstract: A system and method for detecting a vulnerable workload deployed in a cloud environment based on a code object of an infrastructure as code file utilizes a security graph. The method includes: extracting the code object from a state file, which includes a mapping between the code object to a first deployed workload and a second deployed workload; generating a node representing the code object in the security graph; generating a connection in the security graph between the node representing the code object and a node representing the first workload and a connection between the node representing the code object and a node representing the second workload; and determining that the second workload is a vulnerable workload, in response to detecting that the first workload node is associated with a cybersecurity threat, and that the nodes representing the workloads are each connected to the node representing the code object.

Abstract: A method and system for determining abnormal configuration of network objects deployed in a cloud computing environment are provided. The method includes collecting network object data on a plurality of network objects deployed in the cloud computing environment; constructing a network graph based on the collected network object data, wherein the network graph includes a visual representation of network objects identified in the cloud computing environment; determining relationships between the identified network objects in the network graph, wherein the determined relationships between the identified network objects includes descriptions of connections between the identified network objects; and analyzing the network graph and the determined relationships to generate insights, wherein the generated insights include at least a list of abnormal connections between the identified network objects.

Abstract: An intent recognition method having a self-learning capability includes the following steps: acquiring a user expression, and recognizing a voice as a corresponding text; performing preliminary intent recognition on the user expression, and outputting candidate intents; acquiring historical data feature parameters of the candidate intents; on the basis of a pre-set rule strategy, deciding whether to directly output a final recognized intent, and on the basis of the feature parameters of each intent, performing rule computation, and outputting a final recognized intent; submitting prediction data of the final recognized intent and the candidate intents from the intent recognition process to a self-learning system, and performing self learning and indicator parameter data updating. The present disclosure is able to perform self learning on the basis of the feature distribution in historical data of intent recognition and dynamically adjust intent recognition strategies.

Abstract: A switching frequency dithering method, a switching circuit and a DC-DC converter. A switching frequency in the switching frequency dithering method dithers up and down at a third switching frequency or between randomly generated target switching frequencies. The embodiments further provide a switching circuit and a DC-DC converter, which can be used to control a clock signal and optimize comprehensive system performance such as improving system efficiency, reducing noise and ripple, suppressing switching harmonics, and reducing electromagnetic radiation.

Abstract: A DC-DC converter, where a first terminal of the first-phase charge pump conversion branch and a first terminal of the second-phase charge pump conversion branch are respectively connected to an output terminal of the power input circuit, a second terminal of the first-phase charge pump conversion branch and a second terminal of the second-phase charge pump conversion branch are respectively connected to an input terminal of the power output circuit, the first-phase charge pump conversion branch and the second-phase charge pump conversion branch are respectively connected to the control circuit and are separately controlled by the control circuit, and the control circuit generates control signals of the first-phase charge pump conversion branch and the second-phase charge pump conversion branch based on feedback signals output by the converter. This converter can provide higher voltage conversion efficiency and implement flexible operating mode switching.

Abstract: A method and system for determining reachability of objects deployed in a cloud environment to an external network is presented. The method includes identifying a plurality of network paths in the cloud environment, wherein each network path includes at least two objects deployed in the cloud environment; statistically analyzing each object in each respective network path to determine its reachability properties; analyzing the reachability properties determined for each object to determine if the respective object is reachable through its respective network path from at least a network external to the cloud environment; and saving each object together with its respective network path and reachability properties in a database.

Abstract: A method and system for cataloging network objects in a cloud environment are presented. The system includes collecting at least network object data on a plurality of network objects operable in a cloud environment, wherein the plurality of network objects are operable at different layers of the cloud environment; identifying the plurality of network objects operable in the cloud environment; constructing at least a network graph based on the identified network objects; determining relationships between the identified network objects in the at least a network graph; generating at least an insight for least one of the identified network objects, wherein the insight is generated in response to the network graph and the determined relationships; and tagging each of the plurality of network objects for which an insight is generated.

Abstract: A method and system for determining reachability properties of security objects are provided. The method includes accessing a security graph, wherein the security graph lists all security objects and their connections in a cloud environment of an organization; identifying a plurality of network paths in the cloud environment, wherein each network path includes at least two security objects accessible in the cloud environment; for each of the plurality of identified network paths, iteratively analyzing each security object in a respective network path to determine its reachability properties, wherein the reachability properties of a security object as a minimal set of reachable properties of all other security objects in the respective network path; and populating the security graph with the determined reachability properties of each security object.

Abstract: A system and method for gas pump or carwash environments which allows new applications to be added to established systems, having a computing system, software techniques, and hardware or software communications interfaces. Various embodiments include methods of separation and interception and the software techniques. One implementation includes separating a first application from an equipped device by interposing a bridge; intercepting, with the bridge, downstream communications to the equipped device from the first application; using the bridge, accepting downstream communications to the equipped device from a second application; with the bridge, locking communications with the equipped device to one of the first application and the second application; and unlocking the communications with the equipped device in response to receiving a status from the equipped device.

Abstract: A system and method for gas pump or carwash environments which allows new applications to be added to established systems, having a computing system, software techniques, and hardware or software communications interfaces. Various embodiments include methods of separation and interception and the software techniques. One implementation includes separating a first application from an equipped device by interposing a bridge; intercepting, with the bridge, downstream communications to the equipped device from the first application; using the bridge, accepting downstream communications to the equipped device from a second application; with the bridge, locking communications with the equipped device to one of the first application and the second application; and unlocking the communications with the equipped device in response to receiving a status from the equipped device.

Abstract: A game device executes a game in which a manipulated character is brought up. When a first manipulation input is accepted, the game device controls events that are generated for a manipulated character in the game and require manipulation inputs by the user of the game device so that a non-generation state, in which their generation is not allowed, is entered. Accordingly, restrictions involved in the behavior of the user are reduced.

Abstract: A system that associates audio and/or video data with one or more calls for action, and manages, queries and displays the audio and video associated with a call for action based on defined or predefined criteria related to the audio and video data. The system selectively updates media files and Metadata from Meta tags, or Metadata feeds. The system spiders the Metadata or Metadata feeds for new Metadata to automate the submission and programming the audio and video data over a network. The system provides users with other call to action options including click to call, literature, order forms, and/or applications. The system optionally schedules audio and video media to target users by time of day, location, device, and other parameters to offer a call to action to different user audiences.