Abstract: Method, systems, and apparatus for receiving one or more digital content items, processing a digital content item into characteristic digital content item data, selecting characteristic digital content item data from received digital content item, writing the selected data to a blockchain network, processing the digital content item into characteristic digital content item data, comparing characteristic digital content item data to blockchain data, analysis of digital content item comparison provided.

Abstract: One example method includes collecting container information concerning a container, analyzing the container information to identify a security tool needed to perform a vulnerability scan of the container, accessing the security tool from a knowledge lake, running the security tool on the container information to identify a security vulnerability of the container, based on the running of the security tool, generating an alert indicating that the container has the security vulnerability, capturing the security vulnerability and, based on the captured security vulnerability, updating a container image that was used to spawn the container.

Abstract: Disclosed herein are an apparatus and method for providing a remote work environment. The apparatus includes one or more processors and executable memory for storing at least one program executed by the one or more processors. The at least one program performs Virtual Private Network (VPN) authentication in response to a request for remote access to a work network from a user terminal, performs user authentication in order to connect the user terminal that succeeds in VPN authentication to the work network, decrypts the encrypted user data area of the user terminal that is connected to the work network, and provides the remote work environment to the user terminal based on the user data area through the work network.

Abstract: The disclosure relates to a method of coding implemented by a decoding device, comprising: obtaining a value of a maximum number of merging motion vector prediction, MVP, candidates for a current block, wherein the current block is predicted using intra block copy, IBC mode; setting a value of a MVP index to zero, when the value of the maximum number of MVP candidates for the current block is equal to one; obtaining a motion vector of the current block according to the MVP index and a candidate list; obtaining prediction samples values of the current block according to the motion vector of the current block.

Abstract: Provided are an artifact removal method and apparatus based on machine learning (ML), and a method and apparatus for training an artifact removal model based on ML, in the field of artificial intelligence (AI). In the method, artifacts that may be generated in a process of compressing a video is preprocessed and removed by using an artifact removal model having a residual learning capability.

Abstract: The technology disclosed relates to endpoint data loss prevention (DLP). In particular, the technology disclosed relates to enforcing data loss prevention policies at an endpoint without needing to perform content sensitivity scan at the endpoint.

Abstract: Embodiments described herein provide a process and method running on a computer for creating an augmented image. According to an embodiment, a graphical user interface gathers data that is programmatically analyzed to obtain photographic properties from a first image. Photographic properties are provided to a user for obtaining a second image containing a fiducial mark. The second image is programmatically analyzed to obtain photographic properties. The first image and the second image are programmatically analyzed and processed to produce an augmented image.

Abstract: A system and method for detecting lateral movement based on an exposed cryptographic network protocol (CNP) key in a cloud computing environment. The method includes: inspecting a first workload for a private CNP key, the private CNP key associated with a hash of a public CNP key; detecting in a security database a representation of the public CNP key; generating a lateral movement path, the lateral movement path including an identifier of a second workload, the second workload represented by a representation connected to the representation of the public CNP key.

Abstract: An information security monitoring system can import indicators of compromise (IOC) definitions in disparate formats from third-party source systems, convert them into editable security definitions in an internal system format, and provide a user interface for composing or editing these security definitions with enhancements, including complex security definitions such as those having a nested Boolean structure and/or those that reference one or more security definitions, a behavioral rule, and/or a vulnerability description. One or more whitelists can be added to handle exceptions. Each composed or modified security definition is then compiled into an executable rule. The executable rule, when evaluated, produces a result indicative of an endpoint security action needed in view of an endpoint event that meets the composed or modified security definition.

Abstract: Systems and methods for payload encoding and decoding are disclosed. Example instructions cause one or more processors to at least determine encoding data corresponding to a message to be encoded into audio data by an encoding device; generate a license file including the encoding data; and cause transmission of the license file to a decoding device to enable the decoding device to decode the message from the audio data based on the license file.

Abstract: A method for biometric authentication of a user of a mobile device, and a case for performing the method is provided. The method includes, by the case, coupling the mobile device to the case, receiving from the mobile device biometric data of the user of the mobile device that was captured by the mobile device, storing the biometric data, receiving a request from the mobile device for authenticating the user of the mobile device, the request including biometric data captured by the mobile device, comparing the biometric data stored in the case and the biometric data included in the request, and sending to the mobile device a response to the request for authenticating the user of the mobile device based on a result of the comparison, wherein the response to the request is for use by the mobile device to perform an operation based on the authentication of the user.

Abstract: An apparatus for security management of application information comprises a processor operable to receive the application information associated with a first entity and to receive entity device information for a first entity device associated with the first entity. The processor is operable to determine that a portion of data fields of the application information associated with the first entity corresponds to a portion of data fields of entity account data associated with a second entity and to determine that a portion of the entity device information associated with the first entity device corresponds to a portion of the entity device information associated with a second entity device that is associated with the second entity. The processor is further operable to determine that the first entity is associated with suspicious indicators, wherein suspicious indicators signal that there is suspicious activity associated with the first entity.

Abstract: A method for automated computer security policy generation and anomaly detection includes receiving first network traffic data via an input port. The first network traffic data includes multiple data packets. A representation of each of the data packets is stored in a first data store, to produce a set of training data. A set of communication protocols associated with the set of training data is detected, and the training data from the set of training data is restructured based on the set of communication protocols, to produce processed data. The processed data is stored as non-malicious data in a second data store. The first network traffic data is transmitted, in unmodified form, via an output port. Second network traffic data including multiple data packets is subsequently received, via the input port, and compared to the non-malicious data to detect an anomaly in the second network traffic data.

Abstract: In one embodiment, a method comprises: monitoring, by a first security agent executed within a network device, for real-time detection of a cyber threat in the network device, the network device configured for secure communications in a secure peer-to-peer data network, the monitoring including detecting a detected cyber threat; communicating by the first security agent with at least one notified agent about the detected cyber threat, the at least one notified agent one of a second security agent executed within the network device, or a corresponding first security agent in a second network device having a two-way trusted relationship with the network device in the secure peer-to-peer data network; and executing, by the first security agent, a corrective action to at least mitigate the cyber threat based on the communicating with the at least one notified agent of the detected cyber threat.

Abstract: Systems, methods, and computer products for providing fractional control of a domain name by a plurality of entities enable operations that may include: providing an executable program for storage on a blockchain, the executable program configured to store a representation of the domain name in association with a plurality of identifications that each correspond to an entity that has a fractional control of the domain name; indicating, to the program, that the domain name is available for fractional control; receiving a message that includes the representation of the domain name and indications of a plurality of blockchain addresses, which are stored by the program as the plurality of identifications; and storing, in a domain name registration database, a representation of a fractional control status of the domain name. Each fractional control of the domain name may enable an authorization or a refusal of a modification related to the domain name.

Abstract: A system and method for detecting potential lateral movement in a cloud computing environment includes detecting a private encryption key and a certificate, each of which further include a hash value of a respective public key, wherein the certificate is stored on a first resource deployed in the cloud computing environment; generating in a security graph: a private key node, a certificate node, and a resource node connected to the certificate node, wherein the security graph is a representation of the cloud computing environment; generating a connection in the security graph between the private key node and the certificate node, in response to determining a match between the hash values of the public key of the private key and the public key of the certificate; and determining that the first resource node is potentially compromised, in response to receiving an indication that an element of the public key is compromised.

Abstract: A method which is obtained specifically by output oriented coding, making possible the maximum selection of encryption parameters used for encryption by systems using OpenSSL, however without compromising the integrity of the encryption by autogenerating some Attributes thereby making possible row wise encryption in a database and encoding (if encoding is required) on the database side. The method has to satisfy the conditions/restrictions mentioned herein [0054]. This Invention is related to today's information technology and communicating methodology where encryptions and encodings are being used. The present invention can be described as software that enables a method of encryption acting as an Enhanced security feature or a technique which will enable users to manually or automatically select encryption parameters thereby encrypting and securing data.

Abstract: An approach for improving endpoint security. The approach requests security capabilities from endpoints of communications. The approach can analyze the differences between the security capabilities of the endpoints. The approach can negotiate a security capability supported by the endpoints of the communication. The approach can determine if the negotiation succeeded. If the negotiation failed, then the approach can create a report describing capabilities of the endpoints and suggesting changes to improve the endpoint security. The approach can send the report to the appropriate interested personnel.

Abstract: A multitenancy system that includes a host provider, a programmable device, and multiple tenants is provided. The host provider may publish a multitenancy mode sharing and allocation policy that includes a list of terms to which the programmable device and tenants can adhere. The programmable device may include a secure device manager configured to operate in a multitenancy mode to load a tenant persona into a given partial reconfiguration (PR) sandbox region on the programmable device. The secure device manager may be used to enforce spatial isolation between different PR sandbox regions and temporal isolation between successive tenants in one PR sandbox region.

Abstract: Systems, devices, media, and methods are presented for determining a level of abusive network behavior suspicion for groups of entities and for identifying suspicious entity groups. A suspiciousness metric is developed and used to evaluate a multi-view graph across multiple views where entities are associated with nodes of the graph and attributes of the entities are associated with levels of the graph.