Abstract: A system and method for detecting potential lateral movement using cloud keys in a cloud computing environment includes determining a first node in a security graph is a compromised node, wherein the security graph represents cloud entities of the cloud computing environment; detecting a cloud key node connected to the first node, wherein the cloud key node represents a cloud key of the cloud computing environment; and generating a potential lateral movement path, including the first node, and a second node, wherein the second node is connected to the cloud key node.

Abstract: Embodiments of the invention are directed to systems, methods, and computer program products that provide a unique platform for analyzing, classifying, extracting, and dialogue information from audio file recordings between a customer and an agent of an entity. In particular, the novel present invention provides a unique platform for analyzing, classifying, extracting, and processing information from call recordings using an image-based encryption method and cognitive neural engine in order to segment audio files according to speaker, and later analyze recording information to generate contextual inferences regarding user preferences and agent performance.

Abstract: A system and method for detecting potential lateral movement in a cloud computing environment includes detecting a private encryption key and a certificate, each of which further include a hash value of a respective public key, wherein the certificate is stored on a first resource deployed in the cloud computing environment; generating in a security graph: a private key node, a certificate node, and a resource node connected to the certificate node, wherein the security graph is a representation of the cloud computing environment; generating a connection in the security graph between the private key node and the certificate node, in response to determining a match between the hash values of the public key of the private key and the public key of the certificate; and determining that the first resource node is potentially compromised, in response to receiving an indication that an element of the public key is compromised.

Abstract: A request to authenticate is received. For example, the request to authenticate may be to authenticate to a software application or a device. The request to authenticate is for a first authentication level for a user. The first authentication level is one of a plurality of authentication levels for the user. The request to authenticate is authorized based on a provided one or more authentication factors (e.g., a valid username/password). A plurality of authentication tokens are retrieved. The plurality of authentication tokens are associated with the first authentication level. In addition, each authentication token of the plurality of authentication tokens is associated with an individual application of a plurality of applications. Access to information in the plurality of applications is granted based on the plurality of authentication tokens.

Abstract: Implementations described herein utilize an independent server for facilitating secure exchange of data between multiple disparate parties. The independent server receives client data, via an automated assistant application executing at least in part at a client device, that is to be transmitted to a given third-party application. The independent server processes the client data, using a first encoder-decoder model, to generate opaque client data, and transmits the opaque client data to the given third-party application and without transmitting any of the client data. Further, the independent server receives response data, via the given third-party application, that is generated based on the opaque client data and that is to be transmitted back to the client device. The independent server processes the response data, using a second encoder-decoder model, to generate opaque response data, and transmits the opaque response data to the client device and without transmitting any of the response data.

Abstract: Methods and systems are presented for stolen cookie detection. An authentication request is received for a user to access a website using a web browser executable at the user's device. A series of storage locations available on the device for storing web cookies is identified and sorted in order of increasing fraud risk starting from a first storage location. A cookie value for each storage location is retrieved from the device. For each storage location after the first: an expected cookie value is calculated based on the cookie value of a preceding storage location; the expected cookie value is compared with the value retrieved for the storage location; and a score representing a level of fraud risk for the storage location is assigned. The authentication request is processed based on whether the assigned score for at least one of the storage locations exceeds a predetermined risk tolerance for fraud detection.

Abstract: Embodiments herein describe partitioning hardware and software in a system on a chip (SoC) into a hierarchy. In one embodiment, the hierarchy includes three levels of hardware-software configurations, enabling security and/or safety isolation across those three levels. The levels can cover the processor subsystem with compute, memory, acceleration, and peripheral resources shared or divided across those three levels.

Abstract: The present application discloses a method, system, and computer system for detecting parked domains. The method includes obtaining, by one or more processors, a set of webpages corresponding to a plurality of domains, extracting a plurality of features based on the set of webpages, detecting parked domains based on the plurality of features using a machine learning model, and periodically applying automatic signature generation to detect a new pattern of parked domains without retraining the machine learning model.

Abstract: A computer-implemented method includes detecting occurrence of an event in a cloud environment, obtaining an indication of an identity associated with the event, obtaining an indication of a usage time stamp representing usage time of a privilege in association with the identity for the event, and classifying the privilege into a classification group selected from a plurality of predefined classification groups. Each respective classification group groups a respective set of privileges defined in the cloud environment. The method includes obtaining a grant time stamp representing a grant time of at least one privilege, in the respective set of privileges in the classification group, to the identity and, based on the usage time stamp and the grant time stamp, generating an excessive privilege determination that indicates the classification group includes at least one excessive privilege. The method includes performing a computing action based on the excessive privilege determination.

Abstract: Systems and methods for verification of information completeness are disclosed. They include a processor; a network; a network communication device; and a data store positioned in communication with the processor. The data store contains instructions that announce an association between a subject and an aggregator; record the association between the subject and the aggregator; submit a permission to allow a reporter to submit information regarding the subject to the aggregator; notify to the reporter of the permission; verify the permission granted to the reporter; submit the metadata to a datum of information to the aggregator by the reporter; submit the same datum of information to the subject by the reporter; provide a first aggregated report of all metadata tied to the datums from the aggregator; and provide a second aggregated report containing all the metadata and the datums associated with the first aggregated report.

Abstract: A system and method for detecting potential lateral movement using cloud keys in a cloud computing environment includes determining a first node in a security graph is a compromised node, wherein the security graph represents cloud entities of the cloud computing environment; detecting a cloud key node connected to the first node, wherein the cloud key node represents a cloud key of the cloud computing environment; and generating a potential lateral movement path, including the first node, and a second node, wherein the second node is connected to the cloud key node.

Abstract: Techniques for user identity-based security policy enforcement. The techniques may include sending, to an edge device associated with a network, a networking policy associated with a user. The techniques may also include receiving, from an identity provider, an IP address associated with the user. Additionally, the techniques may include sending, to the edge device, an indication to associate the IP address with the user such that the edge device applies the networking policy to packets that include the IP address.

Abstract: A method for UE-to-UE (U2U) relay discovery security is disclosed. The method may comprise provisioning an end-UE with security material for a direct discovery set and a U2U discovery message and provisioning a U2U relay with security material for the U2U discovery message. The security material for the direct discovery set may comprise at least one of: A ProSe restricted code, associated key material, or an indicator associated with a relay service code (RSC) that indicates whether the RSC supports per ProSe direct discovery set protection. The method may comprise sending, by the end-UE to the U2U relay, a direct connection request (DCR) message. The DCR message may comprise at least one of: an RSC, and end-UE User info identification (ID), or a ProSe restricted code. The method may comprise sending, by the end-UE, an indication for direct discovery set protection.

Abstract: A computer implemented method includes receiving a request for device validation, reading a genesis record from a device, the genesis record containing a device identification (ID), an original owner ID, a current owner ID, and a first hash of the device ID, an original owner ID, a current owner ID, and validating, by multiple processing entities having replicated copies of a chain that includes the genesis record and a succeeding transfer block, ownership of the device.

Abstract: In a blockchain, contents of communication of electronic data are basically made public, and a malicious person can find system vulnerability of the blockchain. Leak of secret information or the like to an unintended third party through unauthorized access or the like by exploiting the vulnerability and cause is actually possible. Thus, it cannot be said that sufficient security measures are taken. In the present invention, a colony server stores partial data containing data of a predetermined size from a beginning of data to be managed received from a terminal, and a center server stores body data containing data of the predetermined size +1 and thereafter. Thus, the data to be managed is managed in a divided manner. Also, even if the body data is leaked from the colony server through unauthorized access or the like, the body data is merely part of the data to be managed, and has no value on its own.

Abstract: Systems and methods for privatized presentation of private data are provided. In certain embodiments, private data contained within received electronic data is identified. Based at least in part upon the identified private data, a determination is made as to whether privatized presentation of the private data should be performed. When the privatized presentation should be performed, a primary electronic device response including non-private data of the electronic data and an indication of a location of the private data in the electronic data is generated. The primary electronic device response is provided to a primary electronic device. The indication of the location of the private data is used to instruct the primary electronic device to refrain from presenting the private data. Instead, the private data is presented to a secondary electronic device tasked with presenting the private data in lieu of the primary electronic device.

Abstract: Various examples are directed to systems and methods using a database management system. The database management system may generate a root certificate for a database host of the database management system and a first host certificate using the root certificate. The database management system may receive, from a first client associated with the first tenant, a request to access the root certificate stored at a root certificate storage location and send the root certificate to the first client. The database management system may receive, from the first client, a request to establish a secure communication connection. The secure communication connection with the first client may be established at least in part by providing the first host certificate to the first client.

Abstract: A system for detection of covert spying devices. A computing device of the system is configured to receive user selections of covert spying device detection options. An image recognition process is carried out to determine whether any object detected in an image of objects being scanned resembles an already known covert spying device. A network scan process is carried out optionally or additionally to determine whether any network attribute associated with objects being scanned resembles any network attribute associated with the already known covert spying device. A monitoring process detects and logs any unauthorized access made to objects being scanned on finding any deviation in activities occurred in the objects being scanned from a standard set of activities. A report indicates any object as a suspected covert spying device on finding any resemblance with an already known covert spying device or on finding any unauthorized access.

Abstract: The service layer may leverage the access network infrastructure so that applications on a device may bootstrap with a machine-to-machine server without requiring provisioning beyond what is already required by the access network.

Abstract: Aspects of the disclosure relate to email verification. A computing platform may receive an electronic message and identify one or more portions of content in the message. Then, the computing platform may generate and embed one or more message-specific identifiers into the electronic message and store electronic message information associating the one or more portions of content with the one or more embedded message-specific identifiers. Thereafter, the computing platform may receive an electronic message verification request to verify authenticity of an identified electronic message received by a computing device. The computing platform may prompt a user of the computing device to provide authentication information associated with one or more portions of content of the identified electronic message.