Abstract: Systems and methods for root-level application selective configuration for managing performance of actions on files in a file system including an agent executed on a computing device. The agent can determine files stored in a particular folder and determine file metadata corresponding to the files based on a policy file. The agent can receive a selection of a particular file of the files that corresponds to one of the file metadata. The agent can determine an availability of one or more actions for the particular file as specified by file metadata. The agent can render a context menu that includes menu entries with one or more additional menu entry that corresponds to the actions based on the file metadata. The agent can perform an authentication of a current user account based on the policy file and cause the action to be performed based on privileges of the agent.

Abstract: Methods, systems, and apparatuses for detecting a presence of a malicious application are disclosed. In an example, a method includes determining a prediction for human user interaction with webpage content of a website by identifying webpage elements in the webpage content, where the webpage elements are for human user interaction, and determining at least one of spatial density of cursor movements or cursor velocity vectors relative to the webpage elements that are indicative of human user interaction with the webpage content. The method further includes using the prediction for human user interaction with the webpage content to determine if received webpage interaction information from a client device is indicative of a presence of a malicious application. The method provides an indication of the presence of the malicious application if the received interaction information is indicative of the presence of a malicious application.

Abstract: A cloud network for automatically provisioning a user directory in a multi-tenant system. User attributes for configuration of the user directory and groups associated with a plurality of end-users are received from a local application on an end-user device. A program module integrates with an external application and the user interface allows integration with a mid-link server. User policies and group policies associated with the plurality of end-users are determined. A high-risk user from the plurality of end-users is determined using the external application. A threat is determined associated with an end-user based on a type of the threat, a threat level is determined based on the type of the threat, and the threat level is compared to a threshold level, the threshold level categorizes the end-user as the high-risk user. The user directory is deployed using a snippet based on the user policies and the group policies.

Abstract: Aspects of the disclosure relate to detecting and identifying malicious sites using machine learning. A computing platform may receive a uniform resource locator (URL). The computing platform may parse and/or tokenize the URL to reduce the URL into a plurality of components. The computing platform may identify human-engineered features of the URL. The computing platform may compute a vector representation of the URL to identify deep learned features of the URL. The computing platform may concatenate the human-engineered features of the URL to the deep learned features of the URL, resulting in a concatenated vector representation. By inputting the concatenated vector representation of the URL to a URL classifier, the computing platform may compute a phish classification score. In response to determining that the phish classification score exceeds a first phish classification threshold, the computing platform may cause a cybersecurity server to perform a first action.

Abstract: In some embodiments, a method can include identifying detection coverage of a set of adversarial techniques based on telemetry data and a detection instance of an environment. The method can further include determining a subset of detection coverage that has a metric value below a metric value threshold and among the detection coverage for the set of adversarial techniques. The method may further include identifying at least one detection instance associated with the subset of detection coverage. The method can further include presenting, via a graphical user interface, a representation of at least one of the subset of detection coverage or the at least one detection instance associated with the subset of detection coverage. The method can further include updating the subset of detection coverage based on the telemetry data, the detection instance, or the at least one detection instance to improve the metric value.

Abstract: Embodiments described herein disclose technology for verifying authorization of an application download. The system can receive from a device associated with a user, a request to download an application. In response to a first instance of the application being downloaded on the device, the system can assign a unique identifier to the first instance of the application. After the application is downloaded and prior to granting the person requesting the application download access to the first instance of the application, the system can request via the first instance of the application identification information and particular authentication information to verify that the person requesting the application download is authorized to do so. In response to verifying that the person requesting the application download is authorized, the unique identifier can be associated with the account, user and/or device to result in a verified download of the first instance of the application.

Abstract: An issuing device is configured to: respond to a challenge request by transmitting a challenge; and respond to a certification request including a public key and ownership information thereof by issuing a digital certificate certifying the ownership information. The ownership information includes counterparty identity information relating to a ledger of a distributed database. The digital certificate is issued if it is successfully verified that a valid response to the challenge has been posted to the ledger of the distributed database and is associated therein with the counterparty identity information of the certification request. The digital certificate facilitates proofing that an owner of a public key is a given counterparty to a blockchain ledger. Also, a corresponding requesting device and corresponding methods and computer program products for issuing and requesting a digital certificate are disclosed.

Abstract: Disclosed are systems and methods for supporting dynamic reconfiguration. The systems and methods can include: pointing to a document server providing document services as a primary document server; dynamically reconfigure and point itself to use a document appliance indicated by an electronic invite received by the first computing device from a second computing device; and enable the first computing device to pass data or information received in the electronic invite to the document application in response to the first client.

Abstract: An apparatus, system and method for protecting the confidentiality and integrity of a secure object running on a computer system by protecting the memory pages owned by the secure object, including assigning a secure object an ID, labeling the memory pages owned by a secure object with the ID of the secure object, maintaining an Access Control Monitor (ACM) table for the memory pages on the system, controlling access to memory pages by monitoring load and store instructions and comparing information in the ACM table with the ID of the software that is executing these instructions; and limiting access to a memory page to the owner of the memory page.

Abstract: Systems and methods for cloud-based file sharing, where templates are provided for creating workflow instances which enable the sharing of managed objects. Reusable workflow templates are stored in the repository of a cloud-based file sharing system as objects that define components of the workflow, or placeholders for these components. A user instantiates a workflow instance from one of the templates and configures the workflow instance to identify content objects or forms, tasks related to the content objects, and users assigned to perform the tasks. The workflow instance is stored as an object in the repository. Users assigned to tasks are authorized through the workflow instance to access the content objects or forms to perform the tasks.

Abstract: Systems and methods enable secure service-based communications in networks that use a Services Communications Proxy (SCP). A Network Function (NF) producer receives a service request including an authorization token and a signed service request object, wherein the service request originates from an NF consumer of the wireless core network and is forwarded to the NF producer via the SCP. The NF producer verifies the signed service request object and generates, after the verifying, a service response. The service response includes a signed service response object. The NF producer sends, to the NF consumer and via the SCP, the service response with the signed service response object.

Abstract: A carrier network may detect and prevent completion of SIM swap frauds. For example, a carrier network may, based at least in part on a SIM swap request to replace a first SIM associated with a subscriber with a second SIM, store first information associated with the first SIM. Subsequent to the execution of a SIM swap to replace the first SIM with the second SIM, the carrier network may perform fraud detection on the SIM swap based at least in part on the first information associated with the first SIM stored based at least in part on the SIM swap request and based at least in part on second information associated with the second SIM and based at least in part on the SIM swap being detected as fraudulent by the fraud detection, cause the second SIM to be prohibited from operating with respect to the subscriber.

Abstract: A system and method for a distributed security model that may be used to achieve one or more of the following: authenticate system components; securely transport messages between system components; establish a secure communications channel over a constrained link; authenticate message content; authorize actions; and distribute authorizations and configuration data amongst users' system components in a device-as-a-key system.

Abstract: The technology disclosed describes a network security system that is configured to configure a synthetic request with an object identifier, and to inject the synthetic request into an application session to transmit the synthetic request to a cloud application. The synthetic request is configured to retrieve object metadata about the object using the object identifier. The network security system is further configured to receive from the cloud application a response to the synthetic request. The response supplies the object metadata.

Abstract: This invention pertains to a method for provisioning and implementing two-factor authentication (2FA) for enterprise services. The system securely establishes a trusted identity for a subscriber device using an immutable hardware key and public/private key sets. The device's identity is verified by an Original Equipment Manufacturer (OEM) cloud service. The method includes generating unique transaction nonces for each 2FA request, securing private keys within a Trusted Execution Environment (TEE), and employing a cloud wallet service to store keys. The subscriber device interacts with the system, decrypting and re-encrypting transaction nonces using corresponding keys. This process enables secure transaction from enterprise applications. The system also integrates user consent into the 2FA process, displaying a prompt to approve or deny authentication. This technology enhances security in enterprise services, prioritizing user consent and secure data transfer.

Abstract: A computerized method supporting SSL-based or TLS-based communications with multiple cryptographically protected transmissions is described. Responsive to a first transmission including a first content encrypted with a public key of an intended recipient and a first digital signature for use in detect tampering to the first content, a second transmission is received. The second transmission includes a combined result including the first content and a second content, which is encrypted with a public key of the sender. Recovery of the first content verifies to the sender that the second transmission originated from the intended recipient. Thereafter, a third transmission is sent. The third transmission has data including at least the second content, being the remaining data after extraction of the first content from the combined result, which is encrypted with the public key of the intended recipient and a third digital signature for use in verifying non-tampering of the data.

Abstract: A remote controlled battery cell monitoring and control system that utilizes empirical and theoretical data to compare performance, sensor data, stored patterns, historical usage, use intensity indexes over time and tracking information to provide a sophisticated data collection system for batteries. This tracking is designed to better the specifications, designs, training, preventative maintenance, and replacement and recycling of batteries.

Abstract: A method for signing data such as software images is provided that uses modules executable by a generic client to sign hashes of the software images rather than the images themselves. The method avoids both the requirement for new or updated client software and the uploading of full software images to the signing system. This approach uses a generic client that requests and downloads processing modules from the signing system to perform the pre-processing operations in signing software images, as well as optionally for post-processing operations.

Abstract: A computer-implemented method is disclosed.

Abstract: In some aspects, a computing system can control access of a user computing device to a resource. The computing system can obtain an access request submitted by a user computing device. The computing system can verify permission information in the access request to determine that the access request is valid. If the access request is valid, the computing system submits an authentication request to request an authentication system to authenticate the user and obtains authentication results generated by the authentication system. The computing system further provides, based on the authentication results, an access control decision for the access request.