Abstract: Described are platforms, systems, and methods for a secure exchange of personal data with brand data. In one aspect, a method comprises receiving, from a computing device, a request for ownership of a brand, the request comprising a data grouping; persist a smart contract to a distributed ledger, the smart contract associated with the brand and generated based on the data grouping satisfying a criterion for ownership of the brand; and providing, to the computing device, by executing the smart contract, a plurality of opportunities based on the data grouping satisfying the criterion for ownership.

Abstract: A risk control method includes: acquiring risk information of a current user operation; calculating, for an identity verification mode corresponding to historical identity verification, a security coefficient according to the risk information and security information corresponding to the identity verification mode, and calculating an estimated operation risk according to the security coefficient and an amount corresponding to the user operation; and performing prescribed risk control processing on the user operation when the estimated operation risk satisfies a preset condition, and waiving performing prescribed risk control processing on the user operation when the estimated operation risk does not satisfy the preset condition.

Abstract: The techniques described herein facilitate scope-based certificate deployment for secure dedicated tenant access in multi-tenant, cloud-based content and collaboration environments. In some embodiments, a method is described that includes receiving an incoming authentication request from an access system, wherein the authentication request includes metadata, extracting the metadata from the authentication request, and processing the metadata to identify a tenant corresponding to the request. A tenant-specific certificate associated with the tenant is then accessed and provided to the access system for validation by a third-party certificate authority.

Abstract: A vulnerability scanning method includes: identifying a host service running on a target host and creating a scan task that matches the identified host service; issuing the created scan task to a task scheduling center, to allow a proxy node to acquire at least one scan task from the task scheduling center, where the proxy node executes the at least one scan task for the target host, and obtains a scan result; and receiving the scan result fed back by the proxy node, determining whether there exists a specified host service in the identified host service, where the specified host service signifies an existence of a web site resource running on the target host, and if there exists the specified host service in the identified host service, issuing again a scan subtask corresponding to the specified host service to the task scheduling center.

Abstract: A cybersecurity assessment system is provided for monitoring, assessing, and addressing the cybersecurity status of a target network. The cybersecurity assessment system may scan the target network and produce data regarding the current state and properties of devices on the target network, events occurring on the target network, vulnerabilities detected in devices on the target network, and the like. The cybersecurity assessment system can analyze the scan data and determine a degree to which the current status of the target network satisfies a particular cybersecurity readiness standard, and how the status changes over time. The cybersecurity assessment system can also transform large amounts of vulnerability scan data into efficient representations for use in providing interactive presentations of the vulnerabilities detected on the target network. The cybersecurity assessment system can also provide information regarding cybersecurity events in substantially real time.

Abstract: Systems and methods for restricting a first computing device's output of information. The methods comprise: receiving, at the first computing device, information and at least one viewing restriction set for the information; collecting situational awareness information by the first computing device; using the situational awareness information to determine if the at least one viewing restriction is satisfied; and displaying the information on a screen of the first computing device if a determination is made that the at least one viewing restriction is satisfied or preventing the displaying of the information if a determination is made that the at least one viewing restriction is not satisfied.

Abstract: A method and system for authenticating a device is provided. A noisy response is received from a physically unclonable function for a challenge. An error code is generated for correcting the noisy first response. An expected response is generated from the noisy first response and the error code. The expected response and corresponding first helper data is store. The helper data includes the first challenge and the error code. The helper data is provided to a device in response to an authentication request from the device, the first device including the physically unclonable function.

Abstract: A client system obtains an access token for accessing a protected resource stored at a resource system. A storage resource of the system stores a plurality of grant method code portions, a plurality of authentication method code portions and a configurable database. The client system comprises processing circuitry configured to receive an access request from a user device. The access request comprises an instruction for the client system to access a protected resource and a request identifier indicative of an authorization system for authorizing access to the protected resource. The client system uses the configurable database and code portions to execute the grant and authentication methods supported by the authorization system. The client system receives the access token from the authorization sever, in response to executing the grant and authentication methods.

Abstract: A system and method is described for protecting applications against malicious URL links by identifying a final destination. The system and method also includes enabling a user process to directly connect to the final destination, bypassing the original URL altogether; thereby bypassing the hacker's ability to use that URL to programmatically send the application to a malicious site.

Abstract: Disclosed embodiments relate to systems and methods for multidimensional vectors for analyzing and visually displaying identity permissions. Techniques include identifying a plurality of identities, privileges used by the identities, and data associated with the identities, developing privilege vectors based on the identified information, and generating groupings of the identities based on the privilege vectors. Further techniques include generating a group score for an identity grouping, using the group score to determine if the grouping is a least privilege grouping, and updating the privileges of the identities within the grouping.

Abstract: Systems and methods for continuously scanning and/or sandboxing files to protect users from accessing infected files by natively mounting public cloud file stores are provided. According to one embodiment, a determination is made by a network security device that is protecting the enterprise network regarding whether an untrusted file stored within a first repository of a public cloud file store, which is natively mounted on the network security device, is a clean file that is free of malicious content by applying one or more security checks to the untrusted file. When a result of the determination is affirmative, the network security device makes the clean file accessible to the users by copying the clean file from the first repository to a second repository that is accessible to the users.

Abstract: Detection of a security threat to a web browser by: Wrapping a suspect JavaScript code with a detection JavaScript code, wherein, when the wrapped suspect JavaScript code is executed in a web browser, the detection JavaScript code indirectly monitors access to a property of a non-writable, non-configurable JavaScript property, to detect an attempt by the suspect JavaScript code to perform a malicious action in the web browser. Executing the wrapped suspect JavaScript code in the web browser, to effect the monitoring and the detection.

Abstract: A device receives call information associated with a call from a first user device to a second user device, where the first user device is associated with a first network, and the second user device is associated with a second network separate from the first network. The call information includes a caller identification and is received via an originating network device of the first network. The device determines whether the caller identification is verified, and adds authentication information to the call information when the caller identification is verified. The device receives the call information and the authentication information from a terminating network device of the first network, and removes the authentication information from the call information. The device adds a cryptographic signature to the call information, and causes the call information and the cryptographic signature to be provided to the second network for routing to the second user device.

Abstract: There are provided systems and methods for visual data processing of mimed images for authentication. Authentication may be required for a user and/or an account of the user, for example, to verify the identity of the user or allow the user to access and use the account of the user. As an additional factor to authentication, increased authentication may be accomplished through who and what the user is, such as through facial recognition and biometrics of the user. During authentication, the user may be presented with a set of images or icons, such as digital emojis, that convey and emotion or idea. The user may be asked to mimic the emojis during authentication, where the user's facial expression is recorded. To authenticate the user, the recorded data may be compared to past data through facial recognition processing and image analysis to find similarities.

Abstract: Techniques are provided to automatically generate and apply policy rules for IoT devices. Historical data associated with IoT behaviors is obtained, where the historical data describes the file systems and behavior trends for multiple different IoT devices. Groups of the IoT devices are generated by grouping together devices identified as being common with one another based on similarities between their identified behaviors. Policies are then automatically generated for each group, corresponding to the detected behavior trends. Each policy determines how to subsequently monitor any device categorized as belonging to that policy's group and also how to respond when a device is operating abnormally. After a device is characterized as belonging to a group, that device is monitored to determine whether it conforms with the group's policy. Optionally, mitigation operations may be performed when the device is non-conforming.

Abstract: A device and method to accurately detect list-based attacks without reducing the convenience for authorized users. An acquirer acquires information on accounts used for log-in trials to a plurality of websites. An analyzer calculates the degree of use of each account used in common for log-in trials to different websites in a predetermined period of time out of the accounts acquired by the acquirer and determine the log-in trials using the account to be attacks when the degree of use exceeds a predetermined threshold. A detector detects, as an attack, a log-in trial to the website using the same account as the account used for the log-in trials determined to be attacks by the analyzer.

Abstract: System, method, and apparatus of securing and managing Internet-connected devices and networks. A wireless communication router is installed at a customer venue, and provides Internet access to multiple Internet-connected devices via a wireless communication network that is served by the router. A monitoring and effecting unit of the router performs analysis of traffic that passes through the router; identifies which Internet-connected devices send or receive data; and selectively enforces traffic-related rules based on policies stored in the router. Optionally, the monitoring and effecting unit is pre-installed in the router in a disabled mode; and is later activated after the router was deployed at a customer venue. Optionally, the router notifies the Internet Service Provider the number and type of Internet-connected devices that are served by the router.

Abstract: Aspects of the disclosure provide techniques for using behavior based information for providing and restricting access to a secure website, or computer network and its assets to a user. Components of the system may include the following. Client remote computing device, network and browser unique attribute data collection and fingerprinting. Method for capturing user habits and fingerprinting with ability to detect abnormalities through AIML using mobile and wearable device applications. System for detection of normality of user behavior based on habits, and cyber transactions, device access and determining a confidence score associated with each transaction. Method for calculating individual transaction risk based on contextual factors such as user behavior, device, browser and the network traffic and request for authentication by account owner when risk greater than allowed threshold.

Abstract: A data management system stores data related to a plurality of users. The data management system initially stores the data in an encrypted format. The data management system automatically periodically re-encrypts the data in accordance with a re-encryption policy. The re-encryption policy includes re-encryption periodicity data defining a periodicity for automatically re-encrypting the data.

Abstract: Systems and methods for monitoring voice and SMS communication exchanged over a UMTS network is described wherein a technique for quickly testing different Count-C values, until the correct value is ascertained is used. The Count-C parameter consists of a HyperFrame Number (HFN) and the system iteratively attempts to decrypt the packets using a series of candidate HFNs. For each of these candidate HFNs, and for each of the packets, the system produces a candidate Count-C by appending the sequence number (SN). The system then uses the candidate Count-C to calculate a candidate keystream block. Subsequently, the system uses the candidate keystream blocks to decrypt the packets, and then tests whether the packets were correctly decrypted. If the system deems the decryption successful, the system stops iterating through the candidate HFNs, and uses the candidate HFN that correctly decrypted the packets to decrypt subsequent packets in the communication session.