Abstract: A method may include dividing code into trusted and untrusted components, and identifying a dynamic invocation in a first component of the code. The first component may be an untrusted component. The method may further include extracting dynamic information from the dynamic invocation, and identifying, using the dynamic information and metadata describing a dynamic behavior of the code, a target for the dynamic invocation. The target may correspond to a second component of the code. The method may further include determining that the target matches the dynamic invocation, and in response to determining that the target matches the dynamic invocation, adding, to a call graph generated from the code, an edge from the dynamic invocation to the target.

Abstract: Aspects discussed herein relate to the storage of data in graph databases and detecting fraudulent behavior in the stored data. Fraud detection systems may use graph databases to store data, allowing for querying the graph database to obtain data using a variety of graph semantics such as nodes, edges, and properties. Graph databases in accordance with embodiments of the invention may include account nodes and attribute nodes, where nodes of the same type are not directly linked to each other. When a particular node is updated, an updated node may be created with a higher version number than the existing node. Each node may include an indication of the node being associated with fraudulent activity. Fraud indicators may be calculated based on the relationships between the nodes and fraud indicators for the nodes.

Abstract: The embodiments herein are directed to a technique for providing secure communication between nodes of a network environment or within a node of the network using a verified virtual trusted platform module (TPM) of each node. The verified virtual TPM illustratively emulates a hardware TPM device to provide software key management of cryptographic keys used to provide the secure communication over a computer network of the network environment. Illustratively, the verified virtual TPM is configured to enforce a security policy of a trusted code base (TCB) that includes the virtual TPM. Trustedness denotes a predetermined level of confidence that the security property is demonstrated by the verified virtual TPM. The predetermined level of confidence is based on an assurance (i.e., grounds) that the verified virtual TPM demonstrates the security property.

Abstract: A user account/password manager is presented to protect any of: user accounts, passwords, and devices using security best practices. User account activity information is managed by a user and displayed in a meaningful way on an Account Management Graphical user interface. The user can easily find out who may be attempting to login to their account, when and how the login attempts were made, and where the login attempts originated.

Abstract: An apparatus for use in a digital messaging system includes a storage device and a processor coupled to the storage device. The storage device storing software instructions for controlling the processor that when executed by the processor configured the processor to: generate a master private and public key pair; associate the master private and public key pair with a first certificate; and derive at least one domain-specific key from the one of the master private and public key pair. The first certificate is registered to a group comprising a plurality of domains. The domain-specific key is associated with one of the plurality of domains.