Abstract: A method is disclosed. In the method, a data generation process can continuously generate data in real time. The data generation process can store the data into discrete data blocks. An analyzer process can run analytical queries on the data from the data blocks. After the analytics is complete for different data blocks, data can be removed from the respective data blocks. The empty data blocks can be returned back to the generation process for reuse. The data blocks can be shared resources between the generation and the analyzer processes. The data can be stored in a directly queryable format. Though at any given time a given analytical query can run on a single data block, the analyzer process can preserve certain important records from that data block to be used while analyzing subsequent data blocks at a later time.

Abstract: A method is disclosed. In the method, a data generation process can continuously generate data in real time. The data generation process can store the data into discrete data blocks. An analyzer process can run analytical queries on the data from the data blocks. After the analytics is complete for different data blocks, data can be removed from the respective data blocks. The empty data blocks can be returned back to the generation process for reuse. The data blocks can be shared resources between the generation and the analyzer processes. The data can be stored in a directly queryable format. Though at any given time a given analytical query can run on a single data block, the analyzer process can preserve certain important records from that data block to be used while analyzing subsequent data blocks at a later time.

Abstract: An authenticating method including storing internally a reference hash set having hashes of genuine client binary and/or library files. The method further includes receiving an authentication request for authentication of the client process to authorize the client process to access a server resource provided by the server process. In a first phase, the method further includes requesting from the client OS, the process details and the hashes of the client binary and/or library files and verifying (using the reference hash set) these hashes received. In a second phase the method further includes, contingent on positive verification in the first phase, transmitting a random message to the client process by locating it using the IP address and PID presented during the authentication request, verifying a copy of the random message received back from the client process, and contingent on positive verification in the second phase, allowing the client process to access the requested server resource.

Abstract: A computer method and system for determining a threat level score for a detected network attack. Network data is received having a detected network attack, which is then analyzed to determine metadata associated with the network attack. The determined metadata associated with the network attack is analyzed to determine: 1) an attack objective component; 2) an attack method component; and 3) an attack execution component, each being associated with the network attack. A severity score value for the network attack is then determined based upon calculating a weighted value for each of the: 1) an attack objective component; 2) a attack method component; and 3) an attack execution component. And an alert signal/message is then generated for a network attack based upon the determined severity score value.