Abstract: Techniques for automatically classifying an entity based on features of an associated network, determining risk to data in the network, and mitigating the determined risk are disclosed. The system may scan a network associated with an entity to extract one or more features of the network. The system may classify the entity based at least a portion of the one or more extracted features. The system may compute a risk to data in the network based on the one or more features and the entity classification, and determine one or more actions to mitigate the computed risk. The system may communicate the one or more actions to a user.

Abstract: Embodiments of the present disclosure provide methods and systems that configured to, generally, and in no particular order, perform one or more of the following functions: distinguish and identify secured assets that are permitted to an end-point to employ within a shared computing environment; monitor the end-point for certain triggering events, such as data creation, reception, manipulation, storage, or extraction associated with a secured asset; upon detection of a triggering event, monitor at least one unsecured container in order to determine if at least a portion of the secured asset has been otherwise transferred to an unsecured container; and encrypt the unsecured container in order to secure the otherwise unsecured asset.

Abstract: Embodiments of the present disclosure provide methods and systems that configured to, generally, and in no particular order, perform one or more of the following functions: distinguish and identify secured assets that are permitted to an end-point to employ within a shared computing environment; monitor the end-point for certain triggering events, such as data creation, reception, manipulation, storage, or extraction associated with a secured asset; upon detection of a triggering event, monitor at least one unsecured container in order to determine if at least a portion of the secured asset has been otherwise transferred to an unsecured container; and encrypt the unsecured container in order to secure the otherwise unsecured asset.

Abstract: A method for mitigating false positive type errors while applying an information leak prevention policy to identify important information and to prevent outward leakage. A positive criterion is defined for a positive set, and a negative criterion for a negative set of benign traffic. An ambiguity set contains items showing indications for both positive and negative sets. An ambiguity resolution criterion allows ambiguous items to be placed in/removed from the positive set or negative set. Each information item is searched for matches with the positive set. Each item in the positive set is checked for membership in the ambiguity set. The ambiguity resolution criteria are used for each member of the ambiguity set and to remove items from the positive set accordingly. The leak prevention policy is applied for all items remaining in the positive set thus protecting the important information.

Abstract: A method for mitigating false positive type errors while applying an information leak prevention policy to identify important information and to prevent outward leakage. A positive criterion is defined for a positive set, and a negative criterion for a negative set of benign traffic. An ambiguity set contains items showing indications for both positive and negative sets. An ambiguity resolution criterion allows ambiguous items to be placed in/removed from the positive set or negative set. Each information item is searched for matches with the positive set. Each item in the positive set is checked for membership in the ambiguity set. The ambiguity resolution criteria are used for each member of the ambiguity set and to remove items from the positive set accordingly. The leak prevention policy is applied for all items remaining in the positive set thus protecting the important information.

Abstract: A method for mitigating false positive type errors while applying an information leak prevention policy, the method comprising the computer implemented steps of: defining at least one positive criterion for a positive set, wherein the positive criterion comprises at least one indicator of a possible breach of the information leak prevention policy; defining at least one negative criterion for a negative set, wherein the negative criterion comprises at least one indicator of benign traffic; establishing an ambiguity set in association with an intersection between the positive set and the negative set, such that information items in the intersection enter the ambiguity set; defining at least one ambiguity resolution criterion for resolving the ambiguity; monitoring and analyzing electronic traffic, where each information item in the traffic is searched for matches with the positive set; checking for membership of each item in the positive set in the ambiguity set; resolving ambiguities using one of the ambiguit

Abstract: A method for secure distribution of digital content, the method including the steps of dividing a unit of digital content into at least first and second portions, storing the first portion on a first computerized apparatus, digitally watermarking the second portion, and combining the first portion and the digitally watermarked second portion, thereby forming a watermarked version of the digital content.

Abstract: A method for mitigating false positive type errors while applying an information leak prevention policy, the method comprising the computer implemented steps of: defining at least one positive criterion for a positive set, wherein the positive criterion comprises at least one indicator of a possible breach of the information leak prevention policy; defining at least one negative criterion for a negative set, wherein the negative criterion comprises at least one indicator of benign traffic; establishing an ambiguity set in association with an intersection between the positive set and the negative set, such that information items in the intersection enter the ambiguity set; defining at least one ambiguity resolution criterion for resolving the ambiguity; monitoring and analyzing electronic traffic, where each information item in the traffic is searched for matches with the positive set; checking for membership of each item in the positive set in the ambiguity set; resolving ambiguities using one of the ambiguit

Abstract: A method of distributing digital content or service over a communication network is provided. The method is effected by: (a) analyzing a request for distribution of the digital content or service; (b) generating a policy associated with the digital content or service; and (c) assembling a distribution syndicate of distribution entities, the distribution entities being selected according to the policy associated with distribution of the digital content or service, the distribution syndicate being for distributing the digital content or service over the communication network.

Abstract: A method for preventing unauthorized access by a requestor to data sent via computer networks, including a) requesting, from a requesting computer, access to data from a first server, at the first server b) determining if the request is a valid request, c) receiving a ticket from a ticket server, if the request is a valid request d) providing the ticket identifying the requestor to a second server the data is stored, e) directing the requesting computer to request access to the data from the second server, at the second server f) receiving the request from the requesting computer, g) verifying the ticket as identifying the requestor, and h) sending the data to the requesting computer in response to the request.

Abstract: A method for secure distribution of digital content (108), the method including the steps of dividing a unit of digital content into at least first and second portions (200), storing the first portion on a first computerized apparatus, digitally watermarking the second portion, and combining the first portion and the digitally watermarked second portion, thereby forming a watermarked (106) version of the digital content.

Abstract: A method for preventing unauthorized access by a requester to data sent via computer networks, including a) requesting, from a requesting computer, access to data from a first server, at the first server b) determining if the request is a valid request, c) receiving a ticket from a ticket server, if the request is a valid request d) providing the ticket identifying the requestor to a second server the data is stored, e) directing the requesting computer to request access to the data from the second server, at the second server f) receiving the request from the requesting computer, g) verifying the ticket as identifying the requester, and h) sending the data to the requesting computer in response to the request.

Abstract: A method of distributing digital content or service over a communication network is provided. The method is effected by: (a) analyzing a request for distribution of the digital content or service; (b) generating a policy associated with the digital content or service; and (c) assembling a distribution syndicate of distribution entities, the distribution entities being selected according to the policy associated with distribution of the digital content or service, the distribution syndicate being for distributing the digital content or service over the communication network.

Abstract: A method for secure distribution of digital content, the method including the steps of dividing a unit of digital content into at least first and second portions, storing the first portion on a first computerized apparatus, digitally watermarking the second portion, and combining the first portion and the digitally watermarked second portion, thereby forming a watermarked version of the digital content.