Abstract: A website vulnerability test is performed by automatically checking that a website has not been compromised by malicious third party scripts. A system can test a dynamic behavior of a website that indicates a functional user flow through the website. A set of rules are applied against a log of dynamic behavior of the website, as well as static code of the website, to identify potential compromise by malicious scripts. Some rules can be configured for detecting modification of a third party script, or modified behavior of a third party script, in an attempt to detect security monitoring activity against the script and hide its presence from the security monitoring activity.

Abstract: A website vulnerability test is performed by automatically checking that a website has not been compromised by malicious third party scripts. A system can test a dynamic behavior of a website that indicates a functional user flow through the website. A set of rules are applied against a log of dynamic behavior of the website, as well as static code of the website, to identify potential compromise by malicious scripts. Some rules can be configured for detecting modification of a third party script, or modified behavior of a third party script, in an attempt to detect security monitoring activity against the script and hide its presence from the security monitoring activity.

Abstract: A website anomaly test is performed by automatically checking that a website has not been compromised by malicious code. A system can test a dynamic behavior of a website that indicates a functional user flow through the website. A set of rules are applied against a log of dynamic behavior of the website, as well as static code of the website, to identify potential compromise by malicious scripts.

Abstract: This document generally describes computer systems, processes, program products, and devices for the rapid and automated collection, storage, and analysis of network events to provide improved and enhanced security analysis. The system can include an extensible framework for pipelines to process, normalize, and decorate network events created in response to network activity, which can permit the system to readily scale up and down to ingest large volumes and variations in network activity. For example, pipeline can match data in the network events with stored Indicators of Compromise (IoCs) and decorate the network events with the IoCs before the network events are stored and subsequently analyzed.

Abstract: A network security system centrally manages security packages and deploy them to a network host that is identified as potentially compromised. A security package is selected or assembled to be targeted to the identified host. Security packages are designed to isolate identified hosts from other network resources and collect forensic information from the hosts without interfering with operations of the hosts. Once forensic information is collected, software packages can be dissolved from hosts. Collected forensic information can be used to analyze and mitigate threats on hosts.

Abstract: A website vulnerability test is performed by automatically checking that a website has not been compromised by malicious third party scripts. A system can test a dynamic behavior of a website that indicates a functional user flow through the website. Instead of merely analyzing static code of a website, the system automatically tests the website in their runtime environments for the presence of malicious third party scripts.

Abstract: A plurality of network sensors are configured to sense the operations of a data network and, responsive to sensing the operations of the data network, generate event data objects that record the operations of the data network. One or more decorator pipelines are configured to decorate the event data objects with data other than from operations of the data network. A security frontend is configured to generate a graphical user interface (GUI) configured to provide, to a user, query-authoring tools, receiving a query in a structured language, provide responsive to receiving the query, results to the query from historic event data that was decorated before the query was received, receive approval for the query, and later execute the query on new event data that has been decorated after the approval for the query is received.

Abstract: One or more processors determine in which level, among a plurality of levels of a structured object displayed on a display device, a position of interest is currently located. The plurality of levels, which includes a first level and a second level, are in a hierarchy or corresponding to a multi-dimensional coordinate space. In response to determining that the position of interest is currently located in the first level: the one or more processors determine, based on the hierarchy or the multi-dimensional coordinate space, a next location in the second level of the structured object. The next location is a prediction of where a user will choose to move the position of interest subsequently from the current location. The one or more processors generate first display data that, when displayed by the display device, shows the position of interest at the next location in the second level.

Abstract: A website vulnerability test is performed by automatically checking that a website has not been compromised by malicious third party scripts. A system can test a dynamic behavior of a website that indicates a functional user flow through the website. A set of rules are applied against a log of dynamic behavior of the website, as well as static code of the website, to identify potential compromise by malicious scripts. Some rules can be configured for detecting modification of a third party script, or modified behavior of a third party script, in an attempt to detect security monitoring activity against the script and hide its presence from the security monitoring activity.

Abstract: A website anomaly test is performed by automatically checking that a website has not been compromised by malicious code. A system can test a dynamic behavior of a website that indicates a functional user flow through the website. A set of rules are applied against a log of dynamic behavior of the website, as well as static code of the website, to identify potential compromise by malicious scripts.

Abstract: A rotary implement for harvester combine dispersal of plant cuttings, the implement incorporating a base plate; a drive shaft connected to the base plate; a first plurality of channel and passage port combinations extending from the base plate to an elevation, the first combinations including channels underlying passage port lower ends; a second plurality of channel passage port combinations extending radially outwardly from a radially outer end of one of combinations among the first plurality of channel and passage port combinations, the second combinations having a channel upper walls sloping upwardly from passage port lower ends to the elevation; and a plurality of radially outer channels extending radially outwardly from second combinations.

Abstract: One or more processors determine in which level, among a plurality of levels of a structured object displayed on a display device, a position of interest is currently located. The plurality of levels, which includes a first level and a second level, are in a hierarchy or corresponding to a multi-dimensional coordinate space. In response to determining that the position of interest is currently located in the first level: the one or more processors determine, based on the hierarchy or the multi-dimensional coordinate space, a next location in the second level of the structured object. The next location is a prediction of where a user will choose to move the position of interest subsequently from the current location. The one or more processors generate first display data that, when displayed by the display device, shows the position of interest at the next location in the second level.

Abstract: This document generally describes computer systems, processes, program products, and devices for the rapid and automated collection, storage, and analysis of network events to provide improved and enhanced security analysis. The system can include an extensible framework for pipelines to process, normalize, and decorate network events created in response to network activity, which can permit the system to readily scale up and down to ingest large volumes and variations in network activity. For example, pipeline can match data in the network events with stored Indicators of Compromise (IoCs) and decorate the network events with the IoCs before the network events are stored and subsequently analyzed.

Abstract: A network security system centrally manages security pacakges and deploy them to a network host that is identified as potentially compromised. A security package is selected or assembled to be targeted to the identified host. Security packages are designed to isolate identified hosts from other network resources and collect forensic information from the hosts without interfering with operations of the hosts. Once forensic information is collected, software packages can be dissolved from hosts. Collected forensic information can be used to analyze and mitigate threats on hosts.

Abstract: A website vulnerability test is performed by automatically checking that a website has not been compromised by malicious third party scripts. A system can test a dynamic behavior of a website that indicates a functional user flow through the website. Instead of merely analyzing static code of a website, the system automatically tests the website in their runtime environments for the presence of malicious third party scripts.

Abstract: A selection-type user input corresponding to a selection position on a structured object displayed on a display device is received via a user interface device. The structured object includes a plurality of levels in a hierarchy or corresponding to a multi-dimensional coordinate space, and the plurality of levels includes a first level and a second level. When it is determined that the selection position is within the first level, first display data is generated that, when displayed by the display device, shows contents of the structured object within the first level as selected and does not show contents of the structured object within the second level as selected. When it is determined that the selection position is within the second level, second display data is generated that, when displayed by the display device, shows contents of the structured object within both the first level and the second level as selected.

Abstract: A plurality of network sensors are configured to sense the operations of a data network and, responsive to sensing the operations of the data network, generate event data objects that record the operations of the data network. One or more decorator pipelines are configured to decorate the event data objects with data other than from operations of the data network. A security frontend is configured to generate a graphical user interface (GUI) configured to provide, to a user, query-authoring tools, receiving a query in a structured language, provide responsive to receiving the query, results to the query from historic event data that was decorated before the query was received, receive approval for the query, and later execute the query on new event data that has been decorated after the approval for the query is received.

Abstract: Some embodiments include a memory cell which has, in the following order; a control gate, charge-blocking material, charge-trapping material, a first oxide, a charge-passage structure, a second oxide, and channel material. The charge-passage structure has a central region sandwiched between first and second regions. The central region has a lower probability of trapping charges and/or a lower rate of trapping charges than the first and second regions. Some embodiments include an integrated structure having a vertical stack of alternating conductive levels and insulative levels, and having a charge-passage structure extending vertically along the vertical stack. Some embodiments include a NAND memory array having a vertical stack of alternating insulative levels and wordline levels, and having a charge-passage structure extending vertically along the vertical stack.

Abstract: A rail fixture that may include a plurality of track sections suspending a plurality of rail sections. The rail fixture may further include a traveler that traverses across one of the track sections, and a trolley that traverses across the plurality of rail sections. The rail fixture may further include a motorized winch assembly that may be used to lift a load to be moved toward the rail sections. The rail fixture may be used to move a load from a first location to a second location, for example, through an enclosed space having little clearance.

Abstract: A selection-type user input corresponding to a selection position on a structured object displayed on a display device is received via a user interface device. The structured object includes a plurality of levels in a hierarchy or corresponding to a multi-dimensional coordinate space, and the plurality of levels includes a first level and a second level. When it is determined that the selection position is within the first level, first display data is generated that, when displayed by the display device, shows contents of the structured object within the first level as selected and does not show contents of the structured object within the second level as selected. When it is determined that the selection position is within the second level, second display data is generated that, when displayed by the display device, shows contents of the structured object within both the first level and the second level as selected.