Abstract: A computer security system provides for auto-populating process-connection whitelists using process wildcarding and connection wildcarding. Process wildcarding involves grouping process-connection requests together in a process* group without regard to the presence of distinct process arguments; in contrast, some process-connection requests may be separated both by process and by argument into process?argument groups. The process-connection requests may then be analyzed on a group-by-group basis to determine which processes can be mapped to wildcarded connection in a respective process-connection whitelist.

Abstract: A security system for a customer computer site includes a cloud-based manager (CBM) and on-site components. The on-site components include a manager appliance, guest agents of the CBM installed within respective virtual machines, and host agents of the CBM installed on hypervisors on which the virtual machines. The guest agents have a many-to-one relationship with the host agents, which have a many-to-one relationship with the appliance. In a scenario, many guest agents may generate alarms and send them to the host agents. Each host agent consolidates alarms across the different virtual machines it hosts and pushes the consolidated alarms to the manager appliance. The appliance batch processes the consolidated alarms across host agents, and pushes the batched alarms to the CBM, which deduplicates the alarms and notifies an administrator.

Abstract: A security system for a distributed application obtains and, in effect, preserves provisioning information for the purpose of auto-populating whitelists used to protect the distributed application from intrusions. The provisioning information identifies allowable connections on a software-package level. Entries mapping processes to connection destinations are added to a whitelist if a process requesting a connection results from execution of an executable file installed as part of a software package for which the connection was allowed according to the provisioning information.

Abstract: A security system for a distributed application obtains and, in effect, preserves provisioning information for the purpose of auto-populating whitelists used to protect the distributed application from intrusions. The provisioning information identifies allowable connections on a software-package level. Entries mapping processes to connection destinations are added to a whitelist if a process requesting a connection results from execution of an executable file installed as part of a software package for which the connection was allowed according to the provisioning information.

Abstract: A computer security system provides for auto-populating process-connection whitelists using process wildcarding and connection wildcarding. Process wildcarding involves grouping process-connection requests together in a process* group without regard to the presence of distinct process arguments; in contrast, some process-connection requests may be separated both by process and by argument into process argument groups. The process-connection requests may then be analyzed on a group-by-group basis to determine which processes can be mapped to wildcarded connection in a respective process-connection whitelist.

Abstract: A security system for a customer computer site includes a cloud-based manager (CBM) and on-site components. The on-site components include a manager appliance, guest agents of the CBM installed within respective virtual machines, and host agents of the CBM installed on hypervisors on which the virtual machines. The guest agents have a many-to-one relationship with the host agents, which have a many-to-one relationship with the appliance. In a scenario, many guest agents may generate alarms and send them to the host agents. Each host agent consolidates alarms across the different virtual machines it hosts and pushes the consolidated alarms to the manager appliance. The appliance batch processes the consolidated alarms across host agents, and pushes the batched alarms to the CBM, which deduplicates the alarms and notifies an administrator.

Abstract: There is disclosed a method for use in authenticating a user. The method comprises obtaining a biometric input comprising a plurality of biometric attributes distinct to a user. Additionally, the method comprises selecting at least one biometric attribute in the obtained biometric input as a currently active biometric attribute. Furthermore, the method comprises based on the at least one selected currently active biometric attribute, creating a currently active biometric profile for the user for facilitating the authentication of the user.

Abstract: There is disclosed a method for use in authenticating a user. The method comprises obtaining, by an electronic apparatus, a biometric input from a user comprising a plurality of biometric attributes distinct to the user, wherein the biometric attributes comprise at least one currently active and at least one currently inactive biometric attribute for authentication at an authentication server. Additionally, the method comprises selecting, by the electronic apparatus, the at least one currently active biometric attribute for authenticating the user. Furthermore, the method comprises outputting, by the electronic apparatus, an authentication output including at least one biometric factor based on the at least one selected currently active biometric attribute, wherein the authentication output acts as an authentication input to a user authentication operation performed by the authentication server.

Abstract: A method is used in authenticating a mobile device user. An authentication invocation from a mobile device for access to computer resource is activated. Device unique identifiers and device forensic information are collected. The device unique identifiers and the device unique identifiers are forwarded to a gateway. An OTP is resolved into a unique device identifier using an authentication server. The device identifier is adaptively authenticated using multiple authentication factors.

Abstract: Event-based biometric authentication is provided using a mobile device of a user. A user attempting to access a protected resource is authenticated by receiving a request to access the protected resource; collecting biometric information from the user in response to the request using a mobile device of the user; performing biometric authentication of the user using the collected biometric information; and granting access to the protected resource based on the biometric authentication. The authentication optionally comprises an event-based authentication. The mobile device does not have to contain token generating material.

Abstract: A transponder implanter for implanting an encapsulated transponder in living tissue, including a lancet, the lancet having a sharpened end and an interrupted cross sectional perimeter dimensioned to receive therein the encapsulated transponder. The lancet is connected to a lancet puller supported by a lancet barrel. A biasing member is interposed between the lancet puller and the lancet barrel and controlled by a release operably engagable to the lancet puller and capable of holding the lancet puller in a first position and resisting a biasing force operably applied to the lancet by the biasing member that tends to withdraw the lancet into the barrel. The release is also capable of releasing the puller such that the lancet withdraws into the barrel and a pushrod holds the encapsulated transponder substantially stationary relative to the barrel as the lancet is withdrawn.