Abstract: An application or device is authenticated using secure application data validation. A server computer receives an authentication request comprising an application identifier or a user device identifier associated with a user device, the authentication request originating from the user device. The server computer receives a set of behavioral data associated with the application or the user device. Responsive to receiving the application identifier or device identifier, the server computer obtains a fuzzy vault associated with the application identifier or the user device identifier. The server computer determines a reconstructed key value using the fuzzy vault and the set of behavioral data. The application or the user device is authenticated using the reconstructed key value.

Abstract: Embodiments provide for maliciousness scores to be determined for IP addresses and/or network domains. For example, a request to evaluate malicious activity with respect to an IP address/network domain may be received. Multiple, and in some cases disparate, third-party systems may provide malicious activity information associated with the IP address and/or network domain. A feature set may be extracted from the malicious activity information and statistical values may be calculated from the extracted data and added to the feature set. The features set may be provided to a machine learning model as input and a maliciousness score/classification may be returned. A remedial action may be performed in accordance with the output of the machine learning model.