Abstract: A method, of ranking a computerized-device within a taxonomy of components included as parts of a computer network, may include: providing a survey of services loaded on the computerized-device, the survey including identifications (IDs) of a plurality of service classes that can be loaded on the computerized-device, indications of whether at least one instance is present of the identified service classes, respectively, and weighting values associated with the identified service classes, respectively; and determining a rank of the computerized device based upon an average of the associated weighting values for ones of the identified service classes having at least one instance thereof present.

Abstract: A machine-actionable memory may include: one or more machine-actionable records arranged according to a data structure, the data structure including links that respectively map between at least one R_ID field, the contents of which denote an identification (ID) of a remediation (R_ID); and at least one POL_ID field, the contents of which denotes an ID of at least one policy (POL_ID), the at-least-one policy respectively defining a condition satisfaction of which is potentially indicative of unauthorized activity or manipulation of the device.

Abstract: A method, of automatically determining one or more remediations for a device that includes a processor, may include: receiving values of a plurality of parameters which collectively characterize an operational state of the device, there being at least one policy associated with at least a given one of the plurality of parameters, policy defining as a condition thereof one or more potential values of, or based upon, the given parameter, satisfaction of the condition potentially being indicative of unauthorized activity or manipulation of the device; automatically determining, from the received parameter values, whether the conditions for any policies are satisfied, respectively; and automatically selecting one or more remediations for the device according to the satisfied policies, respectively.

Abstract: A method, of establishing secure communication, may include: generating a first symmetric key; encrypting at least the first symmetric key according to a public key; sending a first message that includes at least the encrypted first symmetric key to a communication counterpart using a connectionless protocol; and receiving, as part of a connection-oriented-protocol first session, a second message that includes an acknowledgement encrypted via the first symmetric key. A counterpart method may include: receiving and decrypting the first message according to the corresponding private key; and encrypting and then sending the second message. Another such method may include: encrypting a chunk of information according to a first symmetric key, the first symmetric key having been used in a previous and now-stopped connection-oriented session with a communication counterpart; and sending to a communication counterpart a first message whose payload at least in part the encrypted chunk of information.

Abstract: A method, of establishing secure communication, may include: generating a first symmetric key; encrypting at least the first symmetric key according to a public key; sending a first message that includes at least the encrypted first symmetric key to a communication counterpart using a connectionless protocol; and receiving, as part of a connection-oriented-protocol first session, a second message that includes an acknowledgement encrypted via the first symmetric key. A counterpart method may include: receiving and decrypting the first message according to the corresponding private key; and encrypting and then sending the second message. Another such method may include: encrypting a chunk of information according to a first symmetric key, the first symmetric key having been used in a previous and now-stopped connection-oriented session with a communication counterpart; and sending to a communication counterpart a first message whose payload at least in part the encrypted chunk of information.