Abstract: Systems, apparatus, articles of manufacture, and methods are disclosed to improve the efficiency of an artificial intelligence-based threat detection model. An example apparatus includes interface circuitry, machine readable instructions, and programmable circuitry to at least one of instantiate or execute the machine readable instructions to: obtain an email address from a group of email addresses to be considered as candidates for adding to the list of non-suspicious email addresses, determine that a domain of the email address is indicative of a non-email service providing entity, determine that the email address has a policy configured for a domain-based message authentication, reporting, and conformance (DMARC) record, add the email address associated to the list of non-suspicious email addresses, and cause the artificial intelligence-based threat detection model to skip an analysis of an email associated with the email address.

Abstract: Systems, apparatus, articles of manufacture, and methods are disclosed to improve the efficiency of an artificial intelligence-based threat detection model. An example apparatus includes interface circuitry, machine readable instructions, and programmable circuitry to at least one of instantiate or execute the machine readable instructions to: obtain an email address from a group of email addresses to be considered as candidates for adding to the list of non-suspicious email addresses, determine that a domain of the email address is indicative of a non-email service providing entity, determine that the email address has a policy configured for a domain-based message authentication, reporting, and conformance (DMARC) record, add the email address associated to the list of non-suspicious email addresses, and cause the artificial intelligence-based threat detection model to skip an analysis of an email associated with the email address.

Abstract: Methods, apparatus, systems, and articles of manufacture are disclosed to securely audit communications. An example apparatus includes a participant list generator to, responsive to a command to provision a secured group of devices in a network to prevent malicious activity, generate a participant device list including one or more endpoint devices and a control plane server; a privilege controller to, based on a policy indicated in the command, set read and write privileges for the one or more endpoint devices and the control plane server; a command controller to, based on the command, determine whether to generate a shared communication key using a shared system key; and a communication processor to encrypt communications between the one or more endpoint devices and the control plane server using the shared communication key.

Abstract: Example apparatus disclosed herein generate blocks of a blockchain, the blockchain to store a neural network that has input nodes, hidden nodes and output nodes, with respective ones of the blocks of the blockchain including respective code and respective data to represent corresponding ones of the output nodes of the neural network, a first one of the blocks including first code and first data to implement operations to be performed by a first one of the output nodes, the hidden nodes and the input nodes on input data applied to the neural network to determine an output of the first one of the output nodes. Disclosed example apparatus also train the neural network to determine at least portions of the respective data to include in the respective ones of the blocks of the blockchain, and forward the blockchain to a server that is to distribute the neural network to client(s).

Abstract: Mechanisms for split tunneling are provided. The mechanisms identify user devices and determine that communications for a first device of the user devices are to be tunneled. These mechanisms also receive a DNS request from a second device of the user devices, modify the DNS request to request meta information corresponding to a domain identified in the DNS request, and send the DNS request to a DNS server. The mechanisms further receive a response to the DNS request, wherein the response includes the meta information, determine that communications for the second device are not to be tunneled based at least in part on the meta information, and cause the communications for the first device to be tunneled and the communications for the second device to not be tunneled.

Abstract: Example data leakage detection apparatus disclosed herein include a fingerprinter to generate a first data fingerprint of a first data item accessed from a data source. Disclosed example data leakage detection apparatus also include a blockchain scanner to scan a blockchain to detect whether a first blockchain record includes a second data fingerprint that matches the first data fingerprint of the first data item. Disclosed example data leakage detection apparatus further include a blockchain writer to write a second blockchain record to the blockchain when the second data fingerprint matches the first data fingerprint, the second blockchain record to indicate the first data item is associated with a data leak of a protected data item represented by the second data fingerprint. In some examples, the second blockchain record is to include the first data fingerprint and a first timestamp.

Abstract: Methods, apparatus, systems, and articles of manufacture are disclosed to securely audit communications. An example apparatus includes a participant list generator to, responsive to a command to provision a secured group of devices in a network to prevent malicious activity, generate a participant device list including one or more endpoint devices and a control plane server; a privilege controller to, based on a policy indicated in the command, set read and write privileges for the one or more endpoint devices and the control plane server; a command controller to, based on the command, determine whether to generate a shared communication key using a shared system key; and a communication processor to encrypt communications between the one or more endpoint devices and the control plane server using the shared communication key.

Abstract: Example apparatus disclosed herein generate blocks of a blockchain, the blockchain to store a neural network that has input nodes, hidden nodes and output nodes, with respective ones of the blocks of the blockchain including respective code and respective data to represent corresponding ones of the output nodes of the neural network, a first one of the blocks including first code and first data to implement operations to be performed by a first one of the output nodes, the hidden nodes and the input nodes on input data applied to the neural network to determine an output of the first one of the output nodes. Disclosed example apparatus also train the neural network to determine at least portions of the respective data to include in the respective ones of the blocks of the blockchain, and forward the blockchain to a server that is to distribute the neural network to client(s).

Abstract: Mechanisms for split tunneling are provided, the method comprising: identifying a plurality of user devices; determining that communications for a first device of the plurality of user devices are to be tunneled; receiving a DNS request from a second device of the plurality of user devices; modifying the DNS request to request meta information corresponding to a domain identified in the DNS request; sending the DNS request to a DNS server using the hardware processor; receiving a response to the DNS request including the meta information; determining that communications for the second device are not to be tunneled based at least in part based on the meta information; and causing the communication for the first device to be tunneled and the communications for the second device to not be tunneled.