Abstract: Techniques for detecting anomalies in a distributed application based on process data are provided. This process data can include, e.g., the hierarchy (i.e., tree) of processes created and run by the application, the file system operations performed by each process, the network access operations performed by each process.

Abstract: Systems and methods for integrating a sequence of 2D-images of an object into a synthetic 3D-scene. A sequence of 2D-images of a target object is captured using a smart device such as a smartphone. The object is extracted from the image sequence, and converted into a corresponding sequence of flat-surfaced 3D-renderable objects that are placed in a synthetic 3D-scene. Movement and orientation of the smart device are captured and translated into corresponding viewing points in the 3D-scene, in which the viewing points are then used to 3D render the 3D-scene, together with the flat-surfaced 3D-renderable objects now embedded therewith, into a video sequence showing the target object as an integral part of the 3D-scene. Other effects such as lighting, shadowing and reflections are rendered in conjunction with the flat-surfaced 3D-renderable objects so as to further enhance an illusion that the target object is an integral part of the 3D-scene.

Abstract: A method of detecting at runtime, vulnerabilities of container images used by a plurality of containers, includes the steps of: transmitting a request, to an interface to one or more container runtimes, for a list of container images; in response to receiving the list of container images from the interface, generating a list of software packages of a container image that is listed; and transmitting, via a gateway, the list of software packages to a vulnerability detection service for the vulnerability detection service to detect a vulnerability of at least one of the software packages.

Abstract: Techniques for detecting anomalies in a distributed application based on process data are provided. This process data can include, e.g., the hierarchy (i.e., tree) of processes created and run by the application, the file system operations performed by each process, the network access operations performed by each process.

Abstract: Anomalies are detected in a distributed application that runs on a plurality of nodes to execute at least first and second workloads. The method of detecting anomalies includes collecting first network traffic data of the first workload and second network traffic data of the second workload during a first period of execution of the first and second workloads, collecting third network traffic data of the first workload and fourth network traffic data of the second workload during a second period of execution of the first and second workloads, and detecting an anomaly in the distributed application based on a comparison of the third network traffic data against the first network traffic data or a comparison of the fourth network traffic data against the second network traffic data. Anomalies may also be detected by comparing network traffic data of two groups of containers executing the same workload.

Abstract: Anomalies are detected in a distributed application that runs on a plurality of nodes to execute at least first and second workloads. The method of detecting anomalies includes collecting first network traffic data of the first workload and second network traffic data of the second workload during a first period of execution of the first and second workloads, collecting third network traffic data of the first workload and fourth network traffic data of the second workload during a second period of execution of the first and second workloads, and detecting an anomaly in the distributed application based on a comparison of the third network traffic data against the first network traffic data or a comparison of the fourth network traffic data against the second network traffic data. Anomalies may also be detected by comparing network traffic data of two groups of containers executing the same workload.

Abstract: Anomalies are detected in a distributed application that runs on a plurality of nodes to execute at least first and second workloads. The method of detecting anomalies includes collecting first network traffic data of the first workload and second network traffic data of the second workload during a first period of execution of the first and second workloads, collecting third network traffic data of the first workload and fourth network traffic data of the second workload during a second period of execution of the first and second workloads, and detecting an anomaly in the distributed application based on a comparison of the third network traffic data against the first network traffic data or a comparison of the fourth network traffic data against the second network traffic data. Anomalies may also be detected by comparing network traffic data of two groups of containers executing the same workload.

Abstract: Anomalies are detected in a distributed application that runs on a plurality of nodes to execute at least first and second workloads. The method of detecting anomalies includes collecting first network traffic data of the first workload and second network traffic data of the second workload during a first period of execution of the first and second workloads, collecting third network traffic data of the first workload and fourth network traffic data of the second workload during a second period of execution of the first and second workloads, and detecting an anomaly in the distributed application based on a comparison of the third network traffic data against the first network traffic data or a comparison of the fourth network traffic data against the second network traffic data. Anomalies may also be detected by comparing network traffic data of two groups of containers executing the same workload.

Abstract: Anomalies are detected in a distributed application that runs on a plurality of nodes to execute at least first and second workloads. The method of detecting anomalies includes collecting first network traffic data of the first workload and second network traffic data of the second workload during a first period of execution of the first and second workloads, collecting third network traffic data of the first workload and fourth network traffic data of the second workload during a second period of execution of the first and second workloads, and detecting an anomaly in the distributed application based on a comparison of the third network traffic data against the first network traffic data or a comparison of the fourth network traffic data against the second network traffic data. Anomalies may also be detected by comparing network traffic data of two groups of containers executing the same workload.

Abstract: Anomalies are detected in a distributed application that runs on a plurality of nodes to execute at least first and second workloads. The method of detecting anomalies includes collecting first network traffic data of the first workload and second network traffic data of the second workload during a first period of execution of the first and second workloads, collecting third network traffic data of the first workload and fourth network traffic data of the second workload during a second period of execution of the first and second workloads, and detecting an anomaly in the distributed application based on a comparison of the third network traffic data against the first network traffic data or a comparison of the fourth network traffic data against the second network traffic data. Anomalies may also be detected by comparing network traffic data of two groups of containers executing the same workload.

Abstract: A system which includes at least one host, wherein the host is configured to implement at least one container group including a first container, a data communication module, an interface, and a malicious detection module, wherein the data communication module is configured to collect data based on data communication of the container group, and transmit collected data, or data representative thereof, to the interface, the interface being configured to transmit collected data, or data representative thereof, to the malicious detection module, for detecting malicious data.

Abstract: Anomalies are detected in a distributed application that runs on a plurality of nodes to execute at least first and second workloads. The method of detecting anomalies includes collecting first network traffic data of the first workload and second network traffic data of the second workload during a first period of execution of the first and second workloads, collecting third network traffic data of the first workload and fourth network traffic data of the second workload during a second period of execution of the first and second workloads, and detecting an anomaly in the distributed application based on a comparison of the third network traffic data against the first network traffic data or a comparison of the fourth network traffic data against the second network traffic data. Anomalies may also be detected by comparing network traffic data of two groups of containers executing the same workload.

Abstract: A system which includes at least one host, wherein the host is configured to implement at least one container group including a first container, a data communication module, an interface, and a malicious detection module, wherein the data communication module is configured to collect data based on data communication of the container group, and transmit collected data, or data representative thereof, to the interface, the interface being configured to transmit collected data, or data representative thereof, to the malicious detection module, for detecting malicious data.

Abstract: A method for service level agreement allocation of permanent storage layer resources of a storage system, the method may include monitoring, by a control layer of the storage system, actual performances of the storage system that are related to multiple logical volumes; calculating actual-to-required relationships between the actual performances and service level agreement defined performances of the multiple logical volumes; allocating, for different logical volumes of the multiple logical volumes, allowable amounts of pending access requests; wherein the allocating is based on, at least, the actual-to-required relationships; receiving, by the control layer, received access requests aimed to one or more logical volumes of the logical volumes; and sending to the permanent storage layer requests to serve at least some of the received access requests, based on the allowable amounts of pending access requests.

Abstract: A method for service level agreement (SLA) allocation of resources of a cache memory of a storage system, the method may include monitoring, by a control layer of the storage system, actual performances of the storage system that are related to multiple logical volumes; calculating actual-to-required relationships between the actual performances and SLA defined performances of the multiple logical volumes; assigning caching priorities, to different logical volumes of the multiple logical volumes; wherein the assigning is based on, at least, the actual-to-required relationships; and managing, based on at least the caching priorities, a pre-cache memory module that is upstream to the cache module and is configured to store write requests that (i) are associated with one or more logical volumes of the different logical volumes and (ii) are received by the pre-cache memory module at points in time when the cache memory is full; wherein the managing comprises transferring one or more write requests from the pre-ca

Abstract: Embodiments of the invention relate to storage systems, and for recording event records into a log. Different statistics may be tallied from the log, with the different statistics generating different statistical measurements. The aspect of processing of I/O and preparation of statistical measurements are separated, thereby enabling data structures and algorithms which would not be considered feasible for use as part of I/O processing, because they may compromise the performance or other essential characteristic of I/O processing, to be employed.

Abstract: A method for data storage includes defining a host cluster within a group of host computers, which access a storage system that includes multiple logical volumes. The host cluster includes two or more of the host computers. Responsively to a single mapping instruction, each of the host computers in the host cluster is mapped to access the logical volumes in the set. In another disclosed method, a single control instruction, which specifies the host cluster and a configuration operation to be applied to the host computers in the host cluster, is accepted. Responsively to the single control instruction, the configuration operation is applied to each of the host computers in the host cluster. The configuration operation may comprise assigning a specified level of service to each host computer in one of the first subset of the host computers and the second subset of the host computers.

Abstract: A method includes computing, in a local storage system having a local volume with a plurality of local regions, respective local checksum signatures over the local regions, and computing, in a remote storage system having a remote volume with remote regions in a one-to-one correspondence with the local regions, respective remote checksum signatures over the remote regions. A given remote region is identified, the given remote region having a given remote signature and a corresponding local region with a given local signature that does not match the given remote signature. The data in the given remote region is then replaced with data from the corresponding local region.

Abstract: A method for data storage includes defining a host cluster within a group of host computers, which access a storage system that includes multiple logical volumes. The host cluster includes two or more of the host computers. Responsively to a single mapping instruction, each of the host computers in the host cluster is mapped to access the logical volumes in the set. In another disclosed method, a single control instruction, which specifies the host cluster and a configuration operation to be applied to the host computers in the host cluster, is accepted. Responsively to the single control instruction, the configuration operation is applied to each of the host computers in the host cluster. The configuration operation may comprise assigning a specified level of service to each host computer in one of the first subset of the host computers and the second subset of the host computers.

Abstract: Disclosed is a data processing and/or storage system. The data processing and/or storage system includes at least two interfaces, wherein each of the at least two interfaces includes a non-dedicated communication port for communicating data to and form external data systems or clients based on a rule base.