Abstract: Managing client access token requests is provided. It is determined whether a current time interval between a last allowed access token request matches a regular access token request interval for a client. In response to determining that the current time interval does match the regular access token request interval for the client, a current access token request is allowed. An access token is generated for the client to access a protected resource hosted by a resource server based on allowing the current access token request. The access token is issued to the client via a network.

Abstract: A processor may receive a packet configured to travel in a network. The packet may be configured to travel from a first device to a second device. The processor may analyze the packet. The processor may detect a password with the packet. The processor may determine whether the detected password complies with at least one password policy. The processor may provide a password policy compliance output to a user. The password policy compliance output may indicate to the user whether the detected password complies with the at least one password policy.

Abstract: Managing client access token requests is provided. It is determined whether a current time interval between a last allowed access token request matches a regular access token request interval for a client. In response to determining that the current time interval does match the regular access token request interval for the client, a current access token request is allowed. An access token is generated for the client to access a protected resource hosted by a resource server based on allowing the current access token request. The access token is issued to the client via a network.

Abstract: A technique to identify and distinguish flow sessions begins by capturing a flow record indicating an initiation of a network flow. A unique session identifier associated with the captured flow record is computed by applying a given function over data comprising a set of information (e.g., a tuple) captured in the flow record, together with a time value associated with collection interval having a start time. The given function may be a hash function. The unique session identifier is associated with one or more additional network flows captured during the collection interval, e.g., from another network flow device that computes the same identifier for at least a second flow record captured during the collection interval. In one embodiment, the flow records are captured by distinct data collectors and comprise portions of a same flow session. The distinct data collectors may utilize the same or different flow record types or protocols.

Abstract: A processor may receive a packet configured to travel in a network. The packet may be configured to travel from a first device to a second device. The processor may analyze the packet. The processor may detect a password with the packet. The processor may determine whether the detected password complies with at least one password policy. The processor may provide a password policy compliance output to a user. The password policy compliance output may indicate to the user whether the detected password complies with the at least one password policy.

Abstract: A technique to identify and distinguish flow sessions begins by capturing a flow record indicating an initiation of a network flow. A unique session identifier associated with the captured flow record is computed by applying a given function over data comprising a set of information (e.g., a tuple) captured in the flow record, together with a time value associated with collection interval having a start time. The given function may be a hash function. The unique session identifier is associated with one or more additional network flows captured during the collection interval, e.g., from another network flow device that computes the same identifier for at least a second flow record captured during the collection interval. In one embodiment, the flow records are captured by distinct data collectors and comprise portions of a same flow session. The distinct data collectors may utilize the same or different flow record types or protocols.

Abstract: A method, apparatus and computer program to protect an application in an underlying multiprocessor computing system, e.g., one in which a processor has local memory available but can access memory assigned to other processors. In operation, a set of hardware characteristics for the underlying computing system are extracted. These characteristics preferably comprise processing power, available memory, and a topology. For each hardware characteristic, an operating limit for that characteristic is determined based at least in part on a baseline value that is determined for the application with respect to the hardware characteristic. Based on the operating limit determined for each hardware characteristic, a recommended limit for a system feature (e.g., network traffic) of the underlying computing system is computed. Thereafter, and during runtime execution of the application, the recommended limit is then enforced, e.g.

Abstract: A method, apparatus and computer program to protect an application in an underlying multiprocessor computing system, e.g., one in which a processor has local memory available but can access memory assigned to other processors. In operation, a set of hardware characteristics for the underlying computing system are extracted. These characteristics preferably comprise processing power, available memory, and a topology. For each hardware characteristic, an operating limit for that characteristic is determined based at least in part on a baseline value that is determined for the application with respect to the hardware characteristic. Based on the operating limit determined for each hardware characteristic, a recommended limit for a system feature (e.g., network traffic) of the underlying computing system is computed. Thereafter, and during runtime execution of the application, the recommended limit is then enforced, e.g.