Abstract: A compute server of a distributed cloud computing network receives an inference request. The inference request triggers execution of code that is related to an AI application that interacts with the inference request and causes its input to be run through an AI model. Helper code executing on the compute server transmits an inference request to the AI model, where this inference request includes a prompt and one or more function definitions, and where the AI model is executing in the same datacenter as the compute server. The helper code receives a result of the AI model executing the inference request, where it includes structured data for calling a function. The helper code calls the function using the structured data. The helper code receives a response to the called function. The code processes a response to the inference request based at least on the received response to the called function.

Abstract: Methods and apparatuses for automatic determination of a content security policy for a network resource are described. A proxy server receives from a first authenticated client device a first request for a first network resource, retrieves the first network resource and transmits a first response to the first client device that includes a content tracker that causes the client device to report information on additional network resources identified when the first client device interprets the first network resource. A content security policy is determined based on the reported information. The proxy server receives, from a second client device, a second request for the first network resource. The proxy server transmits, to the second client device, a second response that includes the content security policy that is determined based on the information on the additional network resources.

Abstract: A proxy server receives a request from a client network application executing on a client device. The proxy server detects that the request is for a software dependency installation package. The proxy server determines a risk score associated with the software dependency installation package. Based on the risk score associated with the software dependency installation package, the proxy server determines that the software dependency installation package violates a policy. When the software dependency installation package violates the policy, the proxy server blocks the request and stores a log entry in an auditing system including data indicating the blocking of the request.

Abstract: Methods and apparatuses for automatic determination of a content security policy for a network resource are described. A proxy server receives from a first authenticated client device a first request for a first network resource, retrieves the first network resource and transmits a first response to the first client device that includes a content tracker that causes the client device to report information on additional network resources identified when the first client device interprets the first network resource. A content security policy is determined based on the reported information. The proxy server receives, from a second client device, a second request for the first network resource. The proxy server transmits, to the second client device, a second response that includes the content security policy that is determined based on the information on the additional network resources.

Abstract: Methods and apparatuses for automatic determination of a content security policy for a network resource are described. A proxy server receives from a first authenticated client device a first request for a first network resource, retrieves the first network resource and transmits a first response to the first client device that includes a content tracker that causes the client device to report information on additional network resources identified when the first client device interprets the first network resource. A content security policy is determined based on the reported information. The proxy server receives, from a second client device, a second request for the first network resource. The proxy server transmits, to the second client device, a second response that includes the content security policy that is determined based on the information on the additional network resources.

Abstract: Methods and apparatuses for automatic determination of a content security policy for a network resource are described. A proxy server receives from a first authenticated client device a first request for a first network resource, retrieves the first network resource and transmits a first response to the first client device that includes a content tracker that causes the client device to report information on additional network resources identified when the first client device interprets the first network resource. A content security policy is determined based on the reported information. The proxy server receives, from a second client device, a second request for the first network resource. The proxy server transmits, to the second client device, a second response that includes the content security policy that is determined based on the information on the additional network resources.