Abstract: A system for collection and analysis of forensic and event data comprising a server and an endpoint agent operating on a remote system. The server is configured to receive event data including process creation data, persistent process data, thread injection data, network connection data, memory pattern data, or any combination thereof, and analyze the event data to detect compromises of a remote system. The endpoint agent is configured to acquire event data, and communicate the event data to the server.

Abstract: A system for collection and analysis of forensic and event data comprising a server and an endpoint agent operating on a remote system. The server is configured to receive event data including process creation data, persistent process data, thread injection data, network connection data, memory pattern data, or any combination thereof, and analyze the event data to detect compromises of a remote system. The endpoint agent is configured to acquire event data, and communicate the event data to the server.

Abstract: A system for collection and analysis of forensic and event data comprising a server and an endpoint agent operating on a remote system. The server is configured to receive event data including process creation data, persistent process data, thread injection data, network connection data, memory pattern data, or any combination thereof, and analyze the event data to detect compromises of a remote system. The endpoint agent is configured to acquire event data, and communicate the event data to the server.

Abstract: A system for collection and analysis of forensic and event data comprising a server and an endpoint agent operating on a remote system. The server is configured to receive event data including process creation data, persistent process data, thread injection data, network connection data, memory pattern data, or any combination thereof, and analyze the event data to detect compromises of a remote system. The endpoint agent is configured to acquire event data, and communicate the event data to the server.

Abstract: A system for collection and analysis of forensic and event data comprising a server and an endpoint agent operating on a remote system. The server is configured to receive event data including process creation data, persistent process data, thread injection data, network connection data, memory pattern data, or any combination thereof, and analyze the event data to detect compromises of a remote system. The endpoint agent is configured to acquire event data, and communicate the event data to the server.

Abstract: A system for collection and analysis of forensic and event data comprising a server and an endpoint agent operating on a remote system. The server is configured to receive event data including process creation data, persistent process data, thread injection data, network connection data, memory pattern data, or any combination thereof, and analyze the event data to detect compromises of a remote system. The endpoint agent is configured to acquire event data, and communicate the event data to the server.

Abstract: A system for collection and analysis of forensic and event data comprising a server and an endpoint agent operating on a remote system. The server is configured to receive event data including process creation data, persistent process data, thread injection data, network connection data, memory pattern data, or any combination thereof, and analyze the event data to detect compromises of a remote system. The endpoint agent is configured to acquire event data, and communicate the event data to the server.

Abstract: A system for collection and analysis of forensic and event data comprising a server and an endpoint agent operating on a remote system. The server is configured to receive event data including process creation data, persistent process data, thread injection data, network connection data, memory pattern data, or any combination thereof, and analyze the event data to detect compromises of a remote system. The endpoint agent is configured to acquire event data, and communicate the event data to the server.

Abstract: A system for collection and analysis of forensic and event data comprising a server and an endpoint agent operating on a remote system. The server is configured to receive event data including process creation data, persistent process data, thread injection data, network connection data, memory pattern data, or any combination thereof, and analyze the event data to detect compromises of a remote system. The endpoint agent is configured to acquire event data, and communicate the event data to the server.

Abstract: A system for collection and analysis of forensic and event data comprising a server and an endpoint agent operating on a remote system. The server is configured to receive event data including process creation data, persistent process data, thread injection data, network connection data, memory pattern data, or any combination thereof, and analyze the event data to detect compromises of a remote system. The endpoint agent is configured to acquire event data, and communicate the event data to the server.

Abstract: A system for collection and analysis of forensic and event data comprising a server and an endpoint agent operating on a remote system. The server is configured to receive event data including process creation data, persistent process data, thread injection data, network connection data, memory pattern data, or any combination thereof, and analyze the event data to detect compromises of a remote system. The endpoint agent is configured to acquire event data, and communicate the event data to the server.

Abstract: A system for collection and analysis of forensic and event data comprising a server and an endpoint agent operating on a remote system. The server is configured to receive event data including process creation data, persistent process data, thread injection data, network connection data, memory pattern data, or any combination thereof, and analyze the event data to detect compromises of a remote system. The endpoint agent is configured to acquire event data, and communicate the event data to the server.

Abstract: A system and method is provided for publication and discovery of the presence of nearby users on a network. When the system is enabled, the presence of the local user is published on the network. Nearby users that also have a similar system enabled can discover the local user's presence on the network. Furthermore, the local user may discovery the presence of the other nearby users that are currently publishing their presence on the network.

Abstract: A system and method is provided for publication and discovery of the presence of nearby users on a network. When the system is enabled, the presence of the local user is published on the network. Nearby users that also have a similar system enabled can discover the local user's presence on the network. Furthermore, the local user may discovery the presence of the other nearby users that are currently publishing their presence on the network.

Abstract: A system and method is provided for synchronizing a file system with presence information on a network. Presence information is discovered for nearby users on the network. Data corresponding to the nearby users, such as a display name and sharing address, are stored in the file system. The data is synchronized either in a folder corresponding to nearby users, or is synchronized in a general contacts folder that is enhanced by the presence information. As people move in and out of the network, the entries in the file system are updated.

Abstract: Described is a technology (e.g., in Windows® Presentation Foundation) by which user interface elements are reconfigured into a new configuration, with at least some of the elements transitioned from between configurations in an animated manner. To animate, elements have interim data computed therefor between the first configuration and the new configuration over a series of frames. As frames are rendered, the interim layout data provides an animation effect, which may be movement via interim coordinates, resizing via interim size data, and fading in or out via interim opacity data. The layout system may defer computationally expensive layout operations until the elements are in the second configuration. If an element's size is not at least a minimum, that element's visualization may be changed. If an element's content does not fit, a priority among pieces of the content may determine which piece or pieces will be shown.

Abstract: A system and method is provided for a user interface directed to publication and discovery of the presence of users on a network. A sidebar tile is provided that peripherally and unobtrusively displays the presence information of nearby users on the network. The sidebar tile is also used to notify a local user that their information is also being published on the network. The sidebar tile provides options for selecting to change, enable, or disable the presence discovery service.

Abstract: A messaging system is provided whereby a message indicative of an invitation to collaboratively execute an application can be sent from one of the computing object to an intermediary system whereby the message is multicast to the other ones of the plurality of computing objects. The invitation message can be accepted by the other computing objects to cause the first object to launch the corresponding application. The other computing objects also launch versions of the application and exchange addressing information with the first application so that a multiparty application execution can be established.

Abstract: A system and method is provided for confirmation of the identity of a contact on the network. A notification that a nearby user is present on a network is signed with a private key associated with the nearby user. The private key is also associated with a public key. A local user that has the nearby user's public key can verify the signature on the notification and confirm that the nearby user is the source of the notification. The verification of identity of the nearby user allows rich content previously stored for the nearby user to be displayed along with the nearby user's presence information.

Abstract: Described is a technology (e.g., in Windows® Presentation Foundation) by which user interface elements are reconfigured into a new configuration, with at least some of the elements transitioned from between configurations in an animated manner. To animate, elements have interim data computed therefor between the first configuration and the new configuration over a series of frames. As frames are rendered, the interim layout data provides an animation effect, which may be movement via interim coordinates, resizing via interim size data, and fading in or out via interim opacity data. The layout system may defer computationally expensive layout operations until the elements are in the second configuration. If an element's size is not at least a minimum, that element's visualization may be changed. If an element's content does not fit, a priority among pieces of the content may determine which piece or pieces will be shown.