Abstract: Provided herein are systems and methods for classifying content to prevent data breach or exfiltration. An entity engine may receive content for classification into a content type for preventing data breach or exfiltration. The entity engine may determine that secondary data, defined by an operand of an entity definition, is present in the content. Each entity definition may correspond to one content type and may include a Boolean expression of operands. Each operand may include a matching element to be used for matching against content undergoing classification into one of the content types, upon secondary data defined by the operand being present in the content. The entity engine may classify the content into a content type of the content types, corresponding to the entity definition, based on matching the matching element of the operand to the content, and matching other operands of the entity definition to the content.

Abstract: Provided herein are systems and methods for defining and securely sharing objects for use in preventing data breach or exfiltration. Memory may be configured to store a plurality of objects for use in preventing data breach or exfiltration. A validation engine can validate the objects, incorporate into each object an object identifier and a signature, and generate a subset of the objects for use by a first user. The validation engine can store, in the memory, the plurality of objects as a superset of objects corresponding to the generated subset. An evaluation engine may, responsive to identifying that one or more object identifiers and signatures in a received set of objects belong to the subset corresponding to the stored superset, verify whether any object in the received set has been tampered with.

Abstract: Provided herein are systems and methods for defining and securely sharing objects for use in preventing data breach or exfiltration. Memory may be configured to store a plurality of objects for use in preventing data breach or exfiltration. A validation engine can validate the objects, incorporate into each object an object identifier and a signature, and generate a subset of the objects for use by a first user. The validation engine can store, in the memory, the plurality of objects as a superset of objects corresponding to the generated subset. An evaluation engine may, responsive to identifying that one or more object identifiers and signatures in a received set of objects belong to the subset corresponding to the stored superset, verify whether any object in the received set has been tampered with.

Abstract: Provided herein are systems and methods for defining and securely sharing objects for use in preventing data breach or exfiltration. Memory may be configured to store a plurality of objects for use in preventing data breach or exfiltration. A validation engine can validate the objects, incorporate into each object an object identifier and a signature, and generate a subset of the objects for use by a first user. The validation engine can store, in the memory, the plurality of objects as a superset of objects corresponding to the generated subset. An evaluation engine may, responsive to identifying that one or more object identifiers and signatures in a received set of objects belong to the subset corresponding to the stored superset, verify whether any object in the received set has been tampered with.

Abstract: Provided herein are systems and methods for defining and securely sharing objects for use in preventing data breach or exfiltration. Memory may be configured to store a plurality of objects for use in preventing data breach or exfiltration. A validation engine can validate the objects, incorporate into each object an object identifier and a signature, and generate a subset of the objects for use by a first user. The validation engine can store, in the memory, the plurality of objects as a superset of objects corresponding to the generated subset. An evaluation engine may, responsive to identifying that one or more object identifiers and signatures in a received set of objects belong to the subset corresponding to the stored superset, verify whether any object in the received set has been tampered with.

Abstract: Provided herein are systems and methods for classifying content to prevent data breach or exfiltration. An entity engine may receive content for classification into a content type for preventing data breach or exfiltration. The entity engine may determine that secondary data, defined by an operand of an entity definition, is present in the content. Each entity definition may correspond to one content type and may include a Boolean expression of operands. Each operand may include a matching element to be used for matching against content undergoing classification into one of the content types, upon secondary data defined by the operand being present in the content. The entity engine may classify the content into a content type of the content types, corresponding to the entity definition, based on matching the matching element of the operand to the content, and matching other operands of the entity definition to the content.

Abstract: A policy is established comprising a condition having a multiphase attribute of a multiphase transaction. Phase specific policies are established for each phase in which the multiphase attribute may become known. The multiphase transaction is evaluated according to the phase specific policies at each phase of the multiphase transaction in which the multiphase attribute may become known until a policy decision of the policy is determined.

Abstract: Traffic control techniques are provided for intercepting an initial message in a handshaking procedure for a secure communication between a first device and a second device at a proxy device. Identification information associated with the second device is extracted from the initial message. A policy is applied to communications between the first device and second device based on the identification information.

Abstract: A policy is established comprising a condition having a multiphase attribute of a multiphase transaction. Phase specific policies are established for each phase in which the multiphase attribute may become known. The multiphase transaction is evaluated according to the phase specific policies at each phase of the multiphase transaction in which the multiphase attribute may become known until a policy decision of the policy is determined.

Abstract: A policy is established comprising a condition having a multiphase attribute of a multiphase transaction. Phase specific policies are established for each phase in which the multiphase attribute may become known. The multiphase transaction is evaluated according to the phase specific policies at each phase of the multiphase transaction in which the multiphase attribute may become known until a policy decision of the policy is determined.

Abstract: A policy is established comprising a condition having a multiphase attribute of a multiphase transaction. Phase specific policies are established for each phase in which the multiphase attribute may become known. The multiphase transaction is evaluated according to the phase specific policies at each phase of the multiphase transaction in which the multiphase attribute may become known until a policy decision of the policy is determined.

Abstract: Traffic control techniques are provided for intercepting an initial message in a handshaking procedure for a secure communication between a first device and a second device at a proxy device. Identification information associated with the second device is extracted from the initial message. A policy is applied to communications between the first device and second device based on the identification information.