Abstract: A cloud storage server accesses a plurality of server-stored files of a cloud storage account of a client device. The cloud storage server determines that one or more server-stored files from the plurality of server-stored files are affected by a malware activity. The cloud storage server generates a graphical user interface that includes a detection notification and a confirmation request, the detection notification indicating a detected presence of malware in the one or more server-stored files and metadata corresponding to the one or more server-stored files, the confirmation request indicating a request for the client device to confirm the detected presence of malware in the one or more server-stored files. A confirmation response is received from the client device. The confirmation response identifies at least one of the one or more server-stored files and confirming the presence of malware activity in the identified server-stored files.

Abstract: A cloud storage server receives a detection notification from a client device. The cloud storage server is configured to store files received from the client device. The detection notification indicates a ransomware activity detected by the client device. The cloud storage server receives a remediation notification from the client device. The remediation notification indicates that the ransomware activity has been remediated by the client device. The cloud storage server updates an operation of a server-based ransomware detection application based on the detection notification and the remediation notification.

Abstract: Technologies are described for adaptive selection of user to database mapping. An impact to processing resources by a user of a database managed by the processing resources may be predicted using criteria based on user-database properties such as a number of rows in database, a number of rows in database for the user, a maximum depth of hierarchy for the user, a maximum breadth of hierarchy for the user, applications that have recently accessed the user's data, distribution of quota types in the user's data, a number of shared items in the user's hierarchy, a number of people who share in the user's shared item hierarchy, an application employed by the user to access the data currently, etc. Based on a model for the predicted impact, a behavior change (for any of the criteria) and/or a move of the user to another database may be suggested/automatically implemented.

Abstract: A cloud storage server receives a request from a client device to store a file. The cloud storage server stores the file in a storage device of the cloud storage server. The cloud storage server determines features of the server-stored file and detects ransomware activity based on the features of the server-stored file. The cloud storage server sends a notification of the ransomware activity to the client device. The client device confirms the presence or an absence of the ransomware activity in the server-stored file. The cloud storage server updates an operation of the detection of the ransomware activity based on the received ransomware confirmation.

Abstract: A cloud storage server determines features of files in a storage account of the cloud storage server. The storage account is registered with a client device. The cloud storage server detects ransomware activity based on the features of the files. A notification is generated to the client device. The notification indicates the detected ransomware activity in the storage account, and one or more remediation options for the detected ransomware activity in the storage account. The cloud storage server receives, from the client device, a remediation option selected from the one or more remediation options and recovers one or more files in the storage account based on the selected remediation option.

Abstract: A cloud storage server accesses a plurality of server-stored files of a cloud storage account of a client device. The cloud storage server determines that one or more server-stored files from the plurality of server-stored files are affected by a malware activity. The cloud storage server generates a graphical user interface that includes a detection notification and a confirmation request, the detection notification indicating a detected presence of malware in the one or more server-stored files and metadata corresponding to the one or more server-stored files, the confirmation request indicating a request for the client device to confirm the detected presence of malware in the one or more server-stored files. A confirmation response is received from the client device. The confirmation response identifies at least one of the one or more server-stored files and confirming the presence of malware activity in the identified server-stored files.

Abstract: A cloud storage server receives a request from a client device to store a tile. The cloud storage server stores the file in a storage device of the cloud storage server. The cloud storage server determines features of the server-stored file and detects ransomware activity based on the features of the server-stored file. The cloud storage server sends a notification of the ransomware activity to the client device. The client device confirms the presence or an absence of the ransomware activity in the server-stored file. The cloud storage server updates an operation of the detection of the ransomware activity based on the received ransomware confirmation.

Abstract: A cloud storage server receives a detection notification from a client device. The cloud storage server is configured to store files received from the client device. The detection notification indicates a ransomware activity detected by the client device. The cloud storage server receives a remediation notification from the client device. The remediation notification indicates that the ransomware activity has been remediated by the client device. The cloud storage server updates an operation of a server-based ransomware detection application based on the detection notification and the remediation notification.

Abstract: A cloud storage server determines features of files in a storage account of the cloud storage server. The storage account is registered with a client device. The cloud storage server detects ransomware activity based on the features of the files. A notification is generated to the client device. The notification indicates the detected ransomware activity in the storage account, and one or more remediation options for the detected ransomware activity in the storage account. The cloud storage server receives, from the client device, a remediation option selected from the one or more remediation options and recovers one or more files in the storage account based on the selected remediation option.

Abstract: Technologies are described for adaptive selection of user to database mapping. An impact to processing resources by a user of a database managed by the processing resources may be predicted using criteria based on user-database properties such as a number of rows in database, a number of rows in database for the user, a maximum depth of hierarchy for the user, a maximum breadth of hierarchy for the user, applications that have recently accessed the user's data, distribution of quota types in the user's data, a number of shared items in the user's hierarchy, a number of people who share in the user's shared item hierarchy, an application employed by the user to access the data currently, etc. Based on a model for the predicted impact, a behavior change (for any of the criteria) and/or a move of the user to another database may be suggested/automatically implemented.