Abstract: Systems and methods for ransomware protection in collaboration systems. One embodiment operates in conjunction with a collaboration system that manages one or more user devices that store device-local copies of content objects in storage areas of the one or more user devices. The collaboration system is accessed by the one or more user devices to facilitate collaboration activity over the content objects. Patterns of collaboration activity are classified, and in some cases, such patterns are deemed to be indicative of ransomware. If ransomware is indicated to be running on a user device, the collaboration system is notified that a ransomware process has been detected on the user device. The collaboration system delivers a prevention policy to other user devices that interface with the collaboration system. The prevention policy is in turn enforced by the other user devices to prevent synchronization of content object changes made by the ransomware.

Abstract: Systems and methods for ransomware protection in collaboration systems. One embodiment operates in conjunction with a collaboration system that manages one or more user devices that store device-local copies of content objects in storage areas of the one or more user devices. The collaboration system is accessed by the one or more user devices to facilitate collaboration activity over the content objects. Patterns of collaboration activity are classified, and in some cases, such patterns are deemed to be indicative of ransomware. If ransomware is indicated to be running on a user device, the collaboration system is notified that a ransomware process has been detected on the user device. The collaboration system delivers a prevention policy to other user devices that interface with the collaboration system. The prevention policy is in turn enforced by the other user devices to prevent synchronization of content object changes made by the ransomware.

Abstract: The invention disclosed herein enables a collection of computers and associated communications infrastructure to offer a new communications process which allows a requestor to receive configuration information of a computational device from a responder. The requestor first sends query documents that contain queries for configuration information of a computational device to the responder; the responder automatically collects the answers for the queries and sends a response document that contains the configuration information of the computational device to the requestor. The queries are written in a formal descriptive language which is transparent, safe for network evaluation, and extensible, and the configuration reader of the responder can parse the queries and automatically invoke a set of standard inspectors to obtain the corresponding configuration information.

Abstract: A console for an enterprise suite is disclosed. The enterprise suite addresses the increasingly complex problem of keeping critical systems updated, compatible, and free of security holes. It uses Fixlet® technology to identify vulnerable computers on the network and then allows authorized personnel to correct problems across any subset of the network with a few simple mouse-clicks. The enterprise suite helps keep the networked computers updated and properly patched, all from a central console which, along with supporting architectural enhancements, is the subject matter of this document. The invention allows rolling out a security patch in minutes instead of months, thus allowing an administrator to stay ahead of potential hacker attacks. The invention also makes it possible to track the progress of each computer as updates are applied, thus making it simple to gauge the level of compliance across the entire enterprise.