Abstract: Zero trust and micro-segmentation techniques may be collectively used to enhance network security. To establish, refine, and enforce a zero-trust least-privileged policy, the network may be segmented to put each device of the network into a respective network of one, which forces all network traffic to pass through a zero-trust gatekeeper. The gatekeeper may then monitor and analyze the traffic to establish, refine, and enforce the zero-trust least-privileged policy, which reduces network access to only a limited set of network actions and/or paths. Using the gatekeeper, network traffic may be monitored to progressively establish the policy as well as to continually refine the policy. Recommended actions may be determined based on the analysis of the monitored network traffic and provided to the user to allow user feedback on the communication rules of zero-trust policy.

Abstract: Zero trust and micro-segmentation techniques may be collectively used to enhance network security. To establish, refine, and enforce a zero-trust least-privileged policy, the network may be segmented to put each device of the network into a respective network of one, which forces all network traffic to pass through a zero-trust gatekeeper. The gatekeeper may then monitor and analyze the traffic to establish, refine, and enforce the zero-trust least-privileged policy, which reduces network access to only a limited set of network actions and/or paths. Using the gatekeeper, network traffic may be monitored to progressively establish the policy as well as to continually refine the policy. Recommended actions may be determined based on the analysis of the monitored network traffic and provided to the user to allow user feedback on the communication rules of zero-trust policy.

Abstract: Zero trust and micro-segmentation techniques may be collectively used to enhance network security. To establish, refine, and enforce a zero-trust least-privileged policy, the network may be segmented to put each device of the network into a respective network of one, which forces all network traffic to pass through a zero-trust gatekeeper. The gatekeeper may then monitor and analyze the traffic to establish, refine, and enforce the zero-trust least-privileged policy, which reduces network access to only a limited set of network actions and/or paths. Using the gatekeeper, network traffic may be monitored to progressively establish the policy as well as to continually refine the policy. Recommended actions may be determined based on the analysis of the monitored network traffic and provided to the user to allow user feedback on the communication rules of zero-trust policy.

Abstract: Zero trust and micro-segmentation techniques may be collectively used to enhance network security. To establish, refine, and enforce a zero-trust least-privileged policy, the network may be segmented to put each device of the network into a respective network of one, which forces all network traffic to pass through a zero-trust gatekeeper. The gatekeeper may then monitor and analyze the traffic to establish, refine, and enforce the zero-trust least-privileged policy, which reduces network access to only a limited set of network actions and/or paths. Using the gatekeeper, network traffic may be monitored to progressively establish the policy as well as to continually refine the policy. Recommended actions may be determined based on the analysis of the monitored network traffic and provided to the user to allow user feedback on the communication rules of zero-trust policy.

Abstract: Zero trust and micro-segmentation techniques may be collectively used to enhance network security. To establish, refine, and enforce a zero-trust least-privileged policy, the network may be segmented to put each device of the network into a respective network of one, which forces all network traffic to pass through a zero-trust gatekeeper. The gatekeeper may then monitor and analyze the traffic to establish, refine, and enforce the zero-trust least-privileged policy, which reduces network access to only a limited set of network actions and/or paths. Using the gatekeeper, network traffic may be monitored to progressively establish the policy as well as to continually refine the policy. Recommended actions may be determined based on the analysis of the monitored network traffic and provided to the user to allow user feedback on the communication rules of zero-trust policy.

Abstract: Zero trust and micro-segmentation techniques may be collectively used to enhance network security. To establish, refine, and enforce a zero-trust least-privileged policy, the network may be segmented to put each device of the network into a respective network of one, which forces all network traffic to pass through a zero-trust gatekeeper. The gatekeeper may then monitor and analyze the traffic to establish, refine, and enforce the zero-trust least-privileged policy, which reduces network access to only a limited set of network actions and/or paths. Using the gatekeeper, network traffic may be monitored to progressively establish the policy as well as to continually refine the policy. Recommended actions may be determined based on the analysis of the monitored network traffic and provided to the user to allow user feedback on the communication rules of zero-trust policy.

Abstract: Zero trust and micro-segmentation techniques may be collectively used to enhance network security. To establish, refine, and enforce a zero-trust least-privileged policy, the network may be segmented to put each device of the network into a respective network of one, which forces all network traffic to pass through a zero-trust gatekeeper. The gatekeeper may then monitor and analyze the traffic to establish, refine, and enforce the zero-trust least-privileged policy, which reduces network access to only a limited set of network actions and/or paths. Using the gatekeeper, network traffic may be monitored to progressively establish the policy as well as to continually refine the policy. Recommended actions may be determined based on the analysis of the monitored network traffic and provided to the user to allow user feedback on the communication rules of zero-trust policy.

Abstract: Zero trust and micro-segmentation techniques may be collectively used to enhance network security. To establish, refine, and enforce a zero-trust least-privileged policy, the network may be segmented to put each device of the network into a respective network of one, which forces all network traffic to pass through a zero-trust gatekeeper. The gatekeeper may then monitor and analyze the traffic to establish, refine, and enforce the zero-trust least-privileged policy, which reduces network access to only a limited set of network actions and/or paths. Using the gatekeeper, network traffic may be monitored to progressively establish the policy as well as to continually refine the policy. Recommended actions may be determined based on the analysis of the monitored network traffic and provided to the user to allow user feedback on the communication rules of zero-trust policy.

Abstract: Zero trust and micro-segmentation techniques may be collectively used to enhance network security. To establish, refine, and enforce a zero-trust least-privileged policy, the network may be segmented to put each device of the network into a respective network of one, which forces all network traffic to pass through a zero-trust gatekeeper. The gatekeeper may then monitor and analyze the traffic to establish, refine, and enforce the zero-trust least-privileged policy, which reduces network access to only a limited set of network actions and/or paths. Using the gatekeeper, network traffic may be monitored to progressively establish the policy as well as to continually refine the policy. Recommended actions may be determined based on the analysis of the monitored network traffic and provided to the user to allow user feedback on the communication rules of zero-trust policy.

Abstract: The current document is directed to an integrated cloud-management facility, or subsystem, that incorporates an automated-application-deployment-facility integrator that incorporates one or more automated-application-deployment facilities into the cloud-management facility. The automated-application-deployment-facility integrator allows users of the cloud-management facility to access one or more automated-application-deployment facilities within the context of the cloud-management facility. The automated-application-deployment-facility integrator provides to system managers and administrators, through the cloud-management facility, a wider range of functionalities and capabilities than is provided by a cloud-management facility that includes only a single automated-application-deployment facility, or subsystem.

Abstract: The current document is directed to automated application-release-management facilities that, in a described implementation, coordinate continuous development and release of cloud-computing applications. The application-release-management process is specified, in the described implementation, by application-release-management pipelines, each pipeline comprising one or more stages, with each stage comprising one or more tasks.

Abstract: An artifact manager generates an abstraction for artifacts and repositories in a deployment platform such that the artifacts may be located uniformly and securely in each deployment environment during the deployment process. The described system includes a release automation platform having a release pipeline which is responsible for deploying build artifacts into multiple deployment environments, testing the build artifacts thoroughly in each environment, and follow organization-specific approval processes to promote the build artifacts to a next deployment environment.

Abstract: The current document is directed to automated application-release-management facilities that, in a described implementation, coordinate continuous development and release of cloud-computing applications. The application-release-management process is specified, in the described implementation, by application-release-management pipelines, each pipeline comprising one or more stages, with each stage comprising one or more tasks. Current application-release-management pipelines are linear, with the stages sequentially ordered within the pipeline. The current document is directed to an automated application-release-management facility that supports branch points within application-release-management pipelines where, as a result of inter-application dependencies, a task within a stage of the first pipeline associated with a first application launches a second pipeline associated with a second application.

Abstract: The current document is directed to an integrated cloud-management facility, or subsystem, that incorporates an automated-application-deployment-facility integrator that incorporates one or more automated-application-deployment facilities into the cloud-management facility. The automated-application-deployment-facility integrator allows users of the cloud-management facility to access one or more automated-application-deployment facilities within the context of the cloud-management facility. The automated-application-deployment-facility integrator provides to system managers and administrators, through the cloud-management facility, a wider range of functionalities and capabilities than is provided by a cloud-management facility that includes only a single automated-application-deployment facility, or subsystem.

Abstract: The current document is directed to an automated-application-release-management subsystem, or facility, that organizes and manages the application-development and application-release processes to allow for continuous application development and release. The current document is particularly directed to implementations in which the automated application-release-management subsystem is highly modularized to provide plug-in compatibility with a large variety of external, third-party subsystems, libraries, and functionalities. This highly plug-in-compatible architecture provides for decreasing dependencies on various subsystems and components of a workflow-based cloud-management system in which the plug-compatible automated application-release-management subsystem is incorporated.

Abstract: The current document is directed to an artifact-management subsystem and interface to the artifact-management subsystem that is, at least in part, implemented by plug-ins to a particular artifact repository. The currently disclosed artifact-management-subsystem interface includes a comprehensive set of search types, using which particular artifacts can be identified and retrieved from various artifact repositories. The search types include search types natively supported by one or more repositories as well as search types implemented by plug-ins to a particular artifact repository, with the plug-ins, in certain cases, accessing additional, remote artifact repositories. Use of plug-in technology provides a path to a comprehensive artifact-management-subsystem interface that does not involve the complexities and problems associated with individually interfacing to a variety of different types of artifact repositories.

Abstract: The current document is directed to automated application-release-management facilities that, in a described implementation, coordinate continuous development and release of cloud-computing applications. The application-release-management process is specified, in the described implementation, by application-release-management pipelines, each pipeline comprising one or more stages, with each stage comprising one or more tasks.

Abstract: An artifact manager generates an abstraction for artifacts and repositories in a deployment platform such that the artifacts may be located uniformly and securely in each deployment environment during the deployment process. The described system includes a release automation platform having a release pipeline which is responsible for deploying build artifacts into multiple deployment environments, testing the build artifacts thoroughly in each environment, and follow organization-specific approval processes to promote the build artifacts to a next deployment environment.

Abstract: The present invention provides dyes, reactive dyes and labeled reagents that may be used in the detection or quantification of desirable target molecules, such as proteins and nucleic acids. Dyes are provided that may be used free in solution where the binding of the dye to the target molecule provides signal generation. Dyes are also provided that comprise reactive groups that may be used to attach the dyes to probes that will bind to desirable target molecules. The novel dyes of the present invention have been modified by the addition of charged and polar groups to provide beneficial properties.

Abstract: The present invention provides dyes, reactive dyes and labeled reagents that may be used in the detection or quantification of desirable target molecules, such as proteins and nucleic acids. Dyes are provided that may be used free in solution where the binding of the dye to the target molecule provides signal generation. Dyes are also provided that comprise reactive groups that may be used to attach the dyes to probes that will bind to desirable target molecules. The novel dyes of the present invention have been modified by the addition of charged and polar groups to provide beneficial properties.