Abstract: A network gateway interrogates a plurality of network devices to collect security state data and operational state data on a periodic basis. A vulnerability resolution module to automatically uploads a security report and downloads actions (e.g., updates to operating system, configurations or policies) from a cloud vulnerability server corresponding to resolution of the vulnerabilities. A security remediation module can remediate on the network device for protection against at least the specific vulnerability of the at least one the peripheral.

Abstract: A network gateway interrogates a plurality of network devices to collect security state data and operational state data on a periodic basis. A vulnerability resolution module to automatically uploads a security report and downloads actions (e.g., updates to operating system, configurations or policies) from a cloud vulnerability server corresponding to resolution of the vulnerabilities. A security remediation module can remediate on the network device for protection against at least the specific vulnerability of the at least one the peripheral.

Abstract: A network gateway interrogates a plurality of network devices to collect security state data and operational state data on a periodic basis. Contextual security recommendations are generated based on the security rating report. Security actions can be taken based on the contextual security recommendations.

Abstract: Generating a set of attempted external contacts associated with a malware sample is disclosed. A malware sample is executed in an accelerated computing environment. In the accelerated computing environment, a guest time is advanced more quickly than a time by which a host time is advanced. A set of one or more attempted external contacts generated by the executing malware sample is recorded. The set of attempted external contacts includes at least one generated domain name. A remedial action is taken with respect to the generated domain name.

Abstract: Generating a set of attempted external contacts associated with a malware sample is disclosed. A malware sample is executed, in an accelerated computing environment. In the accelerated computing environment, a guest time is advanced more quickly than a time by which a host time is advanced. A set of one or more attempted external contacts generated by the executing malware sample is recorded. The set of attempted external contacts is provided as output.

Abstract: Generating a set of attempted external contacts associated with a malware sample is disclosed. A malware sample is executed in an accelerated computing environment. In the accelerated computing environment, a guest time is advanced more quickly than a time by which a host time is advanced. A set of one or more attempted external contacts generated by the executing malware sample is recorded. The set of attempted external contacts includes at least one generated domain name. A remedial action is taken with respect to the generated domain name.

Abstract: A system and method configured for providing a cryptographic platform for exchanging information. One or more information transactions including encrypted information may be generated and/or provided to a distributed ledger. The one or more information transactions may include information intended for one or more parties. Information transactions intended for one or more parties may be identified. An information transaction may include one or more of a transaction identifier associated with one or more parties, an information payload, and/or other information. The information payload may include encrypted information. The encrypted information may be encrypted with one or more public keys associated with one or more parties. One or more information transactions may be retrieved from the distributed ledger. The encrypted information may be decrypted with one or more private keys that correspond to the public keys. Presentation of the encrypted information to one or more parties may be facilitated.

Abstract: Discovering nodes of a network is disclosed. A multicast group of the network is sent an Internet Protocol multicast packet that requires a receiver of the packet to provide a response packet. One or more Internet Control Message Protocol replies from one or more nodes that belong to the multicast group are received. A listing of nodes of the network is determined using the one or more received replies.

Abstract: Techniques for generating a honey network configuration to emulate a target network environment are disclosed. In some embodiments, techniques for generating a honey network configuration to emulate a target network include receiving a network scan survey of the target network; generating the honey network configuration to emulate the target network using the network scan survey of the target network; and executing a honey network using the honey network configuration.

Abstract: Identifying a behavior of a malware service is disclosed. An interrogation packet is sent to a network communication port of a receiver. The interrogation packet is one of a plurality of predetermined interrogation packets sent to the network communication port. The interrogation packet invites an expected action. The expected action is detected. It is determined that the malware service is potentially is operating.

Abstract: Techniques for generating a honey network configuration to emulate a target network environment are disclosed. In some embodiments, techniques for generating a honey network configuration to emulate a target network include receiving a network scan survey of the target network; generating the honey network configuration to emulate the target network using the network scan survey of the target network; and executing a honey network using the honey network configuration.

Abstract: Generating a set of attempted external contacts associated with a malware sample is disclosed. A malware sample is executed, in an accelerated computing environment. In the accelerated computing environment, a guest time is advanced more quickly than a time by which a host time is advanced. A set of one or more attempted external contacts generated by the executing malware sample is recorded. The set of attempted external contacts is provided as output.

Abstract: Techniques for generating a honey network configuration to emulate a target network environment are disclosed. In some embodiments, techniques for generating a honey network configuration to emulate a target network include receiving a network scan survey of the target network; generating the honey network configuration to emulate the target network using the network scan survey of the target network; and executing a honey network using the honey network configuration.

Abstract: Interdicting an undesired service is disclosed. For example, a malware service is interdicted. The undesired service is identified. A vulnerability of the undesired service is identified from among a hierarchy of vulnerabilities. The undesired service is interdicted according to the vulnerability. For example, a corresponding action of a vulnerability to interdict the undesired service is performed in the order of the hierarchy until the undesired service is interdicted.

Abstract: Discovering nodes of a network is disclosed. A multicast group of the network is sent an Internet Protocol multicast packet that requires a receiver of the packet to provide a response packet. One or more Internet Control Message Protocol replies from one or more nodes that belong to the multicast group are received. A listing of nodes of the network is determined using the one or more received replies.

Abstract: Discovering nodes of a network is disclosed. A multicast group of the network is sent an Internet Protocol version 6 multicast packet that requires a receiver of the packet to provide a response packet. One or more Internet Control Message Protocol version 6 replies from one or more nodes that belong to the multicast group are received. A listing of nodes of the network is determined using the one or more received replies.

Abstract: A system and method configured for providing a cryptographic platform for exchanging information. One or more information transactions including encrypted information may be generated and/or provided to a distributed ledger. The one or more information transactions may include information intended for one or more parties. Information transactions intended for one or more parties may be identified. An information transaction may include one or more of a transaction identifier associated with one or more parties, an information payload, and/or other information. The information payload may include encrypted information. The encrypted information may be encrypted with one or more public keys associated with one or more parties. One or more information transactions may be retrieved from the distributed ledger. The encrypted information may be decrypted with one or more private keys that correspond to the public keys. Presentation of the encrypted information to one or more parties may be facilitated.

Abstract: Identifying a behavior of a malware service is disclosed. An interrogation packet is sent to a network communication port of a receiver. The interrogation packet is one of a plurality of predetermined interrogation packets sent to the network communication port. The interrogation packet invites an expected action. The expected action is detected. It is determined that the malware service is potentially is operating.

Abstract: Identifying a behavior of a service is disclosed. A predetermined interrogation packet that corresponds to a hypothesis is sent to a network communication port of a receiver. The predetermined packet is one of a plurality of predetermined interrogation packets sent to the network communication port. The hypothesis is consistent with a behavior of a corresponding service. The predetermined interrogation packet invites an expected action. The expected action is detected. It is determined that the behavior of the service that corresponds to the hypothesis is operating.

Abstract: A system and method configured for providing a cryptographic platform for exchanging information. One or more information transactions including encrypted information may be generated and/or provided to a distributed ledger. The one or more information transactions may include information intended for one or more parties. Information transactions intended for one or more parties may be identified. An information transaction may include one or more of a transaction identifier associated with one or more parties, an information payload, and/or other information. The information payload may include encrypted information. The encrypted information may be encrypted with one or more public keys associated with one or more parties. One or more information transactions may be retrieved from the distributed ledger. The encrypted information may be decrypted with one or more private keys that correspond to the public keys. Presentation of the encrypted information to one or more parties may be facilitated.