Abstract: Systems and methods for entity item matching include, responsive to identifying a workflow, monitoring one or more first entity items of a first entity item type for updates to one or more first field-value pairs; determining, subsequent to processing a first monitored item of a plurality of monitored items, an update to a first field-value pair of a first entity item of the first entity item type; responsive to determining that the update matches a corresponding field-value pair of the first monitored item, matching the first entity item with the first monitored item by performing a lookup in the first monitored item for a field-value pair matching the update to the first field-value pair; and performing a first action specified in the workflow on the first monitored item using data corresponding to the update in the first field-value pair of the first entity item matched with the first monitored item.

Abstract: Systems and methods for maintaining data objects include receiving an event in a queue indicating a change to a data source; obtaining data corresponding to the event from the data source; determining that a monitored item condition defined in a workflow is satisfied based on the data corresponding to the event; generating a data object responsive to the monitored item condition being satisfied; identifying, using a mapping between fields and triggers generated based on the workflow, a trigger defined in the workflow that uses a first field of one or more fields; determining that the value of the first field satisfies a trigger condition of the trigger; and performing, responsive to determining that the value satisfies the trigger condition, an action corresponding to the trigger defined in the workflow.

Abstract: Systems and methods for maintaining data objects include receiving an event in a queue indicating a change to a data source; obtaining data corresponding to the event from the data source; determining that a monitored item condition defined in a workflow is satisfied based on the data corresponding to the event; generating a data object responsive to the monitored item condition being satisfied; identifying, using a mapping between fields and triggers generated based on the workflow, a trigger defined in the workflow that uses a first field of one or more fields; determining that the value of the first field satisfies a trigger condition of the trigger; and performing, responsive to determining that the value satisfies the trigger condition, an action corresponding to the trigger defined in the workflow.

Abstract: Disclosed embodiments relate to systems and methods for security protection against threats to network identity providers. Techniques include identifying a first request from a client for access to a secure network resource; redirecting the client to an identity provider. The identity provider may be configured to authenticate the client and provide the client with data signed using a first identity provider key. Further techniques include identifying a second request from the client, the second request including a doubly-signed version of the data, verifying the doubly-signed version of the data using a second identity provider key corresponding to the first identity provider key and a second client key corresponding to the first client key; and allowing, conditional on a result of the verifying, the client to access the secure network resource.

Abstract: Disclosed embodiments relate to systems and methods for security protection against threats to network identity providers. Techniques include identifying a first request from a client for access to a secure network resource; redirecting the client to an identity provider. The identity provider may be configured to authenticate the client and provide the client with data signed using a first identity provider key. Further techniques include identifying a second request from the client, the second request including a doubly-signed version of the data, verifying the doubly-signed version of the data using a second identity provider key corresponding to the first identity provider key and a second client key corresponding to the first client key; and allowing, conditional on a result of the verifying, the client to access the secure network resource.

Abstract: Disclosed embodiments relate to systems and methods for security protection against threats to network identity providers. Techniques include identifying a first request from a client for access to a secure network resource; redirecting the client to an identity provider. The identity provider may be configured to authenticate the client and provide the client with data signed using a first identity provider key. Further techniques include identifying a second request from the client, the second request including a doubly-signed version of the data, verifying the doubly-signed version of the data using a second identity provider key corresponding to the first identity provider key and a second client key corresponding to the first client key; and allowing, conditional on a result of the verifying, the client to access the secure network resource.

Abstract: Disclosed embodiments include securing privileged access communication with target systems. Techniques include identifying a request for access to a target resource by an identity, the request being associated with a requested activity that requires privileged access, identifying a connection session in which the identity communicates with the target resource, automatically analyzing an actual activity of the identity occurring in the connection session, automatically comparing the actual activity to the requested activity to determine whether the actual activity complies with the requested activity, and automatically detecting, based on the determination, an inconsistency between the actual activity of the identity and the requested activity associated with the request for access.

Abstract: Disclosed embodiments include securing privileged access communication with target systems. Techniques include identifying a request for access to a target resource by an identity, the request being associated with a requested activity that requires privileged access, identifying a connection session in which the identity communicates with the target resource, automatically analyzing an actual activity of the identity occurring in the connection session, automatically comparing the actual activity to the requested activity to determine whether the actual activity complies with the requested activity, and automatically detecting, based on the determination, an inconsistency between the actual activity of the identity and the requested activity associated with the request for access.

Abstract: A method and a device are disclosed including an integrated connection between a Social Business Network (SBN) and a webpage configured to provide context-based relevant information about content and/or metadata associated with the webpage. A SBN provides business-oriented information in a social networking environment. In some embodiments, SBN connection automatically provides information about the webpage's owner, or is used used or to start a conversation with another user. In still other embodiments, the SBN connection may retrieve information from external sources such as Facebook®, web, and databases associated with the SBN, including prior relevant conversations, project information, participant information, articles, historical data, and the like. In various embodiments, the SBN connection is in the form of a browser plugin component, which may be enhanced by custom software cartridges developed by customers of SBN to dynamically alter the behavior or add functionality to the SBN plugin component.

Abstract: A method and a device are disclosed including a Username Software Component (USC) configured to provide a connection between a communication software application, social networking sites, and a database to allow search, retrieval, and verification of various usernames associated with a single user and uniquely identifying the single user. The database stores the various usernames for future use. When a local user receives a message from a remote user, various usernames potentially associated with the remote user are retrieved by USC. The local user validates some of the usernames to indicate that they represent the same remote user. Usernames may also be validated by weighted functions applied to user votes. Such validated usernames may be stored in the database for future use by all users to uniquely identify the same remote user. The USC may be implemented as a plug-in component or as a built-in software application functionality.

Abstract: A method and a device are disclosed including an integrated connection between a Social Business Network (SBN) and a webpage configured to provide context-based relevant information about content and/or metadata associated with the webpage. A SBN provides business-oriented information in a social networking environment. In some embodiments, SBN connection automatically provides information about the webpage's owner, or is used used or to start a conversation with another user. In still other embodiments, the SBN connection may retrieve information from external sources such as Facebook®, web, and databases associated with the SBN, including prior relevant conversations, project information, participant information, articles, historical data, and the like. In various embodiments, the SBN connection is in the form of a browser plugin component, which may be enhanced by custom software cartridges developed by customers of SBN to dynamically alter the behavior or add functionality to the SBN plugin component.