Abstract: A method, computer program product, and computer system for building container images comprise a base container image control agent associated with a base container image and a build system control agent associated with a build system. A mutual negotiation protocol is facilitated between the base container image control agent and the build system control agent. A set of operation parameters is determined in response to facilitating the mutual negotiation protocol. Identified from the set of operation parameters a set of requirements for a new container image control agent. A new container image is generated based on the operation parameters to which the new container image control agent is associated.

Abstract: A machine-readable medium may store instructions executable by a processing resource to access log data of an enterprise and extract time-series data of an enterprise entity from the log data. The time-series data may include measured feature values of a set of selected features over a series of time periods. The instructions may be further executable to train a predictive model specific to the enterprise entity using the time-series data, wherein the predictive model is to generate, for a particular time period, a predicted feature value for each of the selected features; access actual feature values of the enterprise entity for the particular time period; apply first-level deviation criteria to the actual feature value and the predicted feature value of each selected feature to identify deviant features of the enterprise entity; and apply second-level deviation criteria to the identified deviant features to identify the enterprise entity as behaving abnormally.

Abstract: The disclosure herein describes providing action item information for a current activity based on similarity with past activities. Activity attributes indicative of an activity outcome are identified, and a random forest classifier based on the identified activity attributes is generated. The random forest classifier classifies an activity based on the activity attributes. Similarity factors associated with the current activity and past activities are calculated based on the random forest classifier. Based on the similarity factors, data value ranges of performance indicators of past activities associated with the activity outcome are determined. Based on comparing the determined data value ranges to performance indicator data values of the current activity, action item information associated with the performance indicator data values of the current activity is provided.

Abstract: Disclosed is a method of controlling postprandial blood glucose levels in a subject. The method includes orally administering to a subject an orally administrable oligoethylene glycol conjugate of insulin or an orally administrable insulin fusion protein. Oral administration is done during a time period from about 5 to 25 minutes prior to a meal.

Abstract: A technique includes receiving data identifying behavior anomalies that are exhibited by entities that are associated with a computer system. The technique includes associating the behavior anomalies with contexts based at least in part on threat intelligence to provide modified anomalies. The threat intelligence associates the contexts with indicators of potential breach. The technique includes characterizing the behavior anomaly identification based at least in part on the threat intelligence. The characterization includes applying machine learning to features of the modified anomalies to classify the identified behavior anomalies.

Abstract: Examples determine a number of hosts, within an enterprise, which are resolving a particular domain. Based on the number of hosts within the enterprise resolving the particular domain, the examples identify whether the particular domain is benign.

Abstract: Examples determine a number of hosts, within an enterprise, which are resolving a particular domain. Based on the number of hosts within the enterprise resolving the particular domain, the examples identify whether the particular domain is benign.

Abstract: A technique includes receiving data identifying behavior anomalies that are exhibited by entities that are associated with a computer system. The technique includes associating the behavior anomalies with contexts based at least in part on threat intelligence to provide modified anomalies. The threat intelligence associates the contexts with indicators of potential breach. The technique includes characterizing the behavior anomaly identification based at least in part on the threat intelligence. The characterization includes applying machine learning to features of the modified anomalies to classify the identified behavior anomalies.

Abstract: A machine-readable medium may store instructions executable by a processing resource to access log data of an enterprise and extract time-series data of an enterprise entity from the log data. The time-series data may include measured feature values of a set of selected features over a series of time periods. The instructions may be further executable to train a predictive model specific to the enterprise entity using the time-series data, wherein the predictive model is to generate, for a particular time period, a predicted feature value for each of the selected features; access actual feature values of the enterprise entity for the particular time period; apply first-level deviation criteria to the actual feature value and the predicted feature value of each selected feature to identify deviant features of the enterprise entity; and apply second-level deviation criteria to the identified deviant features to identify the enterprise entity as behaving abnormally.

Abstract: Systems, methods, and machine-readable and executable instructions are provided for attack notification. Attack notification can include receiving security-related data from a number of computing devices that are associated with a number of entities through a communication link and analyzing a first portion of the security-related data that is associated with a first entity from the number of entities to determine whether the first entity has experienced an attack. Attack notification can include analyzing a second portion of the security-related data that is associated with a second entity from the number of entities and the first portion of the security-related data that is associated with the first entity to determine whether the second entity is experiencing the attack. Attack notification can include notifying, through the communication link, the second entity that the second entity is experiencing the attack if it is determined that the second entity is experiencing the attack.

Abstract: Identifying participants for collaboration in a threat exchange community can include receiving security data from a plurality of participants at a threat exchange server within the threat exchange community; and in response to receiving from a first participant from the plurality of participants security data associated with a security occurrence, identifying at the threat exchange server the first participant and a second participant from the plurality of participants for collaboration based on characteristics of the first participant and the second participant.

Abstract: Instances of router models and filter models respectively are populated with configuration data from routers and filters in a network. A route advertising graph is derived from the router model instances. The route advertising graph indicates propagation of routes between the ones of the real-world devices serving as routers according to routing protocols implemented by the ones of the real-world devices serving as routers. Consolidated routing data is determined for the ones of the real-world devices serving as routers. In this process, the propagation of routes indicated by the route advertising graph is iterated to stability. For a destination node in the network, a respective route graph indicating available paths to the destination node from each source node in the network is constructed from the consolidated routing data. Services between each source node and the destination node are classified based on a full traversal of the route advertising graph.

Abstract: In one implementation, a resource reference classification system includes a selection engine and a classification engine. The selection engine is to access a plurality of resource request records based on resource requests intercepted from a plurality of clients, and to select resource request records from the plurality of resource request records intercepted from a client from the plurality of clients. Each resource request record from the plurality of resource request records includes a resource reference. The classification engine is to identify, independent of the client, a root resource reference and a plurality of child resource references of the root resource reference from the resource request records.

Abstract: Threat exchange information protection can include receiving security information from a number of participants of a threat exchange community, wherein a portion of the received security information is encoded with pseudonyms by each of the number of participants, analyzing the security information collectively from the number of participants, wherein the portion of the received security information remains encoded, and sending analysis results to each of the number of participants, wherein the analysis results include information relating to the portion.

Abstract: In one embodiment, a method of detecting centerline of a vessel is provided. The method comprises steps of acquiring a 3D image volume, initializing a centerline, initializing a Kalman filter, predicting a next center point using the Kalman filter, checking validity of the prediction made using the Kalman filter, performing template matching, updating the Kalman filter based on the template matching and repeating the steps of predicting, checking, performing and updating for a predetermined number of times. Methods of automatic vessel segmentation and temporal tracking of the segmented vessel is further described with reference to the method of detecting centerline.

Abstract: In one embodiment, a method of detecting centerline of a vessel is provided. The method comprises steps of acquiring a 3D image volume, initializing a centerline, initializing a Kalman filter, predicting a next center point using the Kalman filter, checking validity of the prediction made using the Kalman filter, performing template matching, updating the Kalman filter based on the template matching and repeating the steps of predicting, checking, performing, and updating for a predetermined number of times. Methods of automatic vessel segmentation and temporal tracking of the segmented vessel is further described with reference to the method of detecting centerline.

Abstract: Systems, methods, and machine-readable and executable instructions are provided for attack notification. Attack notification can include receiving security-related data from a number of computing devices that are associated with a number of entities through a communication link and analyzing a first portion of the security-related data that is associated with a first entity from the number of entities to determine whether the first entity has experienced an attack. Attack notification can include analyzing a second portion of the security-related data that is associated with a second entity from the number of entities and the first portion of the security-related data that is associated with the first entity to determine whether the second entity is experiencing the attack. Attack notification can include notifying, through the communication link, the second entity that the second entity is experiencing the attack if it is determined that the second entity is experiencing the attack.

Abstract: Identifying participants for collaboration in a threat exchange community can include receiving security data from a plurality of participants at a threat exchange server within the threat exchange community; and in response to receiving from a first participant from the plurality of participants security data associated with a security occurrence, identifying at the threat exchange server the first participant and a second participant from the plurality of participants for collaboration based on characteristics of the first participant and the second participant.

Abstract: Threat exchange information protection can include receiving security information from a number of participants of a threat exchange community, wherein a portion of the received security information is encoded with pseudonyms by each of the number of participants, analyzing the security information collectively from the number of participants, wherein the portion of the received security information remains encoded, and sending analysis results to each of the number of participants, wherein the analysis results include information relating to the portion.

Abstract: A business object model, which reflects data that is used during a given business transaction, is utilized to generate interfaces. This business object model facilitates commercial transactions by providing consistent interfaces that are suitable for use across industries, across businesses, and across different departments within a business during a business transaction. In some operations, software creates, updates, or otherwise processes information related to a BR boleto receivable and a BR nota fiscal authorisation request business object.