Abstract: Horizontal gel electrophoresis devices and methods of extracting a gel from a gel housing are provided. The devices allow for extraction of gels without having to open the housing comprising the gel. The devices include gel cassettes that simplify the automation of gel electrophoresis and electroblotting of proteins. Also provided are devices that allow for horizontal gel electrophoresis without the need to from a liquid seal between the buffer reservoir and the gel housing. Also described are methods for extracting a gel from a housing without opening the housing.

Abstract: Gel cassette opening devices and methods for opening gel cassettes are provided.

Abstract: Fraction collector dispensers and methods of using such dispensers are provided. In one embodiment, the dispenser includes an inlet for receiving liquid from a liquid source, wherein the inlet is in fluid communication with an outlet from which liquid is dispensed into a receptacle; and a reservoir in fluid communication with a flow path between the inlet and outlet, wherein the reservoir comprises trapped air therein and is configured to receive liquid during movement of the dispenser between receptacles or during movement of receptacles between dispense positions, wherein the dispenser is moveable between a first receptacle and a second receptacle or the receptacles are moveable between dispense positions.

Abstract: Horizontal gel electrophoresis devices and methods of extracting a gel from a gel housing are provided. The devices allow for extraction of gels without having to open the housing comprising the gel. The devices include gel cassettes that simplify the automation of gel electrophoresis and electroblotting of proteins. Also provided are devices that allow for horizontal gel electrophoresis without the need to from a liquid seal between the buffer reservoir and the gel housing. Also described are methods for extracting a gel from a housing without opening the housing.

Abstract: Aspects of the subject matter described herein relate to a mechanism for assessing security. In aspects, an analytics engine is provided that manages execution, information storage, and data passing between various components of a security system. When data is available for analysis, the analytics engine determines which security components to execute and the order in which to execute the security components, where in some instances two or more components may be executed in parallel. The analytics engine then executes the components in the order determined and passes output from component to component as dictated by dependencies between the components. This is repeated until a security assessment is generated or updated. The analytics engine simplifies the work of creating and integrating various security components.

Abstract: Aspects of the subject matter described herein relate to tuning detection components of a security system. In aspects, a history of alerts is collected. This history is then used together with knowledge about tunable objects of the system to determine parameters of the tunable objects that can be changed to improve detection of the system. Parameters of tunable objects are adjusted in a simulator that determines an effect on alerts in the history based on the adjusted parameters. A recommendation of one or more tuning actions may be provided together with information regarding the effect of each tuning action.

Abstract: Security risk for a single IT asset and/or a set of IT assets in a network such as an enterprise or corporate network may be estimated and represented in a visual form by categorizing risk into different discrete levels. The IT assets may include both computing devices and users. The risk categorization uses a security assessment of an IT asset that is generated to indicate the type of security problem encountered, the severity of the problem, and the fidelity of the assessment. The asset value of an IT asset to the enterprise is also assigned. Security risk is then categorized (and a numeric risk value provided) for each IT asset for different problem types by considering the IT asset value along with the severity and fidelity of the security assessment. The security risk for the enterprise is estimated using the numeric risk value and then displayed in visual form.

Abstract: A network intrusion detection system combines the normally sequential steps of protocol analysis, normalization, and signature matching through the use of a regular expression to speed the monitoring of network data. The regular expression also allows the creation of a superset matcher, permitting multiple stages of matching of increased accuracy to produce additional throughput gains.

Abstract: Security risk for a single IT asset and/or a set of IT assets in a network such as an enterprise or corporate network may be estimated and represented in a visual form by categorizing risk into different discrete levels. The IT assets may include both computing devices and users. The risk categorization uses a security assessment of an IT asset that is generated to indicate the type of security problem encountered, the severity of the problem, and the fidelity of the assessment. The asset value of an IT asset to the enterprise is also assigned. Security risk is then categorized (and a numeric risk value provided) for each IT asset for different problem types by considering the IT asset value along with the severity and fidelity of the security assessment. The security risk for the enterprise is estimated using the numeric risk value and then displayed in visual form.

Abstract: Aspects of the subject matter described herein relate to tuning detection components of a security system. In aspects, a history of alerts is collected. This history is then used together with knowledge about tunable objects of the system to determine parameters of the tunable objects that can be changed to improve detection of the system. Parameters of tunable objects are adjusted in a simulator that determines an effect on alerts in the history based on the adjusted parameters. A recommendation of one or more tuning actions may be provided together with information regarding the effect of each tuning action.

Abstract: Semantic networks are generated to model the operational behavior of an enterprise network to provide contextual interpretation of an event or a sequence of events that are observed in that specific enterprise network. In various illustrative examples, different semantic networks may be generated to model different behavior scenarios in the enterprise network. Without the context provided by these semantic networks malicious events may inherently be interpreted as benign events as there is typically always a scenario where such events could be part of normal operations of an enterprise network. Instead, the present semantic networks enable interpretation of events for a specific enterprise network. Such interpretation enables the conclusion that a sequence of events that could possibly be part of normal operations in a theoretical enterprise network is, in fact, abnormal for this specific enterprise network.

Abstract: Aspects of the subject matter described herein relate to a mechanism for assessing security. In aspects, an analytics engine is provided that manages execution, information storage, and data passing between various components of a security system. When data is available for analysis, the analytics engine determines which security components to execute and the order in which to execute the security components, where in some instances two or more components may be executed in parallel. The analytics engine then executes the components in the order determined and passes output from component to component as dictated by dependencies between the components. This is repeated until a security assessment is generated or updated. The analytics engine simplifies the work of creating and integrating various security components.

Abstract: A network intrusion detection system combines the normally sequential steps of protocol analysis, normalization, and signature matching through the use of a regular expression to speed the monitoring of network data. The regular expression also allows the creation of a superset matcher, permitting multiple stages of matching of increased accuracy to produce additional throughput gains.