Abstract: An embodiment for contextualizing abnormal events which employ location-based social networks, LBSN, data to determine events that may be linked to the abnormal events is provided. The embodiment may include detecting an occurrence of an abnormal event within a geographic region, wherein the abnormal event occurs at an occurrence time. The embodiment may also include obtaining location-based social networks, LBSN, data relating to the geographic region for a time period including the occurrence time. The embodiment may further include analyzing the obtained LBSN data, wherein the analyzation determines a linked event within the geographic region for the time period. The embodiment may also include associating the linked event with the abnormal event.

Abstract: Examples of the present disclosure describe systems and methods relating to the offline protection of secrets. A secret may be encrypted using a public key provided by the client. The client may have obtained the public key from a cryptographic hardware device, wherein the private key of the cryptographic key pair may be bound to the cryptographic hardware device. The encrypted secret may be transmitted by a service to the client using a secured or an unsecured transmission method. In some examples, the service may transmit a subsequent encrypted secret, which may invalidate a previously encrypted secret. In order to authenticate with the service, the client may select an encrypted secret for decryption. The client may access the private key stored by the cryptographic device and decrypt the encrypted secret with the private key. The client may then use the decrypted secret to authenticate with the service.

Abstract: An embodiment for contextualizing abnormal events which employ location-based social networks, LBSN, data to determine events that may be linked to the abnormal events is provided. The embodiment may include detecting an occurrence of an abnormal event within a geographic region, wherein the abnormal event occurs at an occurrence time. The embodiment may also include obtaining location-based social networks, LBSN, data relating to the geographic region for a time period including the occurrence time. The embodiment may further include analyzing the obtained LBSN data, wherein the analyzation determines a linked event within the geographic region for the time period. The embodiment may also include associating the linked event with the abnormal event.

Abstract: Examples of the present disclosure describe systems and methods relating to the offline protection of secrets. A secret may be encrypted using a public key provided by the client. The client may have obtained the public key from a cryptographic hardware device, wherein the private key of the cryptographic key pair may be bound to the cryptographic hardware device. The encrypted secret may be transmitted by a service to the client using a secured or an unsecured transmission method. In some examples, the service may transmit a subsequent encrypted secret, which may invalidate a previously encrypted secret. In order to authenticate with the service, the client may select an encrypted secret for decryption. The client may access the private key stored by the cryptographic device and decrypt the encrypted secret with the private key. The client may then use the decrypted secret to authenticate with the service.

Abstract: Examples of the present disclosure describe systems and methods relating to the offline protection of secrets. A secret may be encrypted using a public key provided by the client. The client may have obtained the public key from a cryptographic hardware device, wherein the private key of the cryptographic key pair may be bound to the cryptographic hardware device. The encrypted secret may be transmitted by a service to the client using a secured or an unsecured transmission method. In some examples, the service may transmit a subsequent encrypted secret, which may invalidate a previously encrypted secret. In order to authenticate with the service, the client may select an encrypted secret for decryption. The client may access the private key stored by the cryptographic device and decrypt the encrypted secret with the private key. The client may then use the decrypted secret to authenticate with the service.

Abstract: An abdominal belt that is configured to apply heat, vibration, and/or pressure to a lower abdominal portion of a user's body to alleviate pain and discomfort (e.g., from PMS) is disclosed. In some cases, the abdominal belt has a first end, a second end, and an abdominal pad disposed at the belt's second end. In some cases, the abdominal pad includes one or more heating elements and/or vibrating mechanisms. Indeed, in some cases, the pad includes two vibrating mechanisms configured to be disposed over a user's ovaries when the belt is worn. In some cases, the abdominal pad also defines an opening through which the belt's first end can extend. Additionally, the belt includes a coupling mechanism that couples the first end to a middle portion of the belt when the belt is extended through the opening and the first end of the belt is folded back on the middle portion. Other implementations are described.

Abstract: Techniques to contain lateral movement of attackers through just-in-time (JIT) provisioned accounts comprising an account management component to receive a request from a first account via a client device for a second account to access a server device in a set of server devices, an account authorization component to authorize the request for the second account based at least partially on account information associated with the first account, an account provisioning component to provision the second account to enable a client to access the server device, and an account notification component to provide account information associated with the second account to a client via the client device. Other embodiments are described and claimed.

Abstract: Examples of the present disclosure describe systems and methods relating to the offline protection of secrets. A secret may be encrypted using a public key provided by the client. The client may have obtained the public key from a cryptographic hardware device, wherein the private key of the cryptographic key pair may be bound to the cryptographic hardware device. The encrypted secret may be transmitted by a service to the client using a secured or an unsecured transmission method. In some examples, the service may transmit a subsequent encrypted secret, which may invalidate a previously encrypted secret. In order to authenticate with the service, the client may select an encrypted secret for decryption. The client may access the private key stored by the cryptographic device and decrypt the encrypted secret with the private key. The client may then use the decrypted secret to authenticate with the service.

Abstract: Techniques to contain lateral movement of attackers through just-in-time (JIT) provisioned accounts comprising an account management component to receive a request from a first account via a client device for a second account to access a server device in a set of server devices, an account authorization component to authorize the request for the second account based at least partially on account information associated with the first account, an account provisioning component to provision the second account to enable a client to access the server device, and an account notification component to provide account information associated with the second account to a client via the client device. Other embodiments are described and claimed.

Abstract: Techniques to contain lateral movement of attackers through just-in-time (JIT) provisioned accounts comprising an account management component to receive a request from a first account via a client device for a second account to access a server device in a set of server devices, an account authorization component to authorize the request for the second account based at least partially on account information associated with the first account, an account provisioning component to provision the second account to enable a client to access the server device, and an account notification component to provide account information associated with the second account to a client via the client device. Other embodiments are described and claimed.

Abstract: Techniques to operate a service with machine generated authentication tokens comprising a authentication token management component to establish a secure connection with a client device based at least partially on client authentication information associated with a first account of the client, receive a request for account information of one or more accounts associated with the first account of the client, provide account information for a second account associated with the first account to the client via the client device, receive a request to generate an authentication token for the second account, validate the request to generate the authentication token based on the client authentication information associated with the client, and a token generation component to generate the authentication token for the second account. Other embodiments are described and claimed.

Abstract: Techniques to contain lateral movement of attackers through just-in-time (JIT) provisioned accounts comprising an account management component to receive a request from a first account via a client device for a second account to access a server device in a set of server devices, an account authorization component to authorize the request for the second account based at least partially on account information associated with the first account, an account provisioning component to provision the second account to enable a client to access the server device, and an account notification component to provide account information associated with the second account to a client via the client device. Other embodiments are described and claimed.

Abstract: A secret (e.g. a password, key, certificate) is automatically generated by a system. For example, at the time of deployment of a computing machine, a password may be generated and securely stored by the system with other secrets. The password may be used by the system to perform various operations (e.g. configuring the machine, . . . ). When a secret is requested by a user to access a resource, a secret is provided to the user. Once the secret has been utilized by the user, the secret is reset and replaced with a newly generated secret. All/portion of the secrets may also be automatically regenerated. For example, when a breach occurs and/or is suspected, each of the secrets may be replaced with newly generated secrets and securely stored. Auditing and reporting may also be provided (e.g. each request/access to a secret is logged).

Abstract: Command sequencing may be provided. Upon receiving a plurality of action requests, an ordered queue comprising at least some of the plurality of actions may be created. The actions may then be performed in the queue's order.

Abstract: Alerts based on detected hardware and/or software problems in a complex distributed application environment are mapped to recovery actions for automatically resolving problems. Non-mapped alerts are escalated to designated individuals or teams through a cyclical escalation method that includes a confirmation hand-off notice from the designated individual or team. Information collected for each alert as well as solutions through the escalation process may be recorded for expanding the automated resolution knowledge base.

Abstract: A secret (e.g. a password, key, certificate) is automatically generated by a system. For example, at the time of deployment of a computing machine, a password may be generated and securely stored by the system with other secrets. The password may be used by the system to perform various operations (e.g. configuring the machine, . . . ). When a secret is requested by a user to access a resource, a secret is provided to the user. Once the secret has been utilized by the user, the secret is reset and replaced with a newly generated secret. All/portion of the secrets may also be automatically regenerated. For example, when a breach occurs and/or is suspected, each of the secrets may be replaced with newly generated secrets and securely stored. Auditing and reporting may also be provided (e.g. each request/access to a secret is logged).

Abstract: The present invention relates to generating time relevant content for electronic communications, such as electronic mail (e-mail). The time relevant content is delivered when the electronic communications are acknowledged by the recipient based upon receipt of an electronic indicator, such as a returned request(s), at a home server. In the case of electronic mail, the time relevant content is dynamic, as it is assembled at the time the e-mail is opened, as opposed to the time when the e-mail is sent, as is the case with conventional or static e-mail and other similar electronic communications.

Abstract: A system is provided for employing an orchestrator to deploy and implement changes to a system. A change request may be a system build, upgrade, and patches for updating a subset of files within the system. The orchestrator may initially perform a security check and a validation check on a received change request. Upon receiving validation and approval, the change request may be deployed and propagated through a series of deployment scopes. The deployment scopes may become increasingly larger to extensively test the applied change before fully implementing the change on the target system. The orchestrator may submit the applied change to a validation component for getting validation of the change within the deployment scope after each applied change within a deployment scope. After the change request has been deployed through the deployment scopes and validated, the change request may be deployed to the target system and fully implemented.

Abstract: Recovery action approval may be provided. A request to perform an action may be received from a user. If the user is not always authorized to request the action, then the action may be performed if a policy rule permits the user to request the action.

Abstract: Command sequencing may be provided. Upon receiving a plurality of action requests, an ordered queue comprising at least some of the plurality of actions may be created. The actions may then be performed in the queue's order.