Abstract: Examples disclosed herein relate to performing an action based on a pre-boot measurement of a firmware image. In an example, at a firmware component in a system, a measurement of a firmware image may be determined prior to booting of the system, beginning from a hardware root of trust boot block, by a Trusted Platform Module (TPM) emulator engine that emulates a hardware-based TPM. A pre-determined measurement of the firmware image may be retrieved from a storage location within the system. The measurement of the firmware image may be compared with the pre-determined measurement of the firmware image prior to booting of the system. In response to a determination that the measurement of the firmware image is different from the pre-determined measurement of the firmware image, performing an action.

Abstract: Examples disclosed herein relate to approaches for securing a computing system. A management controller is to monitor a plurality of parameters of monitored controllers. The management controller provides each of the controllers a key to update the parameters. The management controller includes a representation of the parameters. A current version of one of the parameters is received from one of the monitored controllers. It is determined whether an unauthorized modification occurred to the current version of the first parameter using the representation.

Abstract: A system includes a light emitter attached to a destination chamber, the light emitter to emit a collimated light beam across an entrance to the destination chamber. The system includes an end effector attached to a distal end of an arm of a robot. The system includes a two-dimensional (2D) area sensor disposed on the end effector at a location that coincides with the collimated light beam while the end effector reaches within the destination chamber. The 2D area sensor is to detect a location of the collimated light beam incident on a surface of the 2D area sensor and transmit, to a controller coupled to the robot, sensing data including the location.

Abstract: Aspects of vulnerability scanning are disclosed. In one example, configuration and context information of a first device for which vulnerability scanning is to be performed is obtained. The configuration information includes telemetry data of the first device. A second device is provisioned based on the configuration information to create a cloned first device. The vulnerability scanning is performed on the cloned first device based on the context information to obtain a scan report.

Abstract: In an example, a first metadata tag and a second metadata tag are added to first Personally Identifiable Information (PII) of a first user handled by a first application. The first PII is to be part of call home data captured from a hosting system. The first metadata tag may be indicative of security rules to be complied with for the first application and the second metadata tag may be indicative of security rules to be complied with for the first user. The first PII, the first metadata tag, and the second metadata tag may be protected and transmitted to a data processing center. The transmission may be in response to a determination to transmit the call home data.

Abstract: Sequences of computer network log entries indicative of a cause of an event described in a first type of entry are identified by training a long short-term memory (LSTM) neural network to detect computer network log entries of a first type. The network is characterized by a plurality of ordered cells Fi=(xi, ci-1, hi-1) and a final sigmoid layer characterized by a weight vector wT. A sequence of log entries xi is received. An hi for each entry is determined using the trained Fi. A value of gating function Gi(hi, hi-1)=II (wT(hi?hi-1)+b) is determined for each entry. II is an indicator function, b is a bias parameter. A sub-sequence of xi corresponding to Gi(hi, hi-1)=1 is output as a sequence of entries indicative of a cause of an event described in a log entry of the first type.

Abstract: Cloud services are often implemented as instances of applications having one or more components running on the nodes (e.g., host computers or servers) of a data center. Network services are thereby provided to a workload that uses the network resources of network interface devices (e.g., a NIC, switch, or router). The workload is a first instance of an application. The network interface devices can produce resource usage measurements of usage metrics that quantify usage of the network resources by the workload. The resource measurements can be used to produce an application network profile of the application. The application network profile can be used to select at least one of a plurality of nodes on which a second instance of the application is launched.

Abstract: Cloud services are often implemented as instances of applications having one or more components running on the nodes (e.g., host computers or servers) of a data center. Network services are thereby provided to a workload that uses the network resources of network interface devices (e.g., a NIC, switch, or router). The workload is a first instance of an application. The network interface devices can produce resource usage measurements of usage metrics that quantify usage of the network resources by the workload. The resource measurements can be used to produce an application network profile of the application. The application network profile can be used to select at least one of a plurality of nodes on which a second instance of the application is launched.

Abstract: A method includes accessing an input representing a software component list for a software product. The software component list contains information for a given software component. The method includes accessing a knowledge base to determine security level parameters and trust parameters for the given software component based on the information. A security level of the given software component is determined based on an evaluation of the security level parameters. A trust of a source of the given software component is determined based on an evaluation of the trust parameters. The method includes determining a security context of the software product. Based on the security level, the trust and the security context, the method includes providing a recommendation for the given software component.

Abstract: The disclosed embodiments provide a system for processing data. During operation, the system receives records of activity within a stream-processing system over a set of event streams, wherein each event stream in the set of event streams contains events related to a corresponding job in the stream-processing system. Next, the system indexes data in the records under a set of keys that include a first key related to jobs in the stream-processing system and a second key related to errors in the stream-processing system. The system then outputs the indexed data for use in analyzing the execution of the stream-processing system.

Abstract: A method including receiving, from a mobile device, a medical data indicative of one or more vital signs for a user of the mobile device, is provided. The vital signs include one of a body temperature, a pulse oximetry value, and a respiratory rate value, wherein the medical data includes a blood pressure value derived from one or more vital signs from the user. The method also includes finding a medical condition of the user based on the medical data; adding the medical data to a group data including vital signs for multiple users; and transmitting the medical condition to a second user, for treatment. A non-transitory, computer readable medium storing instructions and a system configured to perform the above method are also provided.

Abstract: A method for processing medical information includes identifying a first patient in a first state, identifying a second patient in a second state, calculating a first risk score for the first patient, calculating a first risk score for the second patient, and determining a risk prone area in a medical facility based on the first risk score for the first patient and the first risk score for the second patient. The first state is an infected state and the second state is different from the first state. The first risk score of the first patient provides an indication of a severity of the infected state of the first patient, and the first risk score of the second patient provides an indication of the second patient being infected by the first patient.

Abstract: In one example, a system is disclosed, which may include a network device, a new server connected to the network device, and a management server communicatively connected to a cloud-based service and the network device. The management server may include a server deployment engine to discover the new server in the system using the network device; obtain an encrypted data blob associated with the new server from the cloud-based service; establish a trust, via a secure protocol, with the new server using the encrypted data blob; and deploy the new server in the system upon establishing the trust with the new server.

Abstract: Techniques are provided for automatically resizing applications. In one technique, policy data that indicates an order of multiple policies is stored. The policies include (1) a first policy that corresponds to a first computer resource and a first resizing action and (2) a second policy that is lower in priority than the first policy and that corresponds to a second resizing action and a second computer resource. Resource utilization data is received from at least one application executing in a cloud environment. Based on the order, the first policy is identified. Based on the resource utilization data, it is determined whether criteria associated with the first policy are satisfied with respect to the application. If satisfied, then the first resizing action is performed with respect to the application; otherwise, based on the computer resource utilization data, it is determined whether criteria associated with the second policy are satisfied.

Abstract: Systems and methods are provided for implementing an adaptive machine learning platform for security penetration and risk assessment. For example, the system can receive publicly-available information associated with a client computer system, process the information to identify an input feature, and implement a machine learning model to identify the corresponding risk associated with the input feature . The system can recommend a penetration test for discovered weaknesses associated with the input feature and help make changes to the client computer system to improve security and reduce risk overall.

Abstract: In one embodiment, a computing device scans a plurality of available data sources associated with a profiled identity for an individual, and categorizes instances of the data sources according to recognized terms within the data sources. Once determining whether the profiled identity contributed positively to each categorized instance, categorized instances that have a positive contribution by the profiled identity may be clustered into clusters. The computing device may then rank the clusters based on size of the clusters and frequency of recognized terms within the clusters, and can then infer an expertise of the profiled identity based on one or more best-ranked clusters. The inferred expertise of the profiled identity may then be stored.

Abstract: A modular gripper has a body with a trident section and cylindrical section. A powering assembly is positioned in the cylindrical section. A pair of oppositing jaws is pivotally secured between a center wall and a pair of side wall, respectively, of the trident section. The piston rod moves a cam assembly on the center wall. The cam assembly passes through a body having a trident section and cylindrical section. The trident section comprises a trident structure that includes, at one end, a pair of side walls along with a center wall. The cylindrical section includes a fluid driven powering assembly. A pair of opposing jaw member are pivotally secured to the trident portion about separate pivot pins. A cam assembly is operatively connected to a piston rod of the fluid driven powering assembly. The cam assembly extends laterally outward with respect to a cylinder bore axis to receive a cam bush that engages with a through slot on each of the pair of opposing jaw members.

Abstract: In some examples, a system receives input information relating to a security level for an information technology (IT) stack comprising a plurality of layers including a hardware layer and a software layer, where the input information is technology and product agnostic. The system discovers components of the plurality of layers of the IT stack, accesses a knowledge base that maps the security level and the discovered components to configuration instructions relating to security controls, and configures the IT stack with the security controls using the configuration instructions.

Abstract: A power supply system for a lighting unit, comprises a driver, a local energy storage device and a converter. The converter implements a first, charging mode, mode by connecting to the output of said driver for diverting at least a part of the driving current from the lighting unit to charge the energy storage device, a second, battery driving, mode by connecting to the lighting unit for converting the local energy storage device power supply to drive the lighting unit, and a third, grid driving, mode to neither charge the energy storage device nor convert the secondary power supply. The converter and the driver are controlled actively and synchronously to maintain the current through the lighting unit when switching the converter between modes.

Abstract: Example implementations relate to application-specific policies for failing over from an edge site to a cloud. When an application becomes operational within an edge site, a discovery phase is performed by a local disaster recovery (DR) agent. I/O associated with a workload of the application is monitored. An I/O rate for data replication that satisfies latency characteristics of the application is predicted based on the incoming I/O. Based on results of tests against multiple clouds indicative of their respective RTO/RPO values, information regarding a selected cloud to serve as a secondary system is stored in an application-specific policy. The application-specific policy is transferred to a remote DR agent running in the selected cloud. Responsive to a failover event, infrastructure within a virtualized environment of the selected cloud is enabled to support a failover workload for the application based on the application-specific policy.