Abstract: Systems and methods include performing inline monitoring of production traffic between users, the Internet, and cloud services via a cloud-based system; utilizing a trained machine learning model to inspect static properties of files in the production traffic; and classifying the traffic as one of malicious or benign based on the trained machine learning model.

Abstract: Systems and methods include determining a plurality of features associated with executable files, wherein the plurality of features are each based on static properties in predefined structure of the executable files; obtaining training data that includes samples of benign executable files and malicious executable files; extracting the plurality of features from the training data; and utilizing the extracted plurality of features to train a machine learning model to detect malicious executable files.

Abstract: Computer-implemented systems and methods include receiving unknown content in a cloud-based sandbox; performing an analysis of the unknown content in the cloud-based sandbox; obtaining events based on the analysis; running one or more exploit detection rules on the events; and providing a score based on a result of the one or more rules. The systems and methods can include classifying the unknown content as malware or clean based on the score. The analysis can include a static analysis and a dynamic analysis, with the events generated based thereon.

Abstract: To enable a private enterprise to subscribe to wireless service provided at a site of the private enterprise using a private radio access network (RAN), one embodiment is directed to a hyperscale network configured to: obtain subscription information for providing the wireless; determine initial configurations for physical entities deployed at the site; store the determined initial configurations in vendors clouds; deploy, in the hyperscale network, virtual entities needed to provide the wireless service; instruct the private enterprise to cause the physical entities deployed at the site to perform initial bootstrap processes whereby the physical entities download the determined initial configurations for use thereby in communicating with at least one of the virtual entities; and provide final configurations to the physical entities and the virtual entities for use thereby in configuring the physical entities and the virtual entities to provide the wireless service at the site using the RAN.

Abstract: Systems and methods include determining a plurality of features associated with executable files, wherein the plurality of features are each based on static properties in predefined structure of the executable files; obtaining training data that includes samples of benign executable files and malicious executable files; extracting the plurality of features from the training data; and utilizing the extracted plurality of features to train a machine learning model to detect malicious executable files.

Abstract: Systems and methods include, based on monitoring of content including Office documents, determining distribution of malicious Office documents between documents having malicious macros and documents having malicious embedded objects; determining features for the documents having malicious macros and for the documents having malicious embedded objects; selecting training data for a machine learning model based on the distribution and the features; and training the machine learning model with the selected training data.