Abstract: Techniques for mitigating network failures (e.g., SLA violations, service degradations, network outages, etc.) based on output(s) from a predictive network system. The techniques may include determining that a failure is predicted to occur in a network and determining a correlation between the failure and a previous failure that occurred in the network. In examples, the correlation may be determined using a machine-learned model. The techniques may also include determining, based at least in part on the correlation, a condition contributing to the failure. In this way, prior to occurrence of the failure, a parameter associated with the network may be altered based at least in part on the condition to mitigate or otherwise prevent the failure.

Abstract: This disclosure describes techniques for predicting and accommodating for outages in a satellite network using crowdsourced data. An example method includes receiving outage data indicating first outages experienced by first endpoints in a first geographical region. The first outages, for instance, include interruptions in communication between first satellites and the first endpoints. The example method further includes predicting, based on the outage data, a second outage comprising an interruption in communication between at least one second satellite and a second endpoint in a second geographical region. Further, the example method includes causing the second endpoint to transmit user data over a secondary network in advance of the second outage.

Abstract: In one embodiment, a device obtains transaction data regarding a transaction attempted by a client of an online application to access confidential information within the online application. The transaction data is captured by instrumentation code inserted into the online application at runtime. The device permits, based on a policy, the transaction to complete within the online application. The device determines, based on the policy, a set of one or more client-side functions to disable during the transaction. The device instructs an agent executed by the client to disable the set of one or more client-side functions during the transaction.

Abstract: In one embodiment, a device obtains data regarding a transaction attempted by a user within an online application that is captured by instrumentation code that is inserted into the online application at runtime, wherein the user has sufficient privileges within the online application to perform the transaction; The device sends, based on the data regarding the transaction, one or more approval requests to one or more authorizers. The device receives one or more responses to the one or more approval requests. The device blocks, and based on the one or more responses, the transaction attempted by the user within the online application via the instrumentation code.

Abstract: In one embodiment, a device obtains transaction data regarding a transaction attempted within a software development environment, wherein the transaction data is captured by instrumentation code inserted into the software development environment at runtime. The device identifies, based on the transaction data, an access policy for the transaction. The device makes, based on the access policy, a determination that the transaction is not authorized. The device causes, via the instrumentation code, the transaction to be blocked from completing within the software development environment.

Abstract: A trigger to enable data traffic replication in a wireless network may be provided. A data packet comprising a Differentiated Service Code Point (DSCP) field in a header may be received. A determination may be made that the data packet comprises a candidate traffic for bi-casting. In response to determining that the data packet comprises the candidate traffic for bi-casting, a flag may be set in the DSCP field in the header of the data packet. The flag triggers bi-casting of the data packet. The data packet may be sent to a destination device.

Abstract: This disclosure describes techniques for tracking aircraft using a satellite network. An example method includes receiving ADS-B messages from multiple aircraft; determining that at least one of the ADS-B messages satisfies at least one condition; and in response to determining that at least one of the ADS-B messages satisfies the at least one condition, transmitting an alert. In some cases, a system transmits an instruction to perform the example method to at least one satellite and receives the alert.

Abstract: Techniques for, among other things, embedding metadata in network traffic without having to implement an overlay network. By way of example, and not limitation, the techniques described herein may include receiving an Ethernet packet at a network node and determining that a preamble of the Ethernet packet includes metadata. The metadata may, in some examples, be associated with the Ethernet packet itself, a flow that the Ethernet packet belongs to, etc. Based at least in part on the metadata, a policy decision may be made for handling the Ethernet packet, and the Ethernet packet may be handled in accordance with the policy decision.

Abstract: Method for application control and Quality of Service (QoS) handling may be provided. A request may be received for scheduling a communication between an Access Point (AP) and a user device for sending data of an application. It may be determined that the request does not comprise network characteristics of the application. In response to determining that the request does not comprise the network characteristics of the application, the network characteristics may be requested from a Wireless Local Area Network (WLAN) controller. The network characteristics may be received from the WLAN controller. Schedules for the application may be determined based on the network characteristics. The schedules may be enabled.

Abstract: An example method identifying a request to access or modify a data resource. The request is made by a user. The example method further includes authenticating the user. Based on authenticating the user, the example method includes determining that the request is associated with a malicious intent based on a characteristic of the user. Further, based on determining that the request is associated with the malicious intent, the example method includes blocking the user from accessing or modifying the data resource.

Abstract: In one embodiment, a method herein comprises: obtaining a software bill of materials for an application, the software bill of materials listing a plurality of components associated with the application; monitoring runtime execution of the application; measuring usage of each individual component of the plurality of components associated with the application during the runtime execution of the application; and generating a usage report for the software bill of materials based on the usage each individual component of the plurality of components associated with the application during the runtime execution of the application.

Abstract: In one embodiment, service mesh monitoring with infrastructure awareness is provided herein. An example method herein may comprise: parsing, by a service mesh manager process, a package manager chart to learn a plurality of cloud resources associated with a given application; monitoring performance metrics for each individual resource for the plurality of cloud resources; aggregating the performance metrics for each individual resource into an overall performance level of the given application; and generating a holistic health report of the overall performance level of the given application that is further indicative of the performance metrics for each individual resource.

Abstract: In one embodiment, a method herein comprises: determining, by a service mesh process, whether a problematic metric for an application is based on a transport network to a cloud infrastructure or is within the cloud infrastructure; delineating, in response to the problematic metric being within the cloud infrastructure, cloud infrastructure network contribution versus application microservice architecture contribution to the problematic metric; determining, in response to the application microservice architecture contribution being a primary contributor to the problematic metric as compared to the cloud infrastructure network contribution, whether the problematic metric is due to a software issue or a hardware issue of the cloud infrastructure, a high load issue with application microservices of the cloud infrastructure for the application, or else an issue with the application itself; and exporting a corresponding determination related to whether the problematic metric is due to the transport network, the clo

Abstract: In one embodiment, a method herein comprises: collecting, by an agent on a device, telemetry data based on operation of the device; processing, by the agent, the telemetry data to establish an enhanced assessment in relation to the telemetry data; generating, by the agent, a contextually informative notation based on the enhanced assessment established in relation to the telemetry data; and transporting, from the agent, a virtual telemetry span based on the telemetry data and containing the contextually informative notation toward a collector configured to process the virtual telemetry span as part of an associated trace for insight into the operation of the device.

Abstract: In one embodiment, a method herein comprises: determining, by a service mesh process, whether a problematic metric for an application is based on a transport network to a cloud infrastructure or is within the cloud infrastructure; delineating, in response to the problematic metric being within the cloud infrastructure, cloud infrastructure network contribution versus application microservice architecture contribution to the problematic metric; determining, in response to the application microservice architecture contribution being a primary contributor to the problematic metric as compared to the cloud infrastructure network contribution, whether the problematic metric is due to a software issue or a hardware issue of the cloud infrastructure, a high load issue with application microservices of the cloud infrastructure for the application, or else an issue with the application itself; and exporting a corresponding determination related to whether the problematic metric is due to the transport network, the clo

Abstract: In one embodiment, a device obtains transaction data regarding a transaction attempted by a client of an online application within the online application. The transaction data is captured by instrumentation code inserted into the online application at runtime. The device identifies, based on the transaction data, traffic in a network associated with the transaction. The device associates, based on the transaction data, a measure of importance with the traffic. The device causes the traffic to be sent by a networking device in the network according to its associated measure of importance.

Abstract: Techniques and systems described herein relate to monitoring executions of computer instructions on computing devices based on learning and generating a control flow directed graph. The techniques and systems include determining an observation phase for a process or application on a computing device. During the observation phase, CPU telemetry is determined and used to generate a control flow directed graph. After the control flow directed graph is generated, a monitoring phase may be entered where transfers of instruction pointers are monitored based on the control flow directed graph to identify invalid transfers.

Abstract: Techniques and systems described herein relate to monitoring executions of computer instructions on computing devices based on learning and generating a control flow directed graph. The techniques and systems include receiving a report of a first anomaly based on real-time control flow graph diagram monitoring of an application at a first system and receiving a second report of a second anomaly from a second system. An exploit report may be generated by providing the first report and the second report to a machine learning model trained to output information related to an exploit based on input reports, and subsequently to provide the output information to a cloud-based reporting tool.

Abstract: Techniques for introducing Open Telemetry (OTEL) into the operating system (OS) level of network devices are described. A method for performing OTEL network device management may include receiving, by a network device, a first packet. The method may also include identifying, by the network device, that the first packet contains information indicating an active OTEL trace, wherein the OS of the network device is configured for OTEL. The method may also include generating, by the network device, an OTEL trace span associated with the network device. The method may also include generating, by the network device, a second packet that includes the OTEL trace span associated with the network device. Finally, the method may include transmitting, by the network device and via OTEL line protocol (OTLP) the second packet to an OTEL collector.

Abstract: This disclosure describes techniques for complying with a data sovereignty policy of data routed through a satellite network. An example method includes identifying data comprising a data sovereignty label indicating a first geographical region; determining that a coverage region of a satellite includes a first ground station in the first geographical region; determining that coverage region excludes a second ground station in a second geographical region; and based on determining that the coverage area includes the first ground station and excludes the second ground station, transmitting the data to the satellite.