Abstract: A system for communicating email messages using tokens receives a request to send an email message to a receiver. The email message is associated with a sender's email address. The system determines whether the sender's email address is associated with a token from a plurality of tokens stored in a token-email address mapping table. The system generates a particular token for the sender's email address in response to determining that the sender's email address is not associated with a token, where the particular token uniquely identifies the sender's email address. The system sends the email message using the particular token instead of the sender's email address, such that the sender's email address remains anonymous from the perspective of the receiver.

Abstract: A system for communicating email messages using tokens receives a request to send an email message to a receiver. The email message is associated with a sender's email address. The system determines whether the sender's email address is associated with a token from a plurality of tokens stored in a token-email address mapping table. The system generates a particular token for the sender's email address in response to determining that the sender's email address is not associated with a token, where the particular token uniquely identifies the sender's email address. The system sends the email message using the particular token instead of the sender's email address, such that the sender's email address remains anonymous from the perspective of the receiver.

Abstract: A system for identifying email messages associated with phishing threats accesses an email message sent to a receiving computing device, where the email message is associated with a sender's email address. The system determines whether the sender's email address is associated with a token from a plurality of tokens stored in a token-email address mapping table. The system determines that the email message is associated with a phishing threat, in response to determining that the sender's email address is not associated with a token from a plurality of tokens from among a token-email mapping table.

Abstract: According to certain embodiments, a network security device comprises a memory operable to store testing options for testing malware behavior and a processor operably coupled to the memory. The processor is configured to intercept probes sent by a malware application and to test a set of test responses, each test response corresponds to a respective one of the testing options that comprises information that the probe seeks to obtain. For each test response, the test determines a test result indicating whether the test response resulted in stopping detonation of the malware application. Information indicating the test result and the test response that yielded the test result is input into a machine learning model configured to determine a malware defense profile based on the test information and to output the malware defense profile.

Abstract: According to certain embodiments, a device comprises a memory operable to store a malware defense profile associated with a malware application. The device further comprises a processor operably coupled to the memory. The processor is configured to intercept a probe sent by an application. The probe seeks to obtain information associated with an environment in which the application runs. The processor is configured to determine that the application that sent the probe corresponds to the malware application and, in response, determine a response to send to the malware application. To determine the response, the processor is configured to obtain the malware defense profile associated with the malware application, select an attribute of the malware defense profile to include in the response, prepare the response comprising the selected attribute, and send the response to the malware application. The selected attribute comprises a type of information that the probe seeks to obtain.

Abstract: A system for communicating email messages using tokens receives a request to send an email message to a receiver. The email message is associated with a sender's email address. The system determines whether the sender's email address is associated with a token from a plurality of tokens stored in a token-email address mapping table. The system generates a particular token for the sender's email address in response to determining that the sender's email address is not associated with a token, where the particular token uniquely identifies the sender's email address. The system sends the email message using the particular token instead of the sender's email address, such that the sender's email address remains anonymous from the perspective of the receiver.

Abstract: A system for identifying email messages associated with phishing threats accesses an email message sent to a receiving computing device, where the email message is associated with a sender's email address. The system determines whether the sender's email address is associated with a token from a plurality of tokens stored in a token-email address mapping table. The system determines that the email message is associated with a phishing threat, in response to determining that the sender's email address is not associated with a token from a plurality of tokens from among a token-email mapping table.