Abstract: A system includes reception of a database query, determination of result set output columns associated with the database query, and determination, for each of the determined result set output columns, of one or more data sources associated with the result set output column. Sensitivity information is determined for each of the one or more data sources based on metadata, and result set sensitivity information is determined based on the determined sensitivity information. A result set is determined based on the database query, and the result set and the result set sensitivity information are transmitted.

Abstract: A system includes reception of a database query, determination of result set output columns associated with the database query, and determination, for each of the determined result set output columns, of one or more data sources associated with the result set output column. Sensitivity information is determined for each of the one or more data sources based on metadata, and result set sensitivity information is determined based on the determined sensitivity information. A result set is determined based on the database query, and the result set and the result set sensitivity information are transmitted.

Abstract: A system includes reception of a database query, determination of result set output columns associated with the database query, and determination, for each of the determined result set output columns, of one or more data sources associated with the result set output column. Sensitivity information is determined for each of the one or more data sources based on metadata, and result set sensitivity information is determined based on the determined sensitivity information. A result set is determined based on the database query, and the result set and the result set sensitivity information are transmitted.

Abstract: Computer systems, devices, and associated methods of detecting and/or preventing injection attacks in databases are disclosed herein. In one embodiment, a method includes determining whether parsing a database statement received from an application on the application server cause a syntax error in a database. In response to determining that parsing the received database statement does not cause a syntax error, determining whether an identical syntactic pattern already exists. In response to determining that an identical syntactic pattern already exists in the database, the method includes indicating that the received database statement does not involve an injection attack.

Abstract: Query processors often receive queries to be processed against a data set, such as by inserting user input into parameterized fields of a query template. Some queries may be manipulated by user input (e.g., injection attacks) to introduce intentional errors in the query, where the error message reveals a protected detail about the data set, such as the existence or number of records or tables, the data set schema, and/or the configuration of the query processor. Instead, when the processing of a query results in an error message that contains a protected detail about the data set (including the query processor), the error message may be redacted to redact the protected detail before providing a redacted error message that avoids revealing information that might otherwise be usable to exploit the contents of the data set and/or the integrity of the data processor.

Abstract: Query processors often receive queries to be processed against a data set, such as by inserting user input into parameterized fields of a query template. Some queries may include a conditional statement, and manipulation of user input (e.g., injection attacks) may introduce a delay through a conditional branch. The time required to fulfill the query may indicate which conditional branch was taken, thus revealing properties of the data set that are intended to be withheld. Instead, a query processor may examine the query to identify, between a pair of conditional branches, a processing delay of the first conditional branch as compared with the second conditional branch. The query processor may identify a query adaptation that reduces the processing delay of the first conditional branch as compared with the second conditional branch, and evaluate the query against the data set according to the query adaptation to present a query result.

Abstract: Identifying suspicious activity at a database of a multi-database system. A global evaluation of a plurality of interactions associated with a plurality of databases included within the multi-database system may be performed. A local evaluation of a plurality of interactions associated with a particular database of the plurality of databases may also be performed. The plurality of interactions associated with the particular database may comprise a subset of the plurality of interactions associated with the plurality of databases. A combination of both the global evaluation and the local evaluation may be analyzed to thereby identify one or more suspicious activities occurring at the particular database. Based on the analysis of the combination of the global evaluation and the local evaluation, one or more suspicious activities occurring at the particular database may then be identified.

Abstract: Computer systems, devices, and associated methods of detecting and/or preventing injection attacks in databases are disclosed herein. In one embodiment, a method includes determining whether parsing a database statement received from an application on the application server cause a syntax error in a database. In response to determining that parsing the received database statement does not cause a syntax error, determining whether an identical syntactic pattern already exists. In response to determining that an identical syntactic pattern already exists in the database, the method includes indicating that the received database statement does not involve an injection attack.

Abstract: Computer systems, devices, and associated methods of detecting and/or preventing injection attacks in databases are disclosed herein. In one embodiment, a method includes determining whether parsing a database statement received from an application on the application server cause a syntax error in a database. In response to determining that parsing the received database statement does not cause a syntax error, determining whether an identical syntactic pattern already exists. In response to determining that an identical syntactic pattern already exists in the database, the method includes indicating that the received database statement does not involve an injection attack.

Abstract: A system includes reception of a database query, determination of result set output columns associated with the database query, and determination, for each of the determined result set output columns, of one or more data sources associated with the result set output column. Sensitivity information is determined for each of the one or more data sources based on metadata, and result set sensitivity information is determined based on the determined sensitivity information. A result set is determined based on the database query, and the result set and the result set sensitivity information are transmitted.

Abstract: Query processors often receive queries to be processed against a data set, such as by inserting user input into parameterized fields of a query template. Some queries may include a conditional statement, and manipulation of user input (e.g., injection attacks) may introduce a delay through a conditional branch. The time required to fulfill the query may indicate which conditional branch was taken, thus revealing properties of the data set that are intended to be withheld. Instead, a query processor may examine the query to identify, between a pair of conditional branches, a processing delay of the first conditional branch as compared with the second conditional branch. The query processor may identify a query adaptation that reduces the processing delay of the first conditional branch as compared with the second conditional branch, and evaluate the query against the data set according to the query adaptation to present a query result.

Abstract: Query processors often receive queries to be processed against a data set, such as by inserting user input into parameterized fields of a query template. Some queries may be manipulated by user input (e.g., injection attacks) to introduce intentional errors in the query, where the error message reveals a protected detail about the data set, such as the existence or number of records or tables, the data set schema, and/or the configuration of the query processor. Instead, when the processing of a query results in an error message that contains a protected detail about the data set (including the query processor), the error message may be redacted to redact the protected detail before providing a redacted error message that avoids revealing information that might otherwise be usable to exploit the contents of the data set and/or the integrity of the data processor.

Abstract: Identifying suspicious activity at a database of a multi-database system. A global evaluation of a plurality of interactions associated with a plurality of databases included within the multi-database system may be performed. A local evaluation of a plurality of interactions associated with a particular database of the plurality of databases may also be performed. The plurality of interactions associated with the particular database may comprise a subset of the plurality of interactions associated with the plurality of databases. A combination of both the global evaluation and the local evaluation may be analyzed to thereby identify one or more suspicious activities occurring at the particular database. Based on the analysis of the combination of the global evaluation and the local evaluation, one or more suspicious activities occurring at the particular database may then be identified.

Abstract: Computer systems, devices, and associated methods of detecting and/or preventing injection attacks in databases are disclosed herein. In one embodiment, a method includes determining whether parsing a database statement received from an application on the application server cause a syntax error in a database. In response to determining that parsing the received database statement does not cause a syntax error, determining whether an identical syntactic pattern already exists. In response to determining that an identical syntactic pattern already exists in the database, the method includes indicating that the received database statement does not involve an injection attack.

Abstract: Systems and techniques are disclosed for improving the management of data contracts during a software development lifecycle. A system can include a data contract metadata store, components for interacting with the metadata store to support development tool integration, and interchange features for verified build processes. A service can be provided that receives a developer package from a development client application, parses the developer package to generate data contract metadata, modifies a data contract metadata store in accordance with at least one command received with the developer package, and communicates notification data, when included with the data contract metadata, to a notification service.

Abstract: Aspects of the subject matter described herein relate to a mechanism for assessing security. In aspects, an analytics engine is provided that manages execution, information storage, and data passing between various components of a security system. When data is available for analysis, the analytics engine determines which security components to execute and the order in which to execute the security components, where in some instances two or more components may be executed in parallel. The analytics engine then executes the components in the order determined and passes output from component to component as dictated by dependencies between the components. This is repeated until a security assessment is generated or updated. The analytics engine simplifies the work of creating and integrating various security components.

Abstract: A security investigation system uses a central server to distribute requests for security information regarding an asset, receive responses, and manage the information in the responses in a case object. Requests may be distributed to various servers, each of which may have an agent that may receive the request, search various databases, logs, and other locations, and generate a response. A case object may be continually updated in some embodiments. The case object may be viewed, analyzed, and other requests generated using automated or manual tools. A case object may be sanitized for analysis without compromising sensitive information.

Abstract: Methods and computer readable mediums are described that facilitate inviting user entities on a network. The method may include initiating a first application for sending an invitation by a first user entity on a first endpoint, selecting a second user entity to receive the invitation, and selecting an activity. The method may also include sending from the first endpoint to the second user entity the invitation to participate in the activity if the first endpoint determines the activity is supported by a computing application on the first endpoint.

Abstract: Systems and methods are described that facilitate the management of contact information, at least some of the contact information related to entities in a serverless, peer-to-peer system. A contact store may store information regarding which other entities of a plurality of other entities are authorized to monitor presence of a user entity. Presence of an entity may generally indicate the willingness and/or ability of the entity to communicate and/or collaborate with other entities, for example. The contact store may also store information regarding which other entities of the plurality of other entities the presence of which should be monitored by the system. A user entity may be able to add contacts to and/or delete contacts from the contact store, for example.

Abstract: A method of discovering a community relay node within a network community wherein the community relay node is operatively coupled to an access-protected client and adapted to facilitate communication between the access-protected client and a requesting client, includes receiving a request message from a requesting client relating to a request for a community relay node, associating the request message with a serverless name resolution protocol name, selecting a community relay node from among a list of community relay nodes based on the serverless name resolution protocol name, wherein the list of community relay nodes comprises at least one internet protocol address associated with a community relay node, and returning an internet protocol address of the selected community relay node to the requesting client.