Abstract: The present invention, in at least some aspects, is of splice variants of heparanase, as well as diagnostic kits and methods of use, and therapeutic agents and methods of use based thereon, and antibodies specifically binding thereof.

Abstract: Methods, systems, and computer-readable media for facilitating personalization of web content is provided, while protecting the privacy of the user data utilized to personalize the user's experience. A privacy vault may collect user data including user activity data, demographic data, and user interests submitted by a user. In one embodiment, the privacy vault operates on a user client device. The privacy vault sends the user data to a community vault that collects user data from multiple users. The community vault generates segment rules that whether a user belongs to a user segment, which expresses a user's interest. The segment rules are then communicated back to the privacy vault, which assigns one or more user segments to the user based on the user data available to the privacy vault and the segment rules. The privacy vault may communicate user segments to one or more content providers that supply personalized content that is selected based on the user segments provided.

Abstract: Systems, methods, and computer storage media having computer-executable instructions embodied thereon that provide contextual indicators associated with a user session are described. Content items within a document associated with a user session are selected. Upon receiving an indication that the user desires to perform a context-aware search, the document associated with the user session is analyzed for contextual information related to the content items selected by the user. Various “contextual indicators” associated with the user session are derived. The contextual indicators are provided for output in association with the user session. The contextual indicators may be fed to a search engine and used to identify search results that the user has an increased likelihood (relative to the current context surrounding the user) of desiring to access.

Abstract: A client-based ad agent dynamically determines whether an advertisement campaign should bid on an impression for an end user and/or sets the bid price of the advertisement campaign for the impression. When an opportunity for an impression on a web page is identified, the ad agent accesses user data associated with an end user. The ad agent analyzes the user data to identify the relevance and/or value of serving an impression to the end user to the advertisement campaign. Based on the analysis, the ad agent controls whether the advertisement campaign bids on the impression for the end user and/or sets the bid price of the advertisement campaign for the impression.

Abstract: Methods, systems, and computer-readable media for facilitating personalization of web content is provided, while protecting the privacy of the user data utilized to personalize the user's experience. A privacy vault may collect user data including user activity data, demographic data, and user interests submitted by a user. In one embodiment, the privacy vault operates on a user client device. The privacy vault sends the user data to a community vault that collects user data from multiple users. The community vault generates segment rules that whether a user belongs to a user segment, which expresses a user's interest. The segment rules are then communicated back to the privacy vault, which assigns one or more user segments to the user based on the user data available to the privacy vault and the segment rules. The privacy vault may communicate user segments to one or more content providers that supply personalized content that is selected based on the user segments provided.

Abstract: Systems, methods, and computer program products are described for controlling malicious activity detection with respect to information technology assets based on behavioral models associated with the respective information technology assets. Protection rules and corresponding sensitivities associated with the behavioral models are applied by protection services to detect malicious activity with respect to the information technology assets.

Abstract: Endpoints in an enterprise security environment are configured to adaptively switch from their normal data collection mode to a long-term, detailed data collection mode where advanced analyses are applied to the collected detailed data. Such adaptive data collection and analysis is triggered upon the receipt of a security assessment of a particular type, where a security assessment is defined as a tentative assignment by an endpoint of broader contextual meaning to information (i.e., data in some context) that is collected about an object of interest. A specialized endpoint is coupled to the security assessment channel and performs as a centralized audit point by subscribing to all security assessments, logging the security assessments, and also logging the local actions taken by endpoints in response to detected security incidents in the environment. The specialized endpoint is arranged to perform various analyses and processes on historical security assessments.

Abstract: An enterprise-wide sharing arrangement uses a semantic abstraction, called a security assessment, to share security-related information between different security products, called endpoints. A security assessment is defined as a tentative assignment by an endpoint of broader contextual meaning to information that is collected about an object of interest. Its tentative nature is reflected in two of its components: a fidelity field used to express the level of confidence in the assessment, and a time-to-live field for an estimated time period for which the assessment is valid. Endpoints may publish security assessments onto a security assessment channel, as well as subscribe to a subset of security assessments published by other endpoints. A specialized endpoint is coupled to the channel that performs as a centralized audit point by subscribing to all security assessments, logging the security assessments, and also logging the local actions taken by endpoints in response to security threats.

Abstract: An enterprise-wide sharing arrangement uses a semantic abstraction, called a security assessment, to share security-related information between security products, called endpoints. A security assessment is defined as a tentative assignment by an endpoint of broader contextual meaning to information that is collected about an object of interest. Endpoints utilize an architecture that comprises a common assessment sharing agent and a common assessment generating agent. The common assessment sharing agent is arranged for subscribing to security assessments, publishing security assessments onto a channel, maintaining an awareness of configuration changes on the channel (e.g., when a new endpoint is added or removed), and implementing security features like authorization, authentication and encryption.

Abstract: A system and method track changes to a document and analyze the changes to the document against a set of predefined queries without re-analyzing the entire document. Hence, after a document has been processed in the system (i.e., had its terms matched against the set of predefined queries), only a small subset of the document needs to be reprocessed and analyzed after changes (i.e., edits) are made. The analysis of the small subset is accomplished by maintaining an incremental-results data set for each document. The incremental-results data set is much smaller than the actual document, only comprising a set of unique words found in a document. After a document is changed, only the words deleted or added to the changed portion are used to update the incremental-results data set.