The present disclosure describes systems and methods for detection and mitigation of malicious encryption. A security agent on an infected computing device may monitor data writes to disk, memory, or network transmission buffers for strings that may represent encryption keys or moduli. The security agent may apply one or more techniques to decode and parse the string to either identify or extract the keys, or rule out the string as containing an encryption key or modulus. If a key is identified, or its presence cannot be excluded, then the security agent may generate an alert and take mitigation actions.
Embodiments of systems and methods for DNS leak prevention and protection are disclosed herein. In particular, certain embodiments include a local DNS protection agent installed on a system and an associated trusted external DNS protection server. The DNS protection agent prevents DNS leaks from applications on the system such that all DNS requests from the system are confined to requests from the DNS protection agent to the associated DNS protection server. As the DNS leak prevention provided by the DNS protection agent stops applications on the system from circumventing the DNS protection server, all DNS requests originating from the system remain under the control of the DNS protection server and thus desired DNS protection (e.g., as implemented on the DNS protection server) may be maintained. Certain embodiments prevent applications from using certain DNS security protocols, such as DoH and DoT, without going through the DNS protection agent.
H04L 61/4511 - Répertoires de réseauCorrespondance nom-adresse en utilisant des répertoires normalisésRépertoires de réseauCorrespondance nom-adresse en utilisant des protocoles normalisés d'accès aux répertoires en utilisant le système de noms de domaine [DNS]
H04L 67/60 - Ordonnancement ou organisation du service des demandes d'application, p. ex. demandes de transmission de données d'application en utilisant l'analyse et l'optimisation des ressources réseau requises
3.
METHODS AND SYSTEMS OF CONTENT INTEGRATION FOR GENERATIVE ARTIFICIAL INTELLIGENCE
Systems and methods are provided for a device to obtain a query, such as from a user. The query is vectorized to obtain a numerical representation of the query and provided to a vector database to find the nearest vectors corresponding to most relevant context, such as for a particular domain or subject matter. The query, query vector, and context vectors, and optionally past query history and past query responses, are provided to an artificial intelligence, such as a large language model (LLM), to receive a response to the query without providing the context to the LLM.
A text mining system providing NLP and NLU capabilities is operable to perform, at a first processing layer, a first operation on input data to produce metadata about the input data. At a second processing layer, a rules module applies a composite AI extraction rule to further process the input data. The composite AI extraction rule has a rule condition that leverages the metadata from the first operation and a rule action that involves a second operation. Other composite AI extraction rules involving multiple text mining operations may also be applied. For instance, a rule may specify using the tonality of a document from a sentiment analysis to classify the document according to a relevant taxonomy. Another rule may specify classifying documents of a particular type under a specific category. In this way, new/enhanced information about the input data can be deduced, validated, and/or enriched.
G06F 16/38 - Recherche caractérisée par l’utilisation de métadonnées, p. ex. de métadonnées ne provenant pas du contenu ou de métadonnées générées manuellement
A firewall monitors network activity and stores information about that network activity in a network activity log. The network activity is analyzed to identify a potential threat. The potential threat is further analyzed to identify other potential threats that are related to the potential threat, and are likely to pose a future risk to a protected network. A block list is updated to include the potential threat and the other potential threats to protect the protected network from the potential threat and the other potential threats.
H04L 41/069 - Gestion des fautes, des événements, des alarmes ou des notifications en utilisant des journaux de notificationsPost-traitement des notifications
Disclosed are hybrid authentication systems and methods that enable users to seamlessly sign-on between cloud-based services and on-premises systems. A cloud-based authentication service receives login credentials from a user and delegates authentication to an on-premises authentication service proxy. The login credentials can be passed by the cloud-based authentication service to the on-premises authentication service proxy, for instance, as an access token in an authentication header. The access token can be a JavaScript Object Notation (JSON) Web Token (JWT) token that is digitally signed using JSON Web Signature. Some embodiments utilize a tunnel connection through which the cloud-based authentication service communicates with the on-premises authentication service proxy. Some embodiments leverage an on-premises identity management system for user management and authentication. In this way, there is no need for a cloud-based system to separately maintain and manage a user identity management system and/or having to sync with an on-premises identity management system.
G06F 21/33 - Authentification de l’utilisateur par certificats
G06F 21/41 - Authentification de l’utilisateur par une seule ouverture de session qui donne accès à plusieurs ordinateurs
H04L 9/32 - Dispositions pour les communications secrètes ou protégéesProtocoles réseaux de sécurité comprenant des moyens pour vérifier l'identité ou l'autorisation d'un utilisateur du système
7.
SYSTEM, METHOD AND COMPUTER PROGRAM PRODUCT TO GENERATE A WEB APPLICATION USING REUSABLE THEMES
In general, the technology relates to a method for using reusable themes. The method includes receiving, from a browser executing on a device, a request for a theme implementation file, wherein the theme implementation file defines a look and feel style for a webpage and specifies a relative location for content that is used by the look and feel style, receiving, from the browser executing on the device, a request for the content, wherein the request for the content comprises the relative location of the content, resolving the relative location for the content to generate an absolute location for the content using a location of the theme implementation file, receiving the content from the absolute location of the content and forwarding the content to the device.
G06F 40/154 - Transformation en arborescence pour documents en configuration arborescente ou balisés, p. ex. langages XSLT, XSL-FO ou feuilles de style
G06F 16/955 - Recherche dans le Web utilisant des identifiants d’information, p. ex. des localisateurs uniformisés de ressources [uniform resource locators - URL]
G06F 16/958 - Organisation ou gestion de contenu de sites Web, p. ex. publication, conservation de pages ou liens automatiques
Systems and methods for image modification to increase contrast between text and non-text pixels within the image. In one embodiment, an original document image is scaled to a predetermined size for processing by a convolutional neural network. The convolutional neural network identifies a probability that each pixel in the scaled is text and generates a heat map of these probabilities. The heat map is then scaled back to the size of the original document image, and the probabilities in the heat map are used to adjust the intensities of the text and non-text pixels. For positive text, intensities of text pixels are reduced and intensities of non-text pixels are increased in order to increase the contrast of the text against the background of the image. Optical character recognition may then be performed on the contrast-adjusted image.
G06V 10/82 - Dispositions pour la reconnaissance ou la compréhension d’images ou de vidéos utilisant la reconnaissance de formes ou l’apprentissage automatique utilisant les réseaux neuronaux
G06F 18/2413 - Techniques de classification relatives au modèle de classification, p. ex. approches paramétriques ou non paramétriques basées sur les distances des motifs d'entraînement ou de référence
G06N 5/046 - Inférence en avantSystèmes de production
G06T 3/4046 - Changement d'échelle d’images complètes ou de parties d’image, p. ex. agrandissement ou rétrécissement utilisant des réseaux neuronaux
G06T 5/92 - Modification de la plage dynamique d'images ou de parties d'images basée sur les propriétés globales des images
G06V 10/22 - Prétraitement de l’image par la sélection d’une région spécifique contenant ou référençant une formeLocalisation ou traitement de régions spécifiques visant à guider la détection ou la reconnaissance
G06V 10/44 - Extraction de caractéristiques locales par analyse des parties du motif, p. ex. par détection d’arêtes, de contours, de boucles, d’angles, de barres ou d’intersectionsAnalyse de connectivité, p. ex. de composantes connectées
G06V 20/62 - Texte, p. ex. plaques d’immatriculation, textes superposés ou légendes des images de télévision
G06V 30/18 - Extraction d’éléments ou de caractéristiques de l’image
G06V 30/19 - Reconnaissance utilisant des moyens électroniques
G06V 30/413 - Classification de contenu, p. ex. de textes, de photographies ou de tableaux
G06V 30/414 - Extraction de la structure géométrique, p. ex. arborescenceDécoupage en blocs, p. ex. boîtes englobantes pour les éléments graphiques ou textuels
Methods, devices and computer program products facilitate the storage, access and management of log files that are associated with particular client devices. The log files provide a record of user or client device activities that are periodically sent to a data backup center. A dedicated log file server facilitates the processing and storage of an increasingly large number of log files that are generated by new and existing client devices. A storage server pre-processes the received log files to facilitate the processing and storage of the log files by the log file server. This Abstract is provided for the sole purpose of complying with the Abstract requirement rules. This Abstract is submitted with the explicit understanding that it will not be used to interpret or to limit the scope or the meaning of the claims.
G06F 16/10 - Systèmes de fichiersServeurs de fichiers
G06F 3/06 - Entrée numérique à partir de, ou sortie numérique vers des supports d'enregistrement
G06F 11/14 - Détection ou correction d'erreur dans les données par redondance dans les opérations, p. ex. en utilisant différentes séquences d'opérations aboutissant au même résultat
G06F 11/34 - Enregistrement ou évaluation statistique de l'activité du calculateur, p. ex. des interruptions ou des opérations d'entrée–sortie
G06F 16/17 - Détails d’autres fonctions de systèmes de fichiers
G06F 16/174 - Élimination de redondances par le système de fichiers
G06F 17/40 - Acquisition et consignation de données
10.
SYSTEM AND METHOD FOR PREDICTING DOMAIN REPUTATION
A computer system comprising a processor and a memory storing instructions that, when executed by the processor, cause the computer system to perform a set of operations. The set of operations comprises collecting domain attribute data comprising one or more domain attribute features for a domain, collecting sampled domain profile data comprising one or more domain profile features for the domain and generating, using the domain attribute data and the sampled domain profile data, a domain reputation assignment utilizing a neural network.
G06N 5/02 - Représentation de la connaissanceReprésentation symbolique
11.
SYSTEMS AND METHODS FOR IMAGE BASED CONTENT CAPTURE AND EXTRACTION UTILIZING DEEP LEARNING NEURAL NETWORK AND BOUNDING BOX DETECTION TRAINING TECHNIQUES
Systems, methods, and computer program products for image recognition in which instructions are executable by a processor to dynamically generate simulated documents and corresponding images, which are then used to train a fully convolutional neural network. A plurality of document components are provided, and the processor selects subsets of the document components. The document components in each subset are used to dynamically generate a corresponding simulated document and a simulated document image. The convolutional neural network processes the simulated document image to produce a recognition output. Information corresponding to the document components from which the image was generated is used as an expected output. The recognition output and expected output are compared, and weights of the convolutional neural network are adjusted based on the differences between them.
G06V 10/82 - Dispositions pour la reconnaissance ou la compréhension d’images ou de vidéos utilisant la reconnaissance de formes ou l’apprentissage automatique utilisant les réseaux neuronaux
G06F 18/214 - Génération de motifs d'entraînementProcédés de Bootstrapping, p. ex. ”bagging” ou ”boosting”
G06F 18/2413 - Techniques de classification relatives au modèle de classification, p. ex. approches paramétriques ou non paramétriques basées sur les distances des motifs d'entraînement ou de référence
G06V 30/18 - Extraction d’éléments ou de caractéristiques de l’image
G06V 30/19 - Reconnaissance utilisant des moyens électroniques
G06V 30/413 - Classification de contenu, p. ex. de textes, de photographies ou de tableaux
G06V 30/414 - Extraction de la structure géométrique, p. ex. arborescenceDécoupage en blocs, p. ex. boîtes englobantes pour les éléments graphiques ou textuels
Embodiments disclosed herein relate to systems and methods for providing a smart cache. In embodiments, a variable time to live (TTL) may be calculated and associated with data as it is stored in a cache. The variable TTL may be calculated based upon reputation and/or category information related to the source of the data. The reputation and/or category information may include TTL modifiers for adjusting the TTL for data from a particular data source that is stored in the cache. In further embodiments, a feedback method may be employed to update reputation and/or category information for a particular data source.
H04L 67/5682 - Politiques ou règles de mise à jour, de suppression ou de remplacement des données stockées
G06F 12/0802 - Adressage d’un niveau de mémoire dans lequel l’accès aux données ou aux blocs de données désirés nécessite des moyens d’adressage associatif, p. ex. mémoires cache
G06F 12/0864 - Adressage d’un niveau de mémoire dans lequel l’accès aux données ou aux blocs de données désirés nécessite des moyens d’adressage associatif, p. ex. mémoires cache utilisant des moyens pseudo-associatifs, p. ex. associatifs d’ensemble ou de hachage
G06F 12/0875 - Adressage d’un niveau de mémoire dans lequel l’accès aux données ou aux blocs de données désirés nécessite des moyens d’adressage associatif, p. ex. mémoires cache avec mémoire cache dédiée, p. ex. instruction ou pile
G06F 12/128 - Commande de remplacement utilisant des algorithmes de remplacement adaptée aux systèmes de mémoires cache multidimensionnelles, p. ex. associatives d’ensemble, à plusieurs mémoires cache, multi-ensembles ou multi-niveaux
G06F 16/957 - Optimisation de la navigation, p. ex. mise en cache ou distillation de contenus
Systems and methods are provided for a device to obtain a query, such as from a user. The query is vectorized to obtain a numerical representation of the query and provided to a vector database to find the nearest vectors corresponding to most relevant context, such as for a particular domain or subject matter. The query, query vector, and context vectors, and optionally past query history and past query responses, are provided to an artificial intelligence, such as a large language model (LLM), to receive a response to the query without providing the context to the LLM.
Methods and systems for determining, presenting and analyzing API usage of an application are disclosed herein. Embodiments of an API monitor as presented herein may serve to provide tightly coupled insight into API usage by an application to ascertain and provide knowledge and visibility into API usage by an application associated with the API monitor, including API calls made by both a frontend and a backend of an application.
H04L 67/025 - Protocoles basés sur la technologie du Web, p. ex. protocole de transfert hypertexte [HTTP] pour la commande à distance ou la surveillance à distance des applications
H04L 67/10 - Protocoles dans lesquels une application est distribuée parmi les nœuds du réseau
A protection module operates to analyze threats, at the protocol level (e.g., at the HTML level), by intercepting all requests that a browser engine resident in a computing device sends and receives, and the protection agent completes the requests without the help of the browser engine. And then the protection module analyzes and/or modifies the completed data before the browser engine has access to it, to, for example, display it. After performing all of its processing, removing, and/or adding any code as needed, the protection module provides the HTML content to the browser engine, and the browser engine receives responses from the protection agent as if it was speaking to an actual web server, when in fact, browser engine is speaking to an analysis engine of the protection module.
Systems, methods and products for enabling parallelized verification of a forensic copy generated using a non-parallelizable hashing algorithm. Disclosed embodiments generate the forensic copy of a data source using a non-parallelizable algorithm. In addition to generating a hash of the source data, intermediate hash states are stored for successive blocks of data from the data source. During verification of the forensic copy, the intermediate hash states and identifiers of the data blocks are retrieved from a data structure that is saved with the forensic copy. The non-parallelizable algorithm is used to hash each data block using the intermediate hash state preceding the data block as a starting hash state, then the hash of the data block is compared to the intermediate hash state following the data block to verify the data block. If all data blocks are successfully verified, the forensic copy is verified, otherwise verification fails.
H04L 9/06 - Dispositions pour les communications secrètes ou protégéesProtocoles réseaux de sécurité l'appareil de chiffrement utilisant des registres à décalage ou des mémoires pour le codage par blocs, p. ex. système DES
H04L 9/00 - Dispositions pour les communications secrètes ou protégéesProtocoles réseaux de sécurité
Ideogram character analysis includes partitioning an original ideogram character into strokes and mapping each stroke to a corresponding stroke identifier (id) to create an original stroke id sequence that includes stroke identifiers. A candidate ideogram character that has a candidate stroke id sequence within a threshold distance to the original stroke id sequence is selected. One or more embodiments may create a new phrase by replacing the original ideogram character with the candidate ideogram character in a search phrase. One or more embodiments perform a search using the search phrase and the new phrase to obtain a result and present the result. One or more embodiments may replace an original ideogram character in a character recognized document with the candidate ideogram character and store the character recognized document.
G06F 16/583 - Recherche caractérisée par l’utilisation de métadonnées, p. ex. de métadonnées ne provenant pas du contenu ou de métadonnées générées manuellement utilisant des métadonnées provenant automatiquement du contenu
G06F 16/9038 - Présentation des résultats des requêtes
G06V 10/70 - Dispositions pour la reconnaissance ou la compréhension d’images ou de vidéos utilisant la reconnaissance de formes ou l’apprentissage automatique
G06V 10/98 - Détection ou correction d’erreurs, p. ex. en effectuant une deuxième exploration du motif ou par intervention humaineÉvaluation de la qualité des motifs acquis
G06V 30/28 - Reconnaissance de caractères spécialement adaptée au type de l’alphabet, p. ex. à l’alphabet latin
Core entities are each defined as a subset of base entities that satisfy one or more core entity connection relationships. Base stories are each defined as a subset of core entities that satisfy one or more story connection relationships. A risk score of each core entity is calculated based on previously calculated risk scores of the base entities. A risk score of each base story is calculated based on the calculated risk score of each core entity of the base story. Selected base stories are extended with external content to generate corresponding extended stories.
Core entities are each defined as a subset of base entities that satisfy one or more core entity connection relationships. Base stories are each defined as a subset of core entities that satisfy one or more story connection relationships. A risk score of each core entity is calculated based on previously calculated risk scores of the base entities. A risk score of each base story is calculated based on the calculated risk score of each core entity of the base story. Selected base stories are extended with external content to generate corresponding extended stories.
G06F 21/57 - Certification ou préservation de plates-formes informatiques fiables, p. ex. démarrages ou arrêts sécurisés, suivis de version, contrôles de logiciel système, mises à jour sécurisées ou évaluation de vulnérabilité
Examples of the present disclosure describe systems and methods for discrete processor feature behavior collection and analysis. In aspects, a monitoring utility may initialize a set of debugging and/or performance monitoring feature sets for a microprocessor. When the microprocessor receives from software content a set of instructions that involves the loading of a set of modules or code segments, the set of modules or code segments may be evaluated by the monitoring utility. The monitoring utility may generate a process trace of the loaded set of modules or code segments. Based on the process trace output, various execution paths may be reconstructed in real-time. The system and/or API calls made by the microprocessor may then be compared to the process trace output to quickly observe the interaction between the software content and the operating system of the microprocessor.
Domain-specific images used for training an optical character recognition (OCR) machine learning model are generated as follows. Universal resource locator (URL) addresses of web pages associated with a particular domain are retrieved. Words in the web pages associated with the particular domain are determined. Domain-relevant n-grams of the words are identified for the particular domain. Corresponding domain-specific images of each domain-relevant n gram for the particular domain are generated.
G06V 30/19 - Reconnaissance utilisant des moyens électroniques
G06V 10/764 - Dispositions pour la reconnaissance ou la compréhension d’images ou de vidéos utilisant la reconnaissance de formes ou l’apprentissage automatique utilisant la classification, p. ex. des objets vidéo
In general, embodiments of the technology relate to a method and system for implementing a dynamic content type (DCT) in a content management system. More specifically, embodiments of the technology relate to using a DCT in order to change and/or extend the functionality of the content management system.
H04L 67/1097 - Protocoles dans lesquels une application est distribuée parmi les nœuds du réseau pour le stockage distribué de données dans des réseaux, p. ex. dispositions de transport pour le système de fichiers réseau [NFS], réseaux de stockage [SAN] ou stockage en réseau [NAS]
Examples of the present disclosure describe systems and methods for providing advanced file modification heuristics. In aspects, software content is selected for monitoring. The monitoring comprises determining when the software content performs file accesses that are followed by read and/or write operations. The read/write operations are analyzed in real-time to determine whether the software content is modifying file content. If the monitoring indicates the software content is modifying accessed files, mathematical calculations are applied to the read-write operations to determine the nature of the modifications. Based on the determined nature of the file modifications, the actions of the software content may be categorized and halted prior to completion; thereby, mitigating malicious cyberattacks and/or unauthorized accesses.
Examples of the present disclosure describe systems and methods of providing real-time scanning of IP addresses. In aspects, input may be received by a real-time IP scanning system. The system may generate one or more work orders based on the input. A scanner associated with the system may access a work order and attempt to communicate with one or more devices identified by the work order. If the attempted communication with a device is successful, a protocol analyzer may be used to provide a predefined payload to the device. If the response from the device matches an expected string, the device may be determined to be a safe and/or legitimate device. If the response from the device does not match an expected string, the device may be determined to be a malicious device.
G06F 21/57 - Certification ou préservation de plates-formes informatiques fiables, p. ex. démarrages ou arrêts sécurisés, suivis de version, contrôles de logiciel système, mises à jour sécurisées ou évaluation de vulnérabilité
Systems and methods for the design, deployment and utilization of targeted communications based upon audiences are disclosed. More specifically, embodiments may allow the targeting of communications to users based on a user's audience affiliation and may allow the dynamic targeting of communications based on an audience with which a user is affiliated, including audiences determined from user interactions with a web site.
H04N 21/442 - Surveillance de procédés ou de ressources, p. ex. détection de la défaillance d'un dispositif d'enregistrement, surveillance de la bande passante sur la voie descendante, du nombre de visualisations d'un film, de l'espace de stockage disponible dans le disque dur interne
G06Q 30/02 - MarketingEstimation ou détermination des prixCollecte de fonds
H04N 21/45 - Opérations de gestion réalisées par le client pour faciliter la réception de contenu ou l'interaction avec le contenu, ou pour l'administration des données liées à l'utilisateur final ou au dispositif client lui-même, p. ex. apprentissage des préférences d'utilisateurs pour recommander des films ou résolution de conflits d'ordonnancement
H04N 21/658 - Transmission du client vers le serveur
27.
Data Processing System for Automatic Presetting of Controls in an Evaluation Operator Interface
One embodiment comprises a data processing system for populating selections in an evaluation operator interface. The system may record voice sessions of phone calls, transcribe the voice sessions and store transactions including the voice sessions and transcripts. The system receives a request from a client computer for an evaluation to evaluate a transaction that was assigned an automated score according to the automated scoring template based on a transcript of the transaction having matched a lexicon. The system generates the evaluation. Generating the evaluation comprises setting an answer control for a question in the evaluation to a preselected answer based on a defined correspondence between the automated score and the preselected answer, the preselected answer selected from a defined set of acceptable answers to the question. The system may generate page code for the answer control that sets the answer control to the preselected answer.
A text mining system providing NLP and NLU capabilities is operable to perform, at a first processing layer, a first operation on input data to produce metadata about the input data. At a second processing layer, a rules module applies a composite AI extraction rule to further process the input data. The composite AI extraction rule has a rule condition that leverages the metadata from the first operation and a rule action that involves a second operation. Other composite AI extraction rules involving multiple text mining operations may also be applied. For instance, a rule may specify using the tonality of a document from a sentiment analysis to classify the document according to a relevant taxonomy. Another rule may specify classifying documents of a particular type under a specific category. In this way, new/enhanced information about the input data can be deduced, validated, and/or enriched.
G06F 16/38 - Recherche caractérisée par l’utilisation de métadonnées, p. ex. de métadonnées ne provenant pas du contenu ou de métadonnées générées manuellement
Examples of the present disclosure describe systems and methods for monitoring the security privileges of a process. In aspects, when a process is created, the corresponding process security token and privilege information is detected and recorded. At subsequent “checkpoints,” the security token is evaluated to determine whether the security token has been replaced, or whether new or unexpected privileges have been granted to the created process. When a modification to the security token is determined, a warning or indication of the modification is generated and the process may be terminated to prevent the use of the modified security token.
H04L 9/32 - Dispositions pour les communications secrètes ou protégéesProtocoles réseaux de sécurité comprenant des moyens pour vérifier l'identité ou l'autorisation d'un utilisateur du système
G06F 21/50 - Contrôle des utilisateurs, des programmes ou des dispositifs de préservation de l’intégrité des plates-formes, p. ex. des processeurs, des micrologiciels ou des systèmes d’exploitation
30.
Behavioral Threat Detection Definition And Compilation
Examples of the present disclosure describe systems and methods for behavioral threat detection definition compilation. In an example, one or more sets of rule instructions may be packaged for distribution and/or use by a behavioral threat detection engine. As an example, a set of rule instructions is compiled into an intermediate language and assembled in to a compiled behavior rule binary. Event linking is performed, wherein other rules launched by the rule and/or events that launch the rule or are processed by the rule are identified, and such information may be stored accordingly. The behavior rule binary may be packaged with other rules associated with identifying a specific behavior. The packaged behavior rule is distributed to one or more computing devices for use with a behavioral threat detection engine. For example, the threat detection engine may execute the behavior rule using a rule virtual machine.
G06F 9/455 - ÉmulationInterprétationSimulation de logiciel, p. ex. virtualisation ou émulation des moteurs d’exécution d’applications ou de systèmes d’exploitation
One embodiment comprises a non-transitory computer readable medium comprising computer-executable instructions executable to access a conversation-enabled document and expose the conversation-enabled document on a conversation channel as a conversation into the conversation-enabled document. The conversation-enabled document can comprise a conversation component for controlling a conversation interface into the conversation-enabled document, the conversation component specifying conversation steps, routing between conversation steps and a document variable to accept a conversation participant response. The computer-executable instructions can be executable to set a document variable value in the conversation-enabled document based on the participant response received via the conversation interface; and render the conversation-enabled document to a response channel using the document variable and the page template.
H04L 51/02 - Messagerie d'utilisateur à utilisateur dans des réseaux à commutation de paquets, transmise selon des protocoles de stockage et de retransmission ou en temps réel, p. ex. courriel en utilisant des réactions automatiques ou la délégation par l’utilisateur, p. ex. des réponses automatiques ou des messages générés par un agent conversationnel
Peer device protection enables a first device comprising a digital security agent to remedy security issues on (or associated with) a set of devices visible to the first device. In aspects, a first device comprising a digital security agent may identify a set of devices visible to the first device. The first device may monitor the set of devices to collect data, such as types of communications and data points of interest. The digital security agent may apply threat detection to the collected data to identify anomalous network behavior. When anomalous network behavior is detected, the first device may cause an indicator of compromise (IOC) to be generated. Based on the IOC, the first device may facilitate remediation of the anomalous network behavior and/or apply security to one or more devices in the set of devices.
A method and system for a content broker, including a unified object index, where the content broker is coupled to the unified object index and receives, from a requesting entity, a request to perform an action on an object and the object is stored in the content repository. The method further including obtaining the object associated with the request from a content repository, determining, using the unified object index, a normalized object type associated with the object, obtaining a governance rule based on the normalized object type, and servicing the request using the governance rule.
A digital asset management system is enhanced with an end-to-end deep zoom feature functionality that receives a user request to generate a deep zoom image of an asset, performs an image conversion if necessary, generates the deep zoom image and stores corresponding image folders and files in a transient storage separate from assets managed by the digital asset management system, and cleans up the deep zoom files after a pre-configured time period. The deep zoom image is rendered directly from the transient storage without having to involve the repository, which is separately managed by the digital asset management system. A new Web context is created and provided for viewing the deep zoom image within a browser-based user interface of the digital asset management system for a seamless user experience.
A reconfigurable automatic document-classification system and method provides classification metrics to a user and enables the user to reconfigure the classification model. The user can refine the classification model by adding or removing exemplars, creating, editing or deleting rules, or performing other such adjustments to the classification model. This technology enhances the overall transparency and defensibility of the auto-classification process.
Examples of the present disclosure describe systems and methods for behavioral threat detection definition. In an example, a behavior rule comprising a set of rule instructions is used to define one or more events indicative of a behavior. For example, a set of events from which one event must be matched may be defined or a set of events from which all events must be matched may be defined. In some examples, events are matched based on an event name or type, or may be matched based on one or more parameters. Exact and/or inexact matching may be used. The set of rule instructions ultimately specifies one or more halt instructions, thereby indicating that a determination as to the presence of the behavior has been made. Example determinations include, but are not limited to, a match determination, a non-match determination, or an indication that additional monitoring should be performed.
Examples of the present disclosure describe systems and methods for detecting and mitigating stack pivoting exploits. In aspects, various “checkpoints” may be identified in software code. At each checkpoint, the current stack pointer, stack base, and stack limit for each mode of execution may be obtained. The current stack pointer for each mode of execution may be evaluated to determine whether the stack pointer falls within a stack range between the stack base and the stack limit of the respective mode of execution. When the stack pointer is determined to be outside of the expected stack range, a stack pivot exploit is detected and one or more remedial actions may be automatically performed.
G06F 21/52 - Contrôle des utilisateurs, des programmes ou des dispositifs de préservation de l’intégrité des plates-formes, p. ex. des processeurs, des micrologiciels ou des systèmes d’exploitation au stade de l’exécution du programme, p. ex. intégrité de la pile, débordement de tampon ou prévention d'effacement involontaire de données
B01D 15/18 - Adsorption sélective, p. ex. chromatographie caractérisée par des caractéristiques de structure ou de fonctionnement relatives aux différents types d'écoulement
G01N 30/20 - Injection utilisant une valve d'échantillonnage
G01N 30/22 - Injection dans des systèmes liquides à haute pression
G01N 30/46 - Modèles d'écoulement utilisant plus d'une colonne
The present disclosure describes systems and methods for remote management of appliances. The appliance may be configured to periodically check in a predetermined online location for the presence of a trigger file identifying one or more appliances directed to contact a management server for maintenance. If the file is present at the predetermined location and the file includes the identifier of the appliance, the appliance may initiate a connection to the management server. If the file is not found, then the appliance may reset a call timer and attempt to retrieve the file at a later time. To avoid having to configure addresses on the appliance, link local IPv6 addresses may be configured for use over a virtual private network, allowing administration, regardless of the network configuration or local IP address of the appliance.
H04L 67/125 - Protocoles spécialement adaptés aux environnements propriétaires ou de mise en réseau pour un usage spécial, p. ex. les réseaux médicaux, les réseaux de capteurs, les réseaux dans les véhicules ou les réseaux de mesure à distance en impliquant la commande des applications des terminaux par un réseau
Systems and methods of tracking chain of custody of relevant electronic documents are provided. An example method begins with receiving an electronic document collection request. In response, a set of relevant electronic documents is retrieved, a tracking unit is generated, and the tracking unit is assigned to the set of relevant electronic documents. The tracking unit includes: a state machine having at least two stages including a specification stage for specifying the electronic document collection request and a review stage for displaying the relevant electronic documents, a plurality of Chain-Of-Custody (COC) statuses, and a plurality of number of relevant document values. The chain of custody of the set of relevant electronic documents is tracked. The set of relevant electronic documents generated by the electronic document collection request is displayed by a graphical user interface.
Examples of the present disclosure describe systems and methods of automatic inline detection based on static data. In aspects, a file being received by a recipient device may be analyzed using an inline parser. The inline parser may identify sections of the file and feature vectors may be created for the identified sections. The feature vectors may be used to calculate a score corresponding to the malicious status of the file as the information is being analyzed. If a score is determined to exceed a predetermined threshold, the file download process may be terminated. In aspects, the received files, file fragments, feature vectors and/or additional data may be collected and analyzed to build a probabilistic model used to identify potentially malicious files.
G06F 21/00 - Dispositions de sécurité pour protéger les calculateurs, leurs composants, les programmes ou les données contre une activité non autorisée
G06F 21/56 - Détection ou gestion de programmes malveillants, p. ex. dispositions anti-virus
Responsive to a request to access heterogeneous repositories, a REST server queries a resource registry to find resources that match mapping information contained in the request. The resource registry returns resource registry tables containing the matching resources. The resource registry tables implement a unified data structure of a resource registry model and are generated at runtime by the resource registry mapping REST service configuration parameters to the fields of the unified data structure. The REST service configuration parameters are added to an extension SDK for REST extension developers to enhance REST service configuration for extension applications. The REST service configuration parameters are configured at implementation time and loaded/scanned into the REST server at runtime. The REST server iteratively evaluates the resource registry tables until all the matching resources have been evaluated. The evaluation result is used to determine whether to reject, accept, or redirect the request from the client device.
H04L 67/1097 - Protocoles dans lesquels une application est distribuée parmi les nœuds du réseau pour le stockage distribué de données dans des réseaux, p. ex. dispositions de transport pour le système de fichiers réseau [NFS], réseaux de stockage [SAN] ou stockage en réseau [NAS]
G06F 16/25 - Systèmes d’intégration ou d’interfaçage impliquant les systèmes de gestion de bases de données
G06F 16/951 - IndexationTechniques d’exploration du Web
H04L 41/5041 - Gestion des services réseau, p. ex. en assurant une bonne réalisation du service conformément aux accords caractérisée par la relation temporelle entre la création et le déploiement d’un service
H04L 67/02 - Protocoles basés sur la technologie du Web, p. ex. protocole de transfert hypertexte [HTTP]
H04L 67/133 - Protocoles pour les appels de procédure à distance [RPC]
H04L 67/563 - Redirection de flux de réseau de données
H04L 67/61 - Ordonnancement ou organisation du service des demandes d'application, p. ex. demandes de transmission de données d'application en utilisant l'analyse et l'optimisation des ressources réseau requises en tenant compte de la qualité de service [QoS] ou des exigences de priorité
H04L 67/63 - Ordonnancement ou organisation du service des demandes d'application, p. ex. demandes de transmission de données d'application en utilisant l'analyse et l'optimisation des ressources réseau requises en acheminant une demande de service en fonction du contenu ou du contexte de la demande
42.
NOTIFICATION SYSTEMS AND METHODS FOR CENTRALIZED THREADING AND PRESENTATION OF MESSAGES
A notification center system receives a message from a message source, the message comprising a message body, the message body comprising parameter-value pairs. The notification center system processes the message body to obtain a contextual string from the parameter-value pairs, appends a source identifier to the message, the source identifier identifying the message source, and stores the message appended with the source identifier in a platform-neutral format in a message store. Utilizing the contextual string, the message is then grouped, with other message(s) or by itself, with a message thread. The message is provided to a delivery mechanism for presentation of the message under the message thread. Content-aware contextual visual indicators may be determined for the message thread and the message based on different orders of specificity. The message thread and the message can then be displayed with their corresponding content-aware contextual visual indicators to provide additional insights.
Examples of the present disclosure describe systems and methods for sharing memory using a multi-ring shared, traversable and dynamic database. In aspects, the database may be synchronized and shared between multiple processes and/or operation mode protection rings of a system. The database may also be persisted to enable the management of information between hardware reboots and application sessions. The information stored in the database may be view independent, traversable, and resizable from various component views of the database. In some aspects, an event processor is additionally described. The event processor may use the database to allocate memory chunks of a shared heap to components/processes in one or more protection modes of the operating system.
G06F 12/06 - Adressage d'un bloc physique de transfert, p. ex. par adresse de base, adressage de modules, extension de l'espace d'adresse, spécialisation de mémoire
G06F 12/14 - Protection contre l'utilisation non autorisée de mémoire
G06F 16/00 - Recherche d’informationsStructures de bases de données à cet effetStructures de systèmes de fichiers à cet effet
G06F 21/00 - Dispositions de sécurité pour protéger les calculateurs, leurs composants, les programmes ou les données contre une activité non autorisée
44.
DETECTING STACK PIVOTS USING STACK ARTIFACT VERIFICATION
Examples of the present disclosure describe systems and methods for detecting and mitigating stack pivoting using stack artifact verification. In aspects, function hooks may be added to one or more functions. When a hooked function executes, artifacts relating to the hooked function may be left on the stack memory (“stack”). The location of the artifacts on the stack may be stored in a local storage area. Each time a hook in a hooked function is subsequently executed, protection may be executed to determine whether an artifact remains in the location stored in the local storage area. If the artifact is no longer in the same location, a stack pivot may be detected and one or more remedial actions may be automatically performed.
G06F 21/54 - Contrôle des utilisateurs, des programmes ou des dispositifs de préservation de l’intégrité des plates-formes, p. ex. des processeurs, des micrologiciels ou des systèmes d’exploitation au stade de l’exécution du programme, p. ex. intégrité de la pile, débordement de tampon ou prévention d'effacement involontaire de données par ajout de routines ou d’objets de sécurité aux programmes
Case management systems and techniques are disclosed. In various embodiments, a hierarchical document permission model is received, the model describing a document hierarchy comprising a plurality of hierarchically related document nodes and defining for each of at least a subset of said document nodes one or more document roles and for each such role one or more document permissions with respect to that document node. The hierarchical document permission model is used to determine and enforce permissions with respect to case management instances to which the hierarchical document permission model applies.
G06Q 10/06 - Ressources, gestion de tâches, des ressources humaines ou de projetsPlanification d’entreprise ou d’organisationModélisation d’entreprise ou d’organisation
G06Q 10/0631 - Planification, affectation, distribution ou ordonnancement de ressources d’entreprises ou d’organisations
Case management systems and techniques are disclosed. In various embodiments, a definition is received that associates a descendant case role alias with a first case node at a first hierarchical level of a hierarchical data model, the definition further associating a permission with the descendant case role alias and referencing a referenced case role associated with a second case node at a second hierarchical level of the hierarchical data model. The definition is used to extend the permission to a user assigned to the referenced case role with respect to a case instance comprising the hierarchical data model.
G06F 21/62 - Protection de l’accès à des données via une plate-forme, p. ex. par clés ou règles de contrôle de l’accès
G06Q 10/06 - Ressources, gestion de tâches, des ressources humaines ou de projetsPlanification d’entreprise ou d’organisationModélisation d’entreprise ou d’organisation
G06Q 10/0631 - Planification, affectation, distribution ou ordonnancement de ressources d’entreprises ou d’organisations
The present disclosure relates to systems and methods for identifying highly sensitive modules and taking a remediation or preventative action if such modules are accessed by malicious software. For example, the likelihood that a module is used for an exploit, and is thus sensitive, is categorized as high, medium, or low. The likelihood that a module can be used for an exploit can dictate whether, and to what degree, an application accessing the module is “suspicious.” However, in some instances, a sensitive module may have legitimate reasons to load when used in certain non-malicious ways. The system may also consider a trust level when determining what actions to take, such that an application and/or user having a higher trust level may be less suspicious when accessing a sensitive module as compared to an application or user having a lower trust level.
G06F 21/57 - Certification ou préservation de plates-formes informatiques fiables, p. ex. démarrages ou arrêts sécurisés, suivis de version, contrôles de logiciel système, mises à jour sécurisées ou évaluation de vulnérabilité
G06F 21/51 - Contrôle des utilisateurs, des programmes ou des dispositifs de préservation de l’intégrité des plates-formes, p. ex. des processeurs, des micrologiciels ou des systèmes d’exploitation au stade du chargement de l’application, p. ex. en acceptant, en rejetant, en démarrant ou en inhibant un logiciel exécutable en fonction de l’intégrité ou de la fiabilité de la source
G06F 21/55 - Détection d’intrusion locale ou mise en œuvre de contre-mesures
Disclosed is a new intelligent forms automation solution for receiving a request or submission involving multiple types of non-native forms in a consistent manner. An engine locates a field in a non-native form, extracts a globally unique identifier (GUID) from the field and form data from data fields of the non-native form. The GUID is used by the engine to identify and retrieve a virtual copy of a native form identified. The engine fills the virtual copy of the native form with form data from the non-native form. Since the native form can have an associated workflow process, the form data from the non-native form is processed through the workflow. The native form and the non-native form can be created independently of one another. In some cases, a native form can be used to create a non-native form with a hidden field containing the GUID of the native form.
G06Q 10/067 - Modélisation d’entreprise ou d’organisation
G06Q 30/016 - Fourniture d’une assistance aux clients, p. ex. pour assister un client dans un lieu commercial ou par un service d’assistance après-vente
Examples of the present disclosure describe systems and methods for malicious software detection based on API trust. In an example, a set of software instructions executed by a computing device may call an API. A hook may be generated on the API, such that a threat processor may receive an indication when the API is called. Accordingly, the threat processor may generate a trust metric based on the execution of the set of software instructions, which may be used to determine whether the set of software instructions poses a potential threat. For example, one or more call stack frames may be evaluated to determine whether a return address is preceded by a call instruction, whether the return address is associated with a set of software instructions or memory associated with a set of software instructions, and/or whether the set of software instructions satisfies a variety of security criteria.
G06F 21/00 - Dispositions de sécurité pour protéger les calculateurs, leurs composants, les programmes ou les données contre une activité non autorisée
G06F 21/55 - Détection d’intrusion locale ou mise en œuvre de contre-mesures
G06F 21/56 - Détection ou gestion de programmes malveillants, p. ex. dispositions anti-virus
Managing content is disclosed. An indication is received that a content item comprising a body of managed content is associated with a business object not included in the body of managed content. The content item is linked with the business object.
The present disclosure describes systems and methods for aggregation and management of cloud storage among a plurality of providers via file fragmenting to provide increased reliability and security. In one implementation, fragments or blocks may be distributed among a plurality of cloud storage providers, such that no provider retains a complete copy of a file. Accordingly, even if an individual service is compromised, a malicious actor cannot access the data. In another implementation, fragments may be duplicated and distributed to multiple providers, such that loss of communications to any one provider does not result in inability to access the data. This implementation may be combined with error correction techniques to allow recovery, even with loss of multiple providers. File synchronization may also be faster in these implementations by dividing reading and writing operations among multiple providers.
G06F 11/14 - Détection ou correction d'erreur dans les données par redondance dans les opérations, p. ex. en utilisant différentes séquences d'opérations aboutissant au même résultat
G06F 16/178 - Techniques de synchronisation des fichiers dans les systèmes de fichiers
G06F 21/62 - Protection de l’accès à des données via une plate-forme, p. ex. par clés ou règles de contrôle de l’accès
H04L 67/1095 - Réplication ou mise en miroir des données, p. ex. l’ordonnancement ou le transport pour la synchronisation des données entre les nœuds du réseau
52.
Systems and methods for detection and mitigation of malicious encryption
The present disclosure describes systems and methods for detection and mitigation of malicious encryption. A security agent on an infected computing device may monitor data writes to disk, memory, or network transmission buffers for strings that may represent encryption keys or moduli. The security agent may apply one or more techniques to decode and parse the string to either identify or extract the keys, or rule out the string as containing an encryption key or modulus. If a key is identified, or its presence cannot be excluded, then the security agent may generate an alert and take mitigation actions.
Embodiments provide systems and methods for logging events. A computer-implemented method, for example, includes a syslog connector providing a subscription to a cloud source that collects events from a plurality of data sources, the subscription comprising an event selection criterion, receiving event records from the cloud source according to the subscription, the received event records formatted according to a first format, transforming the event records received from the cloud source from the first format to syslog messages and storing, by the syslog connector, the syslog messages to a syslog data sink.
Embodiments provide systems and methods for logging events. A computer-implemented method comprises receiving input for selecting one or more event types to receive from an event collector, receiving, based on the one or more event types, a plurality of security events from the event collector, transforming each of the plurality of security events to a standard format to generate a plurality of formatted security events and transmitting the plurality of formatted security events to a security information and event management (SIEM) server.
Case management systems and techniques are disclosed. In various embodiments, a case model definition defining a case model is received. The case model comprises a hierarchical permissions model comprising a plurality of hierarchical permission nodes, the plurality of hierarchical permission nodes including a first hierarchical permission node associated with a parent case node and having an associated first case role and a first permission for the first role, and a second hierarchical permission node associated with a child case node. At run time, the first permission with respect a case instance instantiated using the case model definition is enforced. Enforcing the first permission comprising applying the first permission to a request to perform a first action on an instance of the child case node based on the first case role and first permission.
G06F 21/62 - Protection de l’accès à des données via une plate-forme, p. ex. par clés ou règles de contrôle de l’accès
G06Q 10/06 - Ressources, gestion de tâches, des ressources humaines ou de projetsPlanification d’entreprise ou d’organisationModélisation d’entreprise ou d’organisation
G06Q 10/0631 - Planification, affectation, distribution ou ordonnancement de ressources d’entreprises ou d’organisations
56.
Case leaf nodes pointing to business objects or document types
Case management systems and techniques are disclosed. In various embodiments, a trait definition is received that associates with a case node comprising a case model an object associated with an external system, e.g., a document or other content object and/or a business or other software object. The trait definition is used to bind respective instances of the object to corresponding instances of the case node in case instances created based on the case model.
Examples of the present disclosure describe systems and methods for selective export address table filtering. In aspects, the relative virtual address (RVA) of exported function names may be modified to point to a protected memory location. An exception handler may be registered to process exceptions relating to access violations of the protected memory location. If an exception is detected that indicates an attempt to access the protected memory location, the instruction pointer of the exception may be compared to an allowed range of memory addresses. If the instruction pointer address is outside the boundaries, remedial action may occur.
G06F 21/54 - Contrôle des utilisateurs, des programmes ou des dispositifs de préservation de l’intégrité des plates-formes, p. ex. des processeurs, des micrologiciels ou des systèmes d’exploitation au stade de l’exécution du programme, p. ex. intégrité de la pile, débordement de tampon ou prévention d'effacement involontaire de données par ajout de routines ou d’objets de sécurité aux programmes
G06F 21/55 - Détection d’intrusion locale ou mise en œuvre de contre-mesures
58.
Generation of document editors having functions specified by role policies
Examples disclosed herein relate to generation of document editors having functions specified by role policies. Examples include acquisition of a request to provide a target user a document editor for a target document type and a determination, in response to the request, of which of a plurality of role policies is associated with the target user based on a role assigned to the target user in an enterprise, wherein each of the role policies is associated with a different role for the enterprise and specifies a different plurality of document editor functions permitted to be included in a document editor for the target document type for a user assigned to the associated role.
G06F 9/455 - ÉmulationInterprétationSimulation de logiciel, p. ex. virtualisation ou émulation des moteurs d’exécution d’applications ou de systèmes d’exploitation
59.
DATA SUBJECT ASSESSMENT SYSTEMS AND METHODS FOR ARTIFICIAL INTELLIGENCE PLATFORM BASED ON COMPOSITE EXTRACTION
Responsive to user interaction, a data subject assessment service, hosted on an artificial intelligence (AI) platform operating in a cloud computing environment, is operable to define a data subject, create and configure a data subject project, and add the data subject to the data subject project. The data subject project is associated with AI models, each of which models a risk having a user-adjustable risk level. The data subject project thus configured and/or customized, for instance, with a custom rule, can be run on a collection of documents to assess the data subject through data subject assessment operations. Data subject assessment results thus produced can be searched for data subject relationships, using metadata from the data subject assessment operations. This fine-tunes the data subject assessment results and produces more granular, more precise results, based on which a report can be viewed and/or generated.
Examples of the present disclosure describe systems and methods for restricting access to application programming interfaces (APIs). For example, when a process calls an API, the API call may be intercepted by a security system for evaluation of its trustfulness before the API is allowed to run. Upon intercepting an API call, the process calling the API may be evaluated to determine if the process is known to the security system, such that known processes that are untrusted may be blocked from calling the API. Further, when the security system cannot identify the process calling the API, the security service may evaluate a call stack associated with the call operation to determine if attributes of the call operation are known to the security system. If the call operation is known to the security system as untrusted, the call operation may be blocked from calling the API.
G06F 21/51 - Contrôle des utilisateurs, des programmes ou des dispositifs de préservation de l’intégrité des plates-formes, p. ex. des processeurs, des micrologiciels ou des systèmes d’exploitation au stade du chargement de l’application, p. ex. en acceptant, en rejetant, en démarrant ou en inhibant un logiciel exécutable en fonction de l’intégrité ou de la fiabilité de la source
G06F 21/52 - Contrôle des utilisateurs, des programmes ou des dispositifs de préservation de l’intégrité des plates-formes, p. ex. des processeurs, des micrologiciels ou des systèmes d’exploitation au stade de l’exécution du programme, p. ex. intégrité de la pile, débordement de tampon ou prévention d'effacement involontaire de données
G06F 21/62 - Protection de l’accès à des données via une plate-forme, p. ex. par clés ou règles de contrôle de l’accès
Examples of the present disclosure describe systems and methods of issuing certificates. One embodiment includes a non-transitory, computer-readable medium comprising computer executable instructions stored thereon, the computer executable instructions executable for receiving a certificate request from an online identity, wherein the certificate request validates a reputation of the online identity, analyzing the certificate request, based on the analysis, determining to issue a certificate, and issuing the certificate to the online identity.
Systems and methods for image based content capture and extraction utilizing deep learning neural network and bounding box detection training techniques
Systems, methods, and computer program products for image recognition in which instructions are executable by a processor to dynamically generate simulated documents and corresponding images, which are then used to train a fully convolutional neural network. A plurality of document components are provided, and the processor selects subsets of the document components. The document components in each subset are used to dynamically generate a corresponding simulated document and a simulated document image. The convolutional neural network processes the simulated document image to produce a recognition output. Information corresponding to the document components from which the image was generated is used as an expected output. The recognition output and expected output are compared, and weights of the convolutional neural network are adjusted based on the differences between them.
G06V 10/82 - Dispositions pour la reconnaissance ou la compréhension d’images ou de vidéos utilisant la reconnaissance de formes ou l’apprentissage automatique utilisant les réseaux neuronaux
G06F 18/214 - Génération de motifs d'entraînementProcédés de Bootstrapping, p. ex. ”bagging” ou ”boosting”
G06F 18/2413 - Techniques de classification relatives au modèle de classification, p. ex. approches paramétriques ou non paramétriques basées sur les distances des motifs d'entraînement ou de référence
G06V 30/18 - Extraction d’éléments ou de caractéristiques de l’image
G06V 30/19 - Reconnaissance utilisant des moyens électroniques
G06V 30/413 - Classification de contenu, p. ex. de textes, de photographies ou de tableaux
G06V 30/414 - Extraction de la structure géométrique, p. ex. arborescenceDécoupage en blocs, p. ex. boîtes englobantes pour les éléments graphiques ou textuels
Embodiments as disclosed provide data processing systems and methods for controlling an automated survey system. One embodiment comprises: a processor; a data store storing a plurality of transactions thereon, each transaction comprising transaction metadata and a voice session recording of an inbound call, the transaction metadata for each transaction comprising an identifier for that transaction; a non-transitory computer readable medium having instructions executable on the processor for: generating, by the processor, a worklist for the survey campaign to control conducting of surveys by an automated survey system that is configured to execute the worklist, the worklist comprising a work item for each of the set of transactions and each work item comprising transaction identification data for a transaction from the set of transactions and contact information for the survey target for the transaction corresponding to the transaction identification data in the work item.
A system for delivering notification messages across different notification media comprises a processor. A processor is configured to provide an indication of a new platform notification channel to one or more platform notification services. The indication is provided to one of the one or more platform notification services through a communication module specific to the one of the one or more platform notification services. The processor is configured to create a mapping from a new universal notification channel to a set of one or more platform notification channel identifiers. Each platform notification channel identifier of the set of platform notification channel identifiers is received from a platform notification service. The processor is configured to provide the set of one or more platform notification channel identifiers to a content provider of the new universal notification channel. The processor is coupled to the memory and is configured to store instructions.
H04L 51/06 - Adaptation des messages aux exigences du terminal ou du réseau
H04L 45/302 - Détermination de la route basée sur la qualité de service [QoS] demandée
H04L 51/063 - Adaptation du contenu, p. ex. remplacement d'un contenu inapproprié
H04L 51/224 - Surveillance ou traitement des messages en fournissant une notification sur les messages entrants, p. ex. des poussées de notifications des messages reçus
G06F 16/31 - IndexationStructures de données à cet effetStructures de stockage
G06F 40/58 - Utilisation de traduction automatisée, p. ex. pour recherches multilingues, pour fournir aux dispositifs clients une traduction effectuée par le serveur ou pour la traduction en temps réel
66.
System and method for hybrid multilingual search indexing
System and method for the indexing and searching of multilingual documents are disclosed. In some embodiments, these multilingual search system may analyze objects (and thus similarly search queries) using a multilingual object analyzer that fragments the text (content) of the object into one or more fragments. For each of those fragments, a language detection may be performed to identify a language associated with each fragment. Once the language is identified for that fragment, the fragment can be provided to a language analyzer for the identified language. The tokens for that fragment identified by that language analysis can then be indexed for that object. In this manner, all the tokens identified for each of the fragments by the respective language analyzer used for each fragment may be stored for the object and indexed to create a multilingual index.
Case management systems and techniques are disclosed. In various embodiments, an indication to create a case instance is received. A case model definition is parsed to determine a hierarchical data model to be used to create the case instance and a placeholder data to be associated with a case node comprising the hierarchical data model. The case model definition is used to create the case instance, including by associating the placeholder data with the case node in the case instance as created.
One embodiment comprises a non-transitory, computer-readable medium embodying thereon computer-executable instructions for receiving a document design, generating a conversation-enabled document from the document design, exposing the conversation-enabled document on a conversation channel, receiving a participant response, updating the conversation-enabled document based the participant response, and rendering a communication page on a second channel using the updated conversation-enabled document. The document design comprises a page template and a conversation template. The page template specifies content of the communication page and a variable to be populated with a first variable value. The conversation template defines a state machine for an automated conversation, the conversation template specifying a variable to which the participant response is to be written.
H04L 51/02 - Messagerie d'utilisateur à utilisateur dans des réseaux à commutation de paquets, transmise selon des protocoles de stockage et de retransmission ou en temps réel, p. ex. courriel en utilisant des réactions automatiques ou la délégation par l’utilisateur, p. ex. des réponses automatiques ou des messages générés par un agent conversationnel
Examples of the present disclosure describe systems and methods for discrete processor feature behavior collection and analysis. In aspects, a monitoring utility may initialize a set of debugging and/or performance monitoring feature sets for a microprocessor. When the microprocessor receives from software content a set of instructions that involves the loading of a set of modules or code segments, the set of modules or code segments may be evaluated by the monitoring utility. The monitoring utility may generate a process trace of the loaded set of modules or code segments. Based on the process trace output, various execution paths may be reconstructed in real-time. The system and/or API calls made by the microprocessor may then be compared to the process trace output to quickly observe the interaction between the software content and the operating system of the microprocessor.
Embodiments disclosed herein relate to systems and methods for providing a smart cache. In embodiments, a variable time to live (TTL) may be calculated and associated with data as it is stored in a cache. The variable TTL may be calculated based upon reputation and/or category information related to the source of the data. The reputation and/or category information may include TTL modifiers for adjusting the TTL for data from a particular data source that is stored in the cache. In further embodiments, a feedback method may be employed to update reputation and/or category information for a particular data source.
G06F 12/0802 - Adressage d’un niveau de mémoire dans lequel l’accès aux données ou aux blocs de données désirés nécessite des moyens d’adressage associatif, p. ex. mémoires cache
G06F 12/0864 - Adressage d’un niveau de mémoire dans lequel l’accès aux données ou aux blocs de données désirés nécessite des moyens d’adressage associatif, p. ex. mémoires cache utilisant des moyens pseudo-associatifs, p. ex. associatifs d’ensemble ou de hachage
G06F 12/0875 - Adressage d’un niveau de mémoire dans lequel l’accès aux données ou aux blocs de données désirés nécessite des moyens d’adressage associatif, p. ex. mémoires cache avec mémoire cache dédiée, p. ex. instruction ou pile
G06F 12/128 - Commande de remplacement utilisant des algorithmes de remplacement adaptée aux systèmes de mémoires cache multidimensionnelles, p. ex. associatives d’ensemble, à plusieurs mémoires cache, multi-ensembles ou multi-niveaux
G06F 16/957 - Optimisation de la navigation, p. ex. mise en cache ou distillation de contenus
Responsive to user interaction, a data subject assessment service, hosted on an artificial intelligence (AI) platform operating in a cloud computing environment, is operable to define a data subject, create and configure a data subject project, and add the data subject to the data subject project. The data subject project is associated with AI models, each of which models a risk having a user-adjustable risk level. The data subject project thus configured and/or customized, for instance, with a custom rule, can be run on a collection of documents to assess the data subject through data subject assessment operations. Data subject assessment results thus produced can be searched for data subject relationships, using metadata from the data subject assessment operations. This fine-tunes the data subject assessment results and produces more granular, more precise results, based on which a report can be viewed and/or generated.
G06F 16/38 - Recherche caractérisée par l’utilisation de métadonnées, p. ex. de métadonnées ne provenant pas du contenu ou de métadonnées générées manuellement
In general, embodiments of the technology relate to a method and system for implementing external content type (ECT) object types in a content management system (CMS). More specifically, embodiments of the technology relate to augmenting the object model with a new class of object type—an external content type (ECT) object type. The ECT object types are a class of object types that are used to manage object (referred to as managed external objects) that are located in external data systems.
Aspects of the present disclosure are operable to protect against malicious objects, such as JavaScript code, which may be encountered, downloaded, or otherwise accessed from a content source by a computing system. In an example, antivirus software implementing aspects disclosed herein may be capable of detecting malicious objects in real-time. Aspects of the present disclosure aim to reduce the amount of time used to detect malicious code while maintaining detection accuracy, as detection delays and/or a high false positive rate may result in a negative user experience. Among other benefits, the systems and methods disclosed herein are operable to identify malicious objects encountered by a computing system while maintaining a high detection rate, a low false positive rate, and a high scanning speed.
A method for referencing and updating objects in a shared resource environment. A reference counter counts is incremented for every use of an object subtype in a session and decremented for every release of an object subtype in a session. A session counter is incremented upon the first instance of fetching an object type into a session cache and decremented upon having no instances of the object type in use in the session. When both the reference counter and the session counter are zero, the object type may be removed from the cache. When the object type needs to be updated, it is cloned into a local cache, and changes are made on the local copy. The global cache is then locked to all other users, the original object type is detached, and the cloned object type is swapped into the global cache, after which the global cache is unlocked.
Systems and methods for data reporting using a data aggregator and a data retrieval tool such as a file intelligence service. The data aggregator stores two sets of data reporting tables and designates a first one of the sets of tables as an active set and the second one of the sets as a non-active set. The active set of tables stores data corresponding to a most recently successfully completed search. The non-active set stores data retrieved by the data retrieval tool from disparate data sources according to current search. The data in the active set of tables is immediately available for use in requested reports. When the data aggregator completes the current search, it designates the non-active set of tables as the active set so that the data therein becomes available for use in requested reports.
This disclosure provides a system and method for selecting an application dialog layout design based on a response pattern for a task-based application. A plurality of user interface layouts may be generated based on a first user interface layout, where the first user interface layout is associated with a task included in a process of a computer-implemented software application. One or more performance metrics associated with each user interface layout of the plurality of user interface layouts may be monitored, where the one or more performance metrics characterize a performance of the task by one or more task users. A second user interface layout may be selected based on an analysis of the one or more performance metrics. The second user interface layout may be provided to a plurality of users of a computer-implemented software application.
G06F 3/01 - Dispositions d'entrée ou dispositions d'entrée et de sortie combinées pour l'interaction entre l'utilisateur et le calculateur
G06F 3/048 - Techniques d’interaction fondées sur les interfaces utilisateur graphiques [GUI]
G06F 3/0481 - Techniques d’interaction fondées sur les interfaces utilisateur graphiques [GUI] fondées sur des propriétés spécifiques de l’objet d’interaction affiché ou sur un environnement basé sur les métaphores, p. ex. interaction avec des éléments du bureau telles les fenêtres ou les icônes, ou avec l’aide d’un curseur changeant de comportement ou d’aspect
G06F 9/451 - Dispositions d’exécution pour interfaces utilisateur
G06F 11/34 - Enregistrement ou évaluation statistique de l'activité du calculateur, p. ex. des interruptions ou des opérations d'entrée–sortie
G06F 3/00 - Dispositions d'entrée pour le transfert de données destinées à être traitées sous une forme maniable par le calculateurDispositions de sortie pour le transfert de données de l'unité de traitement à l'unité de sortie, p. ex. dispositions d'interface
78.
Creation of component templates and removal of dead content therefrom
In one example of the disclosure, a set of electronic document templates is accessed and instances of duplicated document content are identified. Display of a user notice for first duplicated document content is caused. Responsive to receipt of data indicative of a user instruction to create a component template for the first duplicated content, the component template is created and stored.
G06F 3/12 - Sortie numérique vers une unité d'impression
G06F 40/131 - Fragmentation de fichiers textes, p. ex. création de blocs de texte réutilisablesLiaison aux fragments, p. ex. par utilisation de XIncludeEspaces de nommage
G06F 40/194 - Calcul de la différence entre fichiers
G06V 30/24 - Reconnaissance de caractères caractérisée par la méthode de traitement ou de reconnaissance
G06V 30/414 - Extraction de la structure géométrique, p. ex. arborescenceDécoupage en blocs, p. ex. boîtes englobantes pour les éléments graphiques ou textuels
A notification center system receives a message from a message source, the message comprising a message body, the message body comprising parameter-value pairs. The notification center system processes the message body to obtain a contextual string from the parameter-value pairs, appends a source identifier to the message, the source identifier identifying the message source, and stores the message appended with the source identifier in a platform-neutral format in a message store. Utilizing the contextual string, the message is then grouped, with other message(s) or by itself, with a message thread. The message is provided to a delivery mechanism for presentation of the message under the message thread. Content-aware contextual visual indicators may be determined for the message thread and the message based on different orders of specificity. The message thread and the message can then be displayed with their corresponding content-aware contextual visual indicators to provide additional insights.
Examples of the present disclosure describe systems and methods of providing real-time scanning of IP addresses. In aspects, input may be received by a real-time IP scanning system. The system may generate one or more work orders based on the input. A scanner associated with the system may access a work order and attempt to communicate with one or more devices identified by the work order. If the attempted communication with a device is successful, a protocol analyzer may be used to provide a predefined payload to the device. If the response from the device matches an expected string, the device may be determined to be a safe and/or legitimate device. If the response from the device does not match an expected string, the device may be determined to be a malicious device.
G06F 21/57 - Certification ou préservation de plates-formes informatiques fiables, p. ex. démarrages ou arrêts sécurisés, suivis de version, contrôles de logiciel système, mises à jour sécurisées ou évaluation de vulnérabilité
Examples of the present disclosure describe systems and methods for exploit detection via induced exceptions. One embodiment of a method can include generating an inspection point, the inspection point causing an exception when a set of software instructions encounters the inspection point during an execution of the set of software instructions by a processor, registering an exception handler to handle the exception associated with by the inspection point; receiving, in response to the set of software instructions encountering the inspection point, an indication of an exception, accessing a context record associated with the execution of the set of software instructions, evaluating the context record to determine if an exploit is present using the first reputation information, and based on a determination that an exploit is present, performing a corrective action for the exploit.
G06F 21/00 - Dispositions de sécurité pour protéger les calculateurs, leurs composants, les programmes ou les données contre une activité non autorisée
G06F 21/55 - Détection d’intrusion locale ou mise en œuvre de contre-mesures
G06F 21/57 - Certification ou préservation de plates-formes informatiques fiables, p. ex. démarrages ou arrêts sécurisés, suivis de version, contrôles de logiciel système, mises à jour sécurisées ou évaluation de vulnérabilité
82.
Method and system for enforcing governance across multiple content repositories using a content broker
A method and system for a content broker, including a unified object index, where the content broker is coupled to the unified object index and receives, from a requesting entity, a request to perform an action on an object and the object is stored in the content repository. The method further including obtaining the object associated with the request from a content repository, determining, using the unified object index, a normalized object type associated with the object, obtaining a governance rule based on the normalized object type, and servicing the request using the governance rule.
Case management systems and techniques are disclosed. In various embodiments, for each of a plurality of case nodes comprising a case model a trait definition comprising a corresponding set of traits associated with that case node is received. The respective trait definitions are used to bind each set of traits to the case node with which the set of traits is associated in case instances created based on the case model.
In general, the technology relates to navigation control in a web application that includes receiving an event of a navigation trigger in a first page of a web application, and obtaining, in response to the event, an expression for the navigation trigger. The technology further includes gathering data from a first data source specified by the expression. The technology further includes evaluating the expression using the data to select a second page from a set of possible target pages, where each of the possible target pages is separately pre-stored in a data repository. The technology further includes presenting the second page.
A method for providing a dormant state for content management servers is provided. Client devices are allowed to conduct transactions with servers when the servers are active. However, in a dormant state, the servers are not allowed to accept new transactions. Thus, by utilizing the dormant state, software upgrades can be made to one server at a time. Alternatively, all servers can be taken down for major upgrades, with the servers still operated in a read-only mode based on a file image from a point in time just prior to the shutdown. When the upgrade is completed, the servers can be returned to the active state.
H04L 41/08 - Gestion de la configuration des réseaux ou des éléments de réseau
H04L 12/12 - Dispositions pour la connexion ou la déconnexion à distance de sous-stations ou de leur équipement
H04L 41/082 - Réglages de configuration caractérisés par les conditions déclenchant un changement de paramètres la condition étant des mises à jour ou des mises à niveau des fonctionnalités réseau
H04L 41/0859 - Récupération de la configuration du réseauSuivi de l’historique de configuration du réseau en conservant l'historique des différentes générations de configuration ou en revenant aux versions de configuration précédentes
H04L 41/50 - Gestion des services réseau, p. ex. en assurant une bonne réalisation du service conformément aux accords
H04L 43/0805 - Surveillance ou test en fonction de métriques spécifiques, p. ex. la qualité du service [QoS], la consommation d’énergie ou les paramètres environnementaux en vérifiant la disponibilité
H04L 67/00 - Dispositions ou protocoles de réseau pour la prise en charge de services ou d'applications réseau
H04L 67/02 - Protocoles basés sur la technologie du Web, p. ex. protocole de transfert hypertexte [HTTP]
H04L 67/10 - Protocoles dans lesquels une application est distribuée parmi les nœuds du réseau
H04L 67/1008 - Sélection du serveur pour la répartition de charge basée sur les paramètres des serveurs, p. ex. la mémoire disponible ou la charge de travail
H04L 67/562 - Courtage des services de mandataires
H04L 67/568 - Stockage temporaire des données à un stade intermédiaire, p. ex. par mise en antémémoire
86.
Aggregation and management among a plurality of storage providers
The present disclosure describes systems and methods for aggregation and management of cloud storage among a plurality of providers via file fragmenting to provide increased reliability and security. In one implementation, fragments or blocks may be distributed among a plurality of cloud storage providers, such that no provider retains a complete copy of a file. Accordingly, even if an individual service is compromised, a malicious actor cannot access the data. In another implementation, file fragmenting may be performed in a non-standard method such that file headers and metadata are divided across separate fragments, obfuscating the original file metadata.
H04L 67/1097 - Protocoles dans lesquels une application est distribuée parmi les nœuds du réseau pour le stockage distribué de données dans des réseaux, p. ex. dispositions de transport pour le système de fichiers réseau [NFS], réseaux de stockage [SAN] ou stockage en réseau [NAS]
G06F 16/10 - Systèmes de fichiersServeurs de fichiers
G06F 16/14 - Détails de la recherche de fichiers basée sur les métadonnées des fichiers
G06F 16/17 - Détails d’autres fonctions de systèmes de fichiers
G06F 16/27 - Réplication, distribution ou synchronisation de données entre bases de données ou dans un système de bases de données distribuéesArchitectures de systèmes de bases de données distribuées à cet effet
G06F 21/62 - Protection de l’accès à des données via une plate-forme, p. ex. par clés ou règles de contrôle de l’accès
H04L 67/06 - Protocoles spécialement adaptés au transfert de fichiers, p. ex. protocole de transfert de fichier [FTP]
H04L 67/1095 - Réplication ou mise en miroir des données, p. ex. l’ordonnancement ou le transport pour la synchronisation des données entre les nœuds du réseau
Examples of the present disclosure describe systems and methods for state-based entity behavior analysis. In an example, entities of a computing environment may be represented using a hierarchical entity web. In some examples, an entity may have a state associated with it, which may be modeled using a place/transition (PT) network. Events within the computing environment may be evaluated by transitions of a PT network to determine whether an entity should change state. If an entity transitions from one state to another, one or more actions may be performed, including, but not limited to, taking a remedial action, generating a recommendation, and updating the state of one or more associated entities. Thus, aspects disclosed herein may provide a high-level overview of the state of entities of a computing environment, but may also be used to view in-depth information of entities at lower levels of the hierarchical entity web.
H04L 41/0853 - Récupération de la configuration du réseauSuivi de l’historique de configuration du réseau en recueillant activement des informations de configuration ou en sauvegardant les informations de configuration
H04L 41/0893 - Affectation de groupes logiques aux éléments de réseau
H04L 41/0816 - Réglages de configuration caractérisés par les conditions déclenchant un changement de paramètres la condition étant une adaptation, p. ex. en réponse aux événements dans le réseau
An orchestration platform leverages an in-memory database for guaranteed synchronous processing of requests from origin devices. The in-memory database is created on a per-transaction basis and localized to a synchronous orchestration engine, which is a part of an orchestration platform. The in-memory database is serialized and stored in memory. To update the in-memory database, the in-memory database is deserialized and one or more database operations can be performed on the in-memory database. The updated in-memory database is communicated to a return to caller service which deserializes and extracts data from the updated in-memory database. The data is stored in a disk-based database that is accessible by an asynchronous orchestration engine. At this point, the updated in-memory database no longer exists.
G06F 16/27 - Réplication, distribution ou synchronisation de données entre bases de données ou dans un système de bases de données distribuéesArchitectures de systèmes de bases de données distribuées à cet effet
A method for software application optimization using natural language-based queries. The method includes obtaining a user-provided query. The user-provided query includes a constraint to be used for an identification of an application element that matches the constraint, from a set of application elements of a software application. The user-provided query is a string that includes a human language sentence. The method further includes deriving a formalized query from the user-provided query by translating the user-provided query into a syntactic construct of segmented sentence elements and obtaining the application element that matches the constraint. Obtaining the application element that matches the constraint includes deriving a pattern representation of the user-provided query from the formalized query and identifying the application element that matches the pattern representation of the user-provided query from the plurality of application elements.
Case management systems and techniques are disclosed. In various embodiments, searching case instances is facilitated. An indication to create a composite index across hierarchical case nodes comprising a case model is received. Case instance data associated with the case model is used to generate the composite index. The composite index is made available to be used to optimize searches of a plurality of case instances with which the case instance data is associated.
A system for composing browser-based applications is enhanced with cross-tab communication capability. At design time, responsive to a configuration instruction from a user, the system configures a user interface (UI) event for a browser-based application such that the UI event is publishable across all open browser tabs at application runtime. Responsive to a publication instruction from the user, the system configures a first application page to generate the UI event at application runtime in response to a trigger and to publish the UI event to browser local storage. Responsive to a subscription instruction from the user, the system configures a second application page to periodically poll the browser local storage for the user interface event at application runtime and, in response to the UI event published by the first application page to the browser local storage, process the UI event and automatically immediately update the second application page.
Embodiments of systems and methods for DNS smart access are disclosed herein. In particular, certain embodiments include a local cache of trusted addresses resolved by a trusted DNS resolver. A DNS smart access agent monitors outbound communications from applications or processes on a client device. The DNS smart access agent blocks access to addresses that were not resolved through the trusted DNS resolver.
H04L 61/4511 - Répertoires de réseauCorrespondance nom-adresse en utilisant des répertoires normalisésRépertoires de réseauCorrespondance nom-adresse en utilisant des protocoles normalisés d'accès aux répertoires en utilisant le système de noms de domaine [DNS]
93.
Systems and methods for stateless authentication and authorization using JWT access tokens
Systems and methods for secure stateless client-server communication. User credentials in a client authorization request are authenticated and used to generate a JSON web token (JWT). The JWT header and signature are encrypted and included in an HTTP-only cookie. The JWT payload is encrypted and sent to the client in a response body along with the HTTP-only cookie. Each subsequent client request includes the cookie and has the encrypted JWT payload in the request header. Upon receiving the request, the server decrypts the encrypted JWT payload from the header and decrypts the encrypted JWT header and signature from the cookie, then reconstructs the JWT from the JWT header, payload and signature. The server validates the JWT and, if valid, processes the request according to authorizations in the JWT payload.
H04L 9/32 - Dispositions pour les communications secrètes ou protégéesProtocoles réseaux de sécurité comprenant des moyens pour vérifier l'identité ou l'autorisation d'un utilisateur du système
H04L 67/02 - Protocoles basés sur la technologie du Web, p. ex. protocole de transfert hypertexte [HTTP]
Creating an object is disclosed. An instance of a sharable type is created. An instance of a lightweight type is created. The sharable type is designated as a parent of the lightweight type. The instance of the sharable type is designated as a parent of the instance of the lightweight type. The instance of the sharable type may be shared by one or more other instances of the lightweight type.
Migrating content between enterprise content management systems is described. A source object identifier is identified for metadata tables for content for a source enterprise content management system, based on a migration job definition. The metadata tables are retrieved from the source enterprise content management system, based on the source object identifier. A target object identifier is identified for a target enterprise content management system, based on the metadata tables and the migration job definition. An object identifier map is created that maps the source object identifier to the target object identifier. The metadata tables are stored to the target enterprise content management system, based on the object identifier map. The content for the source enterprise content management system is retrieved. The content is stored as content for the target enterprise content management system.
Systems and methods for secure stateless client-server communication. User credentials in a client authorization request are authenticated and used to generate a JSON web token (JWT). The JWT header and signature are encrypted and included in an HTTP-only cookie. The JWT payload is encrypted and sent to the client in a response body along with the HTTP-only cookie. Each subsequent client request includes the cookie and has the encrypted JWT payload in the request header. Upon receiving the request, the server decrypts the encrypted JWT payload from the header and decrypts the encrypted JWT header and signature from the cookie, then reconstructs the JWT from the JWT header, payload and signature. The server validates the JWT and, if valid, processes the request according to authorizations in the JWT payload.
H04L 9/32 - Dispositions pour les communications secrètes ou protégéesProtocoles réseaux de sécurité comprenant des moyens pour vérifier l'identité ou l'autorisation d'un utilisateur du système
H04L 67/02 - Protocoles basés sur la technologie du Web, p. ex. protocole de transfert hypertexte [HTTP]
H04L 67/146 - Marqueurs pour l'identification sans ambiguïté d'une session particulière, p. ex. mouchard de session ou encodage d'URL
H04L 69/22 - Analyse syntaxique ou évaluation d’en-têtes
97.
Method and system for cloning enterprise content management systems
Cloning enterprise content management systems is described. A first remote procedure call is executed to a source database management system associated with a source enterprise content management system to retrieve a source object type from the source enterprise content management system. A second remote procedure call is executed to a target database management system associated with a target enterprise content management system to create a target object type in the target enterprise content management system, wherein the target object type is based on the source object type. Source metadata tables associated with the source object type are retrieved from the source enterprise content management system. The source metadata tables are stored as target metadata tables in the target enterprise content management system.
Systems and methods for the design, deployment and utilization of targeted communications based upon audiences are disclosed. More specifically, embodiments may allow the targeting of communications to users based on a user's audience affiliation and may allow the dynamic targeting of communications based on an audience with which a user is affiliated, including audiences determined from user interactions with a web site.
H04N 21/442 - Surveillance de procédés ou de ressources, p. ex. détection de la défaillance d'un dispositif d'enregistrement, surveillance de la bande passante sur la voie descendante, du nombre de visualisations d'un film, de l'espace de stockage disponible dans le disque dur interne
G06Q 30/02 - MarketingEstimation ou détermination des prixCollecte de fonds
H04N 21/45 - Opérations de gestion réalisées par le client pour faciliter la réception de contenu ou l'interaction avec le contenu, ou pour l'administration des données liées à l'utilisateur final ou au dispositif client lui-même, p. ex. apprentissage des préférences d'utilisateurs pour recommander des films ou résolution de conflits d'ordonnancement
H04N 21/658 - Transmission du client vers le serveur
99.
SYSTEM AND METHOD FOR SYSTEM REPLICATION AND MIGRATION FOR IN-MEMORY DATABASE SYSTEMS
Systems and methods for performing server migrations in an in-memory database system environment are provided. Various embodiments of the present technology provide systems and methods for actively monitoring a queue of the in-memory database system at the target file system to determined when all of the contents of the queue have been flushed to disk. Responsive to the determination, the source file system can be shut down, and replicated to the target file system.
Examples of the present disclosure describe systems and methods for a behavioral threat detection engine. In examples, the behavioral threat detection engine manages execution of one or more virtual machines, wherein each virtual machine processes a rule in relation to a context. The behavioral threat detection engine uses any of a variety of techniques to identify when events occur. Accordingly, the behavioral threat detection engine provides event indications, in the form of event packets, to one or more virtual machines, such that corresponding rules are able to process the events accordingly. Eventually, a rule may make a determination as to the presence or absence of a behavior. As a result, execution of the associated virtual machine may be halted, thereby indicating to the behavioral threat detection engine that a determination has been made. Thus a behavioral threat detection engine employs a behavior-based approach to detecting malicious or potentially malicious behaviors.
G06F 21/55 - Détection d’intrusion locale ou mise en œuvre de contre-mesures
G06F 9/455 - ÉmulationInterprétationSimulation de logiciel, p. ex. virtualisation ou émulation des moteurs d’exécution d’applications ou de systèmes d’exploitation
G06F 21/56 - Détection ou gestion de programmes malveillants, p. ex. dispositions anti-virus
