A method, system, and computer-readable storage medium are disclosed for identifying binary signatures in a selected set of files and assigning at least one of the binary signatures to a file format name or file format type for use in a security policy generator. In certain embodiments, the method for generating an electronic security policy for a file format type, includes: identification of a plurality of files stored in electronic memory, where the plurality of files include files having the same file format type; providing a file format name that is to be associated with the file format type; accessing the plurality of files from the electronic memory; identifying a common binary signature for the file format type included in the plurality of files; correlating the file format type with the common binary signature; and generating the security policy for the file format type using the file format name.

Systems, computer-implemented methods, and computer program products that can facilitate sensitive data policy recommendation are provided. According to an embodiment, a system can comprise a memory that stores computer executable components and a processor that executes the computer executable components stored in the memory. The computer executable components can comprise an extraction component that can employ an artificial intelligence model to extract compliance data from a data source. The computer executable components can further comprise a recommendation component that can recommend a sensitive data policy based on the compliance data. In some embodiments, the recommendation component can further identify one or more sensitive data entities of a sensitive data dataset that are affected by actionable obligation data of the data source.

A computing device supports the use of multiple different authenticators for a user to unlock his or her computing device and access his or her user account. An authenticator refers to something that the user knows or has that can be compared to known authentication data in order to authenticate the user. In one or more embodiments, the behavior of the computing device varies for different authenticators by displaying user-selectable content in different visibility modes based on which authenticator is used to authenticate the user. In one content visibility mode content is fully visible on the computing device display screen, whereas in another content visibility mode content visibility on the computing device display screen is reduced. Additionally or alternatively, the behavior of the computing device varies for different authenticators by using different authenticators for different contexts of the computing device.

Systems and methods for managing a set of electronic assets from a single location are disclosed. The method includes providing a portal with a network security access control. The method includes determining that login credentials input to the access control are associated with a set of electronic assets corresponding to a plurality of third-party computing systems with application programming interface (API) gateways configured to accept API calls directed to changes in functionality of the electronic assets. The method includes presenting, via the portal, a virtual icon to identify a coordinated action with respect to the set of electronic assets and, in response to a selection of the virtual icon, executing a set of API calls that include an asset-specific API call to each third-party computing system in the plurality of third-party computing systems to implement the coordinated action on all electronic assets in the set of electronic assets.

Methods and systems for reconfiguring an interface device are described. The interface device may comprise a housing, one or more processors disposed in the housing, a display, a network interface that enables communication with a security system, and a module connector. One or more of a plurality of modules may be removably coupled, via the module connector, with the interface device. The plurality of modules may enable the interface device to perform different functions. An example module, when coupled to the module connector, may enable communication between multiple networks.

The apparatus disclosed herein, in various aspects, includes a digital asset, and an amulet that comprises an encrypted self-validating string. The amulet may be external to the digital asset. The apparatus may include a manager that cooperates securely with the digital asset and cooperates securely with the amulet to control access to the digital asset as specified by the amulet. In some aspects, the manager cooperates with the digital asset and with the amulet, at least in part, through shared memory in process space. In other aspects, the manager cooperates with the digital asset and with the amulet, at least in part, through a RAM drive in memory, the RAM drive at least partially hidden from an operating system of the computer. In yet other aspects, the manager cooperates with the digital asset and with the amulet, at least in part, through a virtual machine accessible only by said apparatus. The amulet, the manager, and the digital asset are either operably receivable by a computer or are operably received by the computer, in various aspects. Related methods and compositions of matter are also disclosed.

Disclosed herein are systems and method for inspecting archived slices for malware using empty spare files. In one exemplary aspect, the method comprises generating a backup slice and a virtual volume comprising a list of files in the backup slice and associated file information. The method comprises mounting the virtual volume to a disk. The method comprises creating, in the virtual volume, empty sparse files that are placeholders of the files reference in the list of files. The method comprises detecting a change between a respective empty sparse file and a corresponding file in a previous backup slice and accordingly storing the actual content of the file in the virtual volume in place of the respective empty sparse file. The method comprises scanning the virtual volume for malicious software and generating a cured slice that replaces the backup slice in the backup archive upon detection.

A method for a system includes capturing with a biometric capture device biometric data associated with a user of a smart device, determining with processor a user profile in response to the biometric data, determining with a physical sensor a plurality of physical perturbations in response to physical actions of the user, determining with the processor a requested user-perceptible action in response to the user profile and the plurality of physical perturbations, receiving with a short-range transceiver an authentication request from a reader device, and outputting with the short-range transceiver a token and identification of the user-perceptible action to the reader device in response to the authentication request, wherein the reader device performs or directs performance of the user-perceptible action in response to the identification of the user-perceptible action and to the token being valid.

Example implementations relate to method and system for securing a workload from a security vulnerability based on management of critical patches for the workload. The method includes obtaining information of existing patches for each of a plurality of infrastructure resources that are required to execute the workload, where the infrastructure resources are segregated as multiple layers. The method further includes determining dependency of the infrastructure resources across the multiple layers and identifying the security vulnerability related to the infrastructure resources. The method further includes evaluating perceived criticalities of first and second new patches for the security vulnerability based a workload weightage, a resource age of the infrastructure resources, and an actual criticality of the first and second new patches. Further, the method includes installing the first new patch followed by the second new patch on the infrastructure resources based on the perceived criticalities, in an order of the determined dependency.

In some examples, a system includes storage storing a machine learning model, wherein the machine learning model comprises a plurality of layers comprising multiple weights. The system also includes a processing unit coupled to the storage and operable to group the weights in each layer into a plurality of partitions; determine a number of least significant bits to be used for watermarking in each of the plurality of partitions; insert one or more watermark bits into the determined least significant bits for each of the plurality of partitions; and scramble one or more of the weight bits to produce watermarked and scrambled weights. The system also includes an output device to provide the watermarked and scrambled weights to another device.