The disclosure relates generally to methods, systems, and apparatuses for managing network connections. An example method includes receiving one or more messages from a plurality of computing devices connected through a network, the one or more messages indicating actual connections among the plurality of computing devices. The example method further includes comparing, by one or more processors, the actual connections to a list of expected connections indicated by a connections master file that comprises connection information for the plurality of computing devices. The method further includes, responsive to detecting one or more differences between the list of expected connections and the actual connections, providing a notification indicating the one or more differences to a log file or a notification area of a user interface.

The disclosure relates generally to methods, systems, and apparatuses for managing network connections. An example method includes receiving one or more messages from a plurality of computing devices connected through a network, the one or more messages indicating actual connections among the plurality of computing devices. The example method further includes comparing, by one or more processors, the actual connections to a list of expected connections indicated by a connections master file that comprises connection information for the plurality of computing devices. The method further includes, responsive to detecting one or more differences between the list of expected connections and the actual connections, providing a notification indicating the one or more differences to a log file or a notification area of a user interface.

A computer-implemented method for identifying a use anomaly potentially exposing sensitive data is disclosed. The method comprises receiving data comprising logs of a communication involving a computing device, where the logs comprise distinct logs of at least three communication abstraction levels. At least three anomaly classifiers are operated for logs from each of the at least three communication abstraction levels. An ensemble model is used to identify an anomaly in the communication, by processing output from each of the at least three anomaly classifiers. The various logs from a moment in time when the anomaly occurred are collated, and a graphical user interface is generated for reviewing the identified anomaly and collated logs. A human reviewer is then alerted that an anomaly has been identified.

Implementations of the disclosed subject matter provide systems and methods of assigning, at a server, a unique identifier to each of a plurality of devices communicatively coupled to one another and the server via a communications network. Each unique identifier may be converted to a device hash key by applying a hash function. A range of device hash keys of the plurality of devices may be split into N approximately equal sectors, where N is a prime number and each sector includes 1/N of the device hash keys of the plurality of the devices. K monitoring workers provided by the server may monitor the plurality of devices in an order based on the respective device hash key, where K is an integer.

A security platform employs a variety techniques and mechanisms to detect security related anomalies and threats in a computer network environment. The security platform is “big data” driven and employs machine learning to perform security analytics. The security platform performs user/entity behavioral analytics (UEBA) to detect the security related anomalies and threats, regardless of whether such anomalies/threats were previously known. The security platform can include both real-time and batch paths/modes for detecting anomalies and threats. By visually presenting analytical results scored with risk ratings and supporting evidence, the security platform enables network security administrators to respond to a detected anomaly or threat, and to take action promptly.

A security platform employs a variety techniques and mechanisms to detect security related anomalies and threats in a computer network environment. The security platform is “big data” driven and employs machine learning to perform security analytics. The security platform performs user/entity behavioral analytics (UEBA) to detect the security related anomalies and threats, regardless of whether such anomalies/threats were previously known. The security platform can include both real-time and batch paths/modes for detecting anomalies and threats. By visually presenting analytical results scored with risk ratings and supporting evidence, the security platform enables network security administrators to respond to a detected anomaly or threat, and to take action promptly.

The present disclosure relates to determining the shareability of values of node profiles. Record objects and electronic activities of a system of record corresponding to a data source provider may be accessed. Each record object may correspond to a record object type and have one or more object field-value pairs. Node profiles may be maintained. Values of fields corresponding to a predetermined type of field including fewer than a predetermined threshold number of data source providers may be identified. A restriction tag used to restrict populating other node profiles may be generated. Provision of the value with a second data source provider may be restricted.

In one embodiment, an agent process performs performance monitoring according to either a network performance monitoring platform or an application performance monitoring platform. The agent process exchanges a request message with a remote agent process (performing performance monitoring according to the opposing platform), where the request message comprises a transaction identifier and a requested action. The agent process also exchanges, in response to the request message, a response message with the remote agent process, wherein the response message comprises an acknowledgment of the transaction identifier and the requested action. The agent process shares first performance monitoring platform information along with the transaction identifier, where the remote agent process shares second performance monitoring platform information along with the transaction identifier, such that the sharing causes explicit correlation of the first information and the second information based on the transaction identifier.

The disclosed system and method obtain a report of an issue reported by a user of the wireless telecommunication network, and historical information associated with the user and the wireless telecommunication network. The historical information includes multiple issues reported by users similar to the user, and multiple user statuses associated with the users similar to the user. The user status among the multiple user statuses includes active and inactive, indicating whether the user is an active member of the telecommunication network or has left the network. The system provides the historical information to an AI model, and obtains from the AI model a priority associated with the issue experienced by the user. The system causes a resolution of the issue based on the priority.

A method includes receiving a representation of a predefined planned event that includes the use of a first set of cellular data service infrastructure elements. A performance of the first set of cellular data service infrastructure elements is simulated, and a predicted failure of at least one cellular data service infrastructure element from the first set of cellular data service infrastructure elements is identified based on the simulation. In response to identifying the predicted failure, a modification to the at least one cellular data service infrastructure element or an additional cellular data service infrastructure element is determined and included in a second set of cellular data service infrastructure elements whose performance is subsequently simulated. The simulated performance of the first set of cellular data service infrastructure elements is compared with the simulated performance of the second set of cellular data service infrastructure elements to determine a performance improvement.