Methods, apparatuses, and systems for secure data input mechanisms are described herein. An example method comprises monitoring a user interface presented on a display of a mobile device, identifying an input field of the application shown within the display, and adjusting operation of the mobile device in response to entry of data within the input field, the adjusting operation occurring via an input method, the input method changing at least one characteristic of the mobile device indicative of entry of data with use of the mobile device, so as to prevent acquisition of the data by a malicious application installed on the mobile device.

Techniques described herein relate to a method for deploying workflows with data management services. The method may include identifying, by a warranty measuring model associated with an information handling system, a first change event associated with the information handling system; obtaining first change information associated with the first change event; making a first determination that the first change event is not associated with an entry of a warranty audit table (WAT); generating a new WAT entry in the WAT using the first change information and an initial timestamp; identifying, by a warranty measuring model, a second change event associated with the information handling system; obtaining second change information associated with the second change event; making a second determination that the second change event is associated with an existing WAT entry of the WAT; updating the existing WAT entry using the second change information and a final timestamp.

Some examples relate generally to computer architecture software for data classification and information security and, in some more particular aspects, to verifying audit events in a file system.

A system includes one or more data sources. Each data source is configured to collect and store event data. An event bus is configured to monitor the event data of the one or more data sources. The event bus determines that a first portion of the monitored event data satisfies a first task criteria. The first portion of the monitored event data is associated with a first tag that corresponds to the first task. The event bus determines that a second portion of the monitored event data satisfies a second task criteria. The second portion of the monitored event data is associated with a second tag corresponding to the second task. The first portion of the monitored event data with the first tag and the second portion of the monitored event data with the second tag are provided for storage in a data lake.

Performing disaster recovery in a cloud-based storage system, including: creating, by a storage system a snapshot of a dataset; uploading, from the storage system to a cloud computing environment, the snapshot; storing, by the cloud computing environment, the snapshot; detecting, by the cloud computing environment, that the dataset is not available on the storage system; and creating, by the cloud computing environment using the snapshot that is stored within the cloud computing environment, a cloud-based storage system that includes the dataset.

Examples relate to a monitoring apparatus, a monitoring device, a monitoring method, and to a corresponding computer program and system. The monitoring apparatus is configured to obtain a first compute kernel to be monitored and to obtain one or more second compute kernels. The monitoring apparatus is configured to provide instructions, using interface circuitry, to control circuitry of a computing device comprising a plurality of execution units, to instruct the control circuitry to execute the first compute kernel using a first slice of the plurality of execution units and to execute the one or more second compute kernels concurrently with the first compute kernel using one or more second slices of the plurality of execution units, and to instruct the control circuitry to provide information on a change of a status of at least one hardware counter associated with the first slice that is caused by the execution of the first compute kernel. The monitoring apparatus is configured to determine information on the execution of the first compute kernel based on the information on the change of the status of the at least one hardware counter.

Systems and methods for using instrumentation for maintenance of a user-configured program in a cloud computing environment are herein disclosed as comprising, in an implementation, intercepting operation data pertaining to the user-configured program, including a start time, an execution time interval, an operation, and an origin of the operation, canonicalizing the intercepted operation data by stripping operation-specific variable data from the operation data, aggregating the canonicalized operation data based on the start time, the canonicalized operation data, and the origin of the operation, and storing the aggregated operation data within a time series database in the execution time interval based on the start time.

A database structure and a system that uses the structure to facilitate efficient context enrichment of low-level events occurring in a distributed computing system. In one aspect, the database structure comprises a table accessible to a distributed storage system. The table comprises a plurality of rows. Each row represents a corresponding process creation event of a particular process at a particular host at a particular time and assigned a particular event identifier. Each row comprises a row key identifying the particular host, the particular process, the particular time, and the particular event identifier of the process creation event corresponding to the row. The particular time and the particular event identifier are stored as part of the row key in a bitwise one's complement format. The row key structure facilitates efficient identification of a process creation event where only hostname and the process identifier of the process creation event are known.

Systems and methods for delta state tracking for event stream analysis. Events at a device are tracked and stored locally or forwarded to a server. The events collectively form an event stream. When an event of interest occurs, the precise configuration of a device at the time of the event of interest can be determined by applying the event stream in chronological or reverse chronological order to a snapshot of the device's configuration. Thus, the snapshot can be taken at any time. Tracking the deltas to the device's configuration enables the precise configuration at the time of the event of interest to be determined.

A method, system and product for detecting firmware vulnerabilities, including, during a testing phase of a firmware of a device, continuously polling states and activities of the device, wherein said polling is at a testing agent that is functionality separate from the firmware; correlating between at least one event that is associated with the states or the activities of the device and test results of the testing phase; based on said correlating, determining for the firmware one or more normal events and one or more abnormal events; and after the testing phase, providing indications of the one or more normal events and one or more abnormal events from the testing agent to a runtime agent, whereby said providing enables the runtime agent to protect the firmware from vulnerabilities associated with the one or more abnormal events.