A method of determining that a client is likely engaged in the sending of spam emails via a network node. The method comprises, at the network node, defining a message size threshold and a message sending rate threshold, detecting the opening of Simple Mail Transfer Protocol, SMTP connections between a client device and an email server, identifying messages sent from the client over the SMTP connections which exceed said message size threshold and counting the identified messages to determine a client email message sending rate. The method further comprises making an assumption that the client is engaged in the sending of spam emails if the client message sending rate exceeds said message sending rate threshold.

A method of determining that a client is likely engaged in the sending of spam emails via a network node. The method comprises, at the network node, defining a message size threshold and a message sending rate threshold, detecting the opening of Simple Mail Transfer Protocol, SMTP connections between a client device and an email server, identifying messages sent from the client over the SMTP connections which exceed said message size threshold and counting the identified messages to determine a client email message sending rate. The method further comprises making an assumption that the client is engaged in the sending of spam emails if the client message sending rate exceeds said message sending rate threshold.

The present disclosure relates to computer-implemented methods, software, and systems for detecting outages in a cloud environment. Internal web agents installed at corresponding network segments of a first cloud platform and external web agents installed at an external second cloud platform are configured to perform network calls between themselves and the other web agents. Data from the internal web agents is automatically collected to generate structured data defining network connectivity status corresponding to the network segments of the first cloud platform based on the performed network calls between the internal and external web agents. In response to evaluating the structured data, a health status of network connectivity of the first cloud platform is determined. The health status can be provided to platform services provided by the first cloud platform and/or applications running on the first cloud platform to support managing of lifecycles of entities running on the first cloud platform.

The present disclosure relates to computer-implemented methods, software, and systems for detecting outages in a cloud environment. Internal web agents installed at corresponding network segments of a first cloud platform and external web agents installed at an external second cloud platform are configured to perform network calls between themselves and the other web agents. Data from the internal web agents is automatically collected to generate structured data defining network connectivity status corresponding to the network segments of the first cloud platform based on the performed network calls between the internal and external web agents. In response to evaluating the structured data, a health status of network connectivity of the first cloud platform is determined. The health status can be provided to platform services provided by the first cloud platform and/or applications running on the first cloud platform to support managing of lifecycles of entities running on the first cloud platform.

A threat monitoring and vulnerability management system is disclosed. The system includes one or more sensors configured to scan a frequency spectrum of a project 25 (P25) network and to collect data on the P25 network. The system further includes a server coupled to the sensors and configured to receive the collected data from the plurality of sensors, compare the collected data with previously stored historical data to determine whether an anomaly exists within data patterns of the collected data, responsive to determining that the anomaly exists, determine at least one of: whether use of a cloned radio that mimics an authorized connection occurs, whether jamming of a radio frequency (RF) communication occurs, or whether jamming of a voice communication occurs within the P25 network by comparing the collected data with preset thresholds, and send a real-time alert to a dispatch and control console unit coupled to the server and the P25 network in response to determining that some of the collected data exceeds at least one of the preset thresholds, such that the dispatch and control console unit provides one or more corrective actions to the P25 network.

A threat monitoring and vulnerability management system is disclosed. The system includes one or more sensors configured to scan a frequency spectrum of a project 25 (P25) network and to collect data on the P25 network. The system further includes a server coupled to the sensors and configured to receive the collected data from the plurality of sensors, compare the collected data with previously stored historical data to determine whether an anomaly exists within data patterns of the collected data, responsive to determining that the anomaly exists, determine at least one of: whether use of a cloned radio that mimics an authorized connection occurs, whether jamming of a radio frequency (RF) communication occurs, or whether jamming of a voice communication occurs within the P25 network by comparing the collected data with preset thresholds, and send a real-time alert to a dispatch and control console unit coupled to the server and the P25 network in response to determining that some of the collected data exceeds at least one of the preset thresholds, such that the dispatch and control console unit provides one or more corrective actions to the P25 network.

Methods and apparatus to determine main pages from network traffic are disclosed. A disclosed example non-transitory computer readable medium includes instructions which, when executed, cause at least one processor to determine patterns of uniform resource identifiers (URIs) with corresponding main pages, parse data from network traffic, identify at least one of the main pages from the data based on the patterns, and provide the identified at least one of the main pages for crediting thereof.

A medical device for use in patient resuscitation and that is configured to communicate with one or more management servers includes a memory, a processor communicably coupled to the memory and configured to store device status information including device-readiness information from a medical device self-test, and store clinical event information observed by the medical device during a use of the medical device during a clinical event, the clinical event information including CPR performance data, and a communication component communicably coupled to the processor and configured to wirelessly transmit the device status information and the clinical event information to the one or more management servers, wherein the medical device includes an external defibrillator, an automated external defibrillator, or a compression assistance device.

A medical device for use in patient resuscitation and that is configured to communicate with one or more management servers includes a memory, a processor communicably coupled to the memory and configured to store device status information including device-readiness information from a medical device self-test, and store clinical event information observed by the medical device during a use of the medical device during a clinical event, the clinical event information including CPR performance data, and a communication component communicably coupled to the processor and configured to wirelessly transmit the device status information and the clinical event information to the one or more management servers, wherein the medical device includes an external defibrillator, an automated external defibrillator, or a compression assistance device.

Disclosed here is a system to automatically predict and resolve issues within a telecommunication network. Initially, the system builds a service registry to store dependence information within the network, which can include software components and hardware components. Various components of the network create logs of their operations. Machine learning models examine the logs and detect any issues. Upon detecting an issue or abnormal event, the system can automatically resolve the issue by determining the most similar issue occurring previously and determining a solution that resolved the previous most similar issue. In addition, the system can propagate the fix to dependent systems and/or notify the dependent systems of the issue.