A DNS server receives from a receiving email system, a DNS query for an email domain stored at the DNS server, the DNS query including identifying information of a sender of an email. The DNS server extracts the identifying information of the email sender from the DNS query and identifies one of a plurality of delivering organizations from the information. The DNS server determines whether the identified delivering organization is authorized to deliver email on behalf of the email domain. In response to determining that the identified delivering organization is authorized to deliver email on behalf of the email domain, the DNS server generates a target validation record based on the identity of the authorized delivering organization and the email domain, the target validation record including one or more rules indicating to the receiving email system whether the delivering organization is an authorized sender of email for the email domain.

Systems and methods may create and manage hybrid clouds including both standard compute nodes and edge devices. Edge devices can be enrolled in a hybrid cloud by deploying a lightweight container to the edge device.

Embodiments of the present disclosure provide methods, apparatus, systems, computing devices, and computing entities for predictive data protection using a data protection policy determination machine learning model. In one embodiment, a method is provided comprising: processing a historical data corpus using the data protection policy determination machine learning model to generate a dynamic data protection policy update describing inferred data protection instructions; determining an attestation subset of the inferred data protection instructions by comparing the instructions and prior data protection instructions described by an existing data protection policy; for each inferred data protection instruction in the attestation subset, determining a per-instruction attestation determination based on end-user feedback; generating an updated data protection policy by updating the existing policy in accordance with each inferred instruction in the attestation subset whose per-instruction attestation determination describes an affirmative attestation determination; and performing the predictive data protection using the updated data protection policy.

Embodiments of a software defined automation system that provides a reference architecture for designing, managing and maintaining a highly available, scalable and flexible automation system. In some embodiments, an SDA system can include a localized subsystem including a system controller node and multiple compute nodes. The multiple compute nodes can be communicatively coupled to the system controller node via a first communication network. The system controller node can manage the multiple compute nodes and virtualization of a control system on a compute node via the first communication network. The virtualized control system includes virtualized control system elements connected to a virtual network that is connected to a second communication network to enable the virtualized control system elements to control a physical control system element via the second communication network connected to the virtual network.

A message-hold decision maker system used with an electronic mail processing system that processes electronic messages for a protected computer network improves the electronic mail processing system's performance by increasing the throughput performance of the system. The improvements are achieved by providing an electronic mail processing gateway with additional logic that makes fast and intelligent decisions on whether to hold, block, allow, or sandbox electronic messages in view of potential threats such as viruses or URL-based threats. A message hold decision maker uses current and stored information from a plurality of specialized classification engines to quickly make the decisions. In some examples, the message hold decision maker will instruct an email gateway to hold an electronic mail message while the classification engines perform further analysis.

A method for DoS attacks at an NF includes maintaining, at a first NF, an NF subscription database containing rules that specify maximum numbers of allowed subscriptions and corresponding rule criteria. The method further includes receiving, at the first NF and from a second NF, a subscription request for establishing a subscription. The method further includes determining, by the first NF, that the subscription request matches criteria for at least one rule in the NF subscription database and incrementing, by the first NF, at least one count of a number of subscriptions for the at least one rule. The method further includes determining, by the first NF, that the at least one count of the number of subscriptions exceeds a maximum number of allowed subscriptions for the at least one rule. The method further includes, in response to determining that the at least one count of the number of subscriptions exceeds the maximum number of allowed subscriptions for the at least one rule, preventing establishment of the subscription.

An image forming apparatus includes a communication interface and a processor. The communication interface is configured to transmit data to and receive data from a cloud server that provides a cloud service. The processor is configured to receive a token from the cloud server via the communication interface, transmit a request including the token to the cloud server via the communication interface, receive a response including user information from the cloud server via the communication interface, and shift to a login state based on the user information.

Embodiments described include systems and methods for executing in an embedded browser an application script for network applications of different origins. A client application can establish a first session with a first network application of a first entity at a first origin via an embedded browser within the client application and a second session with a second network application of a second entity at a second origin via the embedded browser within the client application. A scripting engine within the client application of a client device of a user at a third origin can identify an application script having instructions to interact with the first network application and the second network application, and can execute the instructions to perform a task across the first network application of the first entity at the first origin and the second network application of the second entity at the second origin.

Extending access to a data model in a data analytics computer data processing system includes loading into a programmatically isolated process address space of a computer, an instance of an extension framework computer program and executing in the framework, computer program logic configured to establish a communicative channel between the isolated process address space and a data analytics computer data processing system executing in a separate process address space. Thereafter, within the framework a directive may be received to access a data model managed in the data analytics computer data processing system. In response, a function may be selected in respect to an API to the data analytics computer data processing system corresponding to the received directive. Finally, the selected API function may be invoked over the communicative channel and a result derived from the data model may be received in the framework from over the communicative channel in response to the selected API function.

Computer environment infrastructure compliance audit result prediction includes receiving system inventory information identifying systems of a computer environment and properties of those systems, loading security requirements applicable to systems, determining compliance deviations indicating deviations between current configurations of the systems and the security requirements, based at least on the determined compliance deviations, selecting audit features based on which a predicted audit result is to be generated, and generating a predicted audit result using the selected audit features as input to an audit result classification model trained on historical audit information to predict audit results based on input audit features, and the predicted audit result being a prediction of a result of an audit of the systems.