A method of automatically creating trust communities in a fleet of devices. The method includes finding candidate devices in a fleet of devices via one or more candidate discovery techniques and generating device-related data based on the candidate devices that are found, analyzing the device-related data via an analytics engine and creating one or more fleet orchestrator device lists based on the analysis of the device-related data, and automatically creating one or more new trust communities or suggesting joining one or more previously existing trust communities based at least on the one or more fleet orchestrator device lists for the candidate devices, wherein the one or more new trust communities or previously existing trust communities include at least a sub-set of the devices in the fleet, and wherein at least one of the managed devices in the sub-set of devices is configured as a root device to publish files via a file sharing function.

Some embodiments use text and/or image processing methods to determine whether a user of an electronic messaging platform is subject to an online threat such as cyberbullying, sexual grooming, and identity theft, among others. In some embodiments, a text content of electronic messages is automatically harvested and aggregated into conversations. Conversation data are then analyzed to extract various threat indicators. A result of a text analysis may be combined with a result of an analysis of an image transmitted as part of the respective conversation. When a threat is detected, some embodiments automatically send a notification to a third party (e.g., parent, teacher, etc.)

A network controller (102) for granting a device and/or an application (120) access rights to at least one device of a set of devices (112, 130) is disclosed. The set of devices (112, 130) comprises a controllable device (130) and a control device (110), wherein the control device (110) comprises a user input element (112) configured to receive a user input, and wherein the control device (110) is configured to generate an input signal (114) based on the received user input. The network controller (102) comprises a communication unit (104) configured to receive an access request signal (124) from the device and/or the application (120), and to receive the input signal (114) from the control device (110), and a processor (106) configured to switch, upon receipt of the access request signal (124), the network controller (102) from a control mode to a configuration mode, wherein the processor (106) is configured to control, if the network controller (102) is in the control mode, the controllable device (130) based on the input signal (114), wherein the processor (106) is configured to grant, if the network controller (102) is in the configuration mode, the access rights to the device and/or the application (120) upon receipt of the input signal (114).

A method for processing a security policy of a device may include a step for receiving, from another device, a first message including first information about a security policy of the other device. The first message may include a direct communication request message or a link modification request message. The method may further include the steps of: determining whether to accept or reject the first message on the basis of both the first information about the security policy of the other device and second information about the security policy of the device; and sending a second message on the basis of the determination.

A packet forwarding method is disclosed. The method includes: After an edge node in a trusted domain receives an SRv6 packet whose destination address is a BSID, the edge node may verify the packet based on a BSID in the packet and a destination field in an SRH of the packet. If the packet passes the verification, the edge node forwards the packet. If the packet fails the verification, the edge node discards the packet. Not only a node outside the trusted domain is required to access the trusted domain by using the BSID, but also the packet entering the trusted domain needs to be verified with reference to the target field in the segment routing header.

Example security systems for use between at least one upstream router and at least one downstream router, are described. A group or pool of security devices can be used to provide stateful security to bidirectional packet flows between upstream and downstream routers. The packets of the bidirectional flows are forwarded to particular security devices based on a consistent hash ring process. For a given flow, bidirectional state information is synchronized among some, but not all, of the security devices. The security devices among which such bidirectional flow state information is shared are determined using the same consistent hash ring process.

A method includes determining a corresponding level of a security model associated with each device of a plurality of devices connected to a network, each level of the security model having a corresponding tag; applying, to each of the plurality of devices, the corresponding tag based on the corresponding level of the security model with which each of the plurality of devices are associated; receiving, over a network connection, network traffic from at least one of the plurality of devices and the corresponding tag; analyzing the corresponding tag associated with the network traffic; determining a destination for the network traffic; applying one or more security measures to the network traffic based on the corresponding tag for the at least one device and a corresponding tag of the destination for the network traffic; and sending the network traffic to the destination with the corresponding tag of the destination.

A method for providing online security may include: (1) receiving, by a validation computer program executed by a trusted entity backend for a trusted entity, a call from a web browser executed on a customer electronic device browsing a webpage for an online entity, the call comprising an online entity identifier for the online entity and a session identifier, wherein the webpage for the online entity may include a hidden <iframe> comprising code that causes the web browser to execute the call; (2) confirming, by the validation computer program, that a cookie for the trusted entity may be stored on the customer electronic device; and (3) returning, by the validation computer program, a first value indicating that the customer electronic device is known to the trusted entity or a second value indicating that the customer electronic device is not known to the trusted entity based on the confirmation.

A smart forms solution that enables transactions institutions to provide configuration parameters in a streamlined manner so that developers can construct end-to-end solutions in an automated manner includes performing, by a processor, operations including: receiving data from a form in a webpage; validating the received data; saving the validated data; determining a location to send the saved data; sending the saved data to the determined location; invoking an API at the determined location with the saved data; and using the saved data to perform a manual operation.

An AI-based system and method for facilitating management of threats for an organization is disclosed. The method includes receiving one or more inputs captured by a plurality of electronic devices of an organization, determining an AI model based on a type of the one or more inputs, and determining if the one or more inputs correspond to a predefined data range. The method includes detecting one or more threats associated with the organization by using the determined AI model and generating one or more real-time alerts corresponding to the detected one or more threats. Furthermore, the method includes generating one or more recommendations for responding to the detected one or more threats and outputting the detected one or more threats, the generated one or more real-time alerts and the generated one or more recommendations on user interface screen of one or more user devices.