Techniques are described for cryptographic key generation based on biometric data associated with a user. Biometric data, such as fingerprint(s) and/or heartbeat data, may be collected using one or more sensors in proximity to the user. The biometric data may be analyzed to generate a cryptographic key. In some implementations, the key may be employed by the user to access data, access certain (e.g., secure) feature(s) of an application, authenticate the user, digitally sign document(s), and/or for other purpose(s). In some implementations, the key may be re-generated for each access request or authentication instance, based on the user's fingerprint or other biometric data.

Secure operations can be performed using security module instances offered as a web service through a resource provider environment. State data and cryptographic material can be loaded and unloaded from the instance as needed, such that the instance can be reused for operations of different customers. The material and data can be stored as a bundle encrypted using a key specific to the hardware security module and a key specific to the resource provider, such that the bundle can only be decrypted in an instance of that type of security module from the associated manufacturer and operated by that particular resource provider. The customer is then only responsible for the allocation of that instance during the respective cryptographic operation(s).

A method for creating an authentication tag includes receiving, at an authentication server, tagging device data and item data from a tagging device, authenticating, by the authentication server, the tagging device using the tagging device data, generating an authentication tag, and sending, by the authentication server, the authentication tag to the electronic device. The tagging device is affixed to an item, and the authentication tag comprises a digital signature provided by the authentication server.

Electronic messages may be processed using a stamp authority by receiving an electronic message, identifying a stamp associated the message, determining if the stamp is valid, and, if the stamp is determined to be valid, distinguishing the message from messages with which a valid stamp is not identified.

An application programming interface (API) authentication method using two API tokens which includes issuing a general API token and providing information required for a one-time API token to a user device; and in response to an API request from the user device, processing an API request according to a result of authentication based on the general API token and a one-time API token, which is generated using the information required for a one-time API token creation.

A security platform employs a variety techniques and mechanisms to detect security related anomalies and threats in a computer network environment. The security platform is big data driven and employs machine learning to perform security analytics. The security platform performs user/entity behavioral analytics (UEBA) to detect the security related anomalies and threats, regardless of whether such anomalies/threats were previously known. The security platform can include both real-time and batch paths/modes for detecting anomalies and threats. By visually presenting analytical results scored with risk ratings and supporting evidence, the security platform enables network security administrators to respond to a detected anomaly or threat, and to take action promptly.

Embodiments described herein relate to methods and apparatuses for providing an analytic result relating to tunneling traffic to a consumer network function, NF. A method in a first network function comprises receiving a request from the consumer NF, to receive analytics relating to tunneling traffic; responsive to receiving the request, triggering one or more network nodes to transmit data relating to tunneling traffic to the first NF; receiving data relating to tunneling traffic from one or more network nodes; analysing the received data to determine an analytic result; and transmitting an indication of the analytic result to the consumer NF.

Systems and methods for computing times to remediate for asset vulnerabilities are described herein. In an embodiment, a server computer receives first vulnerability data for a plurality of entities identifying asset vulnerabilities and timing data corresponding to the vulnerability data indicating an amount of time between identification of an asset vulnerability and a result of the asset vulnerability. The server computer identifies a strict subset of the first vulnerability data that belongs to a particular category of a first plurality of categories. The server computer receives second vulnerability data for a particular entity identifying asset vulnerabilities. The server computer identifies a strict subset of the second vulnerability data the belongs to the particular category. Based, at least in part, on the strict subset of the first vulnerability data, the server computer computes a time to remediate the asset vulnerabilities in the strict subset of the second vulnerability data.

A system and method for configuring a web application firewall (WAF) is provided. The method includes continuously receiving requests related to a first WAF, each request indicative of network traffic directed to a web application protected by the WAF; enriching each received request by associating each event with information from an enrichment source; periodically analyzing the enriched requests; generating at least one network traffic rule based on periodically generated analysis; and configuring at least a second WAF to perform the network traffic rule.

A system and method of remotely enabling and disabling the starting of one or more vehicles using hardware components installed within a case and a data processing device (DPD), such as a smart phone, in logical communication with one of the vehicle and the case via a WAN, wherein an ignition request is relayed via the WAN to server which parses the ignition request into one or more encrypted ignition instructions, each encrypted ignition instruction sent to a separate vehicle exclusively associated with the encrypted ignition instruction.