Systems and methods are disclosed for subscribing to messages generated from a plurality of edge devices. One method comprises receiving, at a cloud platform from a plurality of edge devices, a plurality of messages that comply with a common schema and receiving, at the cloud platform from a custom application, an annotation stream request to generate at least one annotation stream and an annotation filter request to generate one or more annotation filters. The at least one annotation stream and the one or more annotation filters are then generated by the cloud platform. Based on the one or more filters, one or more of the plurality of messages are published, by the cloud platform, to the at least one annotation stream.

Securing a group-based communication system may comprise identity verification of a user based on tracking an entity's interactions with a computing device associated with a user profile registered with the group-based communication system. The identity verification techniques may comprise capturing various inputs at a computing device associated with a user profile registered with the group-based communication system and storing and/or transmitting the inputs and/or interaction parameters quantifying features of the inputs to a security component of the group-based communication system. The security component may generate a data structure based at least in part on comparing the interaction parameters to historical interaction parameters and the data structure may be used to generate a trust score for verifying or denying the entity interacting with the computing device.

Techniques are described for detecting attacks that employ a display name in an email to impersonate an email sender. A computing infrastructure hosting an email security platform may determine a similarity between the display name and an email address from which the email was received. The email security platform may determine the similarity by comparing a string associated with the display name and a string associated with the sender address. The email security platform may generate a similarity value based on a result of the display name being compared with the sender address. The email security platform may determine that the email includes the display name impersonating a name of the sender, based on the similarity value meeting or exceeding a threshold value indicative of impersonation. The email security platform may delete or quarantine the email from an inbox associated with a user account.

Techniques are described for detecting attacks that employ a display name in an email to impersonate an email sender. A computing infrastructure hosting an email security platform may determine a similarity between the display name and an email address from which the email was received. The email security platform may determine the similarity by comparing a string associated with the display name and a string associated with the sender address. The email security platform may generate a similarity value based on a result of the display name being compared with the sender address. The email security platform may determine that the email includes the display name impersonating a name of the sender, based on the similarity value meeting or exceeding a threshold value indicative of impersonation. The email security platform may delete or quarantine the email from an inbox associated with a user account.

A message transportation management system can be configured to receive a message directed to a plurality of target message recipients. The system can determine a plurality of levels of activity, each corresponding to one of the plurality of target message recipients. The system can receive a level of activity threshold associated with each of the plurality of target message recipients. The system can determine that the first subgroup of target message recipients qualifies as priority target message recipients. The system can transmit, via a priority transfer location, the message to the first subgroup of target message recipients and transmit, via a default transfer location different from the priority transfer location, the message to a second subgroup of target message recipients.

A message transportation management system can be configured to receive a message directed to a plurality of target message recipients. The system can determine a plurality of levels of activity, each corresponding to one of the plurality of target message recipients. The system can receive a level of activity threshold associated with each of the plurality of target message recipients. The system can determine that the first subgroup of target message recipients qualifies as priority target message recipients. The system can transmit, via a priority transfer location, the message to the first subgroup of target message recipients and transmit, via a default transfer location different from the priority transfer location, the message to a second subgroup of target message recipients.

Aspects of the subject disclosure may include, for example, receiving, at a device, a message over a communication network from a remote source, determining if the message includes executable code and initiating a virtual machine in an isolated portion of the memory of the device responsive to the determining the message include executable code. Aspects of the subject disclosure further include executing, by the virtual machine, the executable code within the isolated portion of the memory, monitoring, by an artificial intelligence module, activities of the executable code during the executing the executable code and determining if the executable code comprises malicious code responsive to the monitoring activities of the executable code. Aspects of the disclosure further include deleting the executable code from the device in response to a determination that the executable code comprises malicious code. Other embodiments are disclosed.

A computing system, comprises a processor; a communications module coupled to the processor; and a memory coupled to the processor, the memory storing instructions that, when executed, configure the processor to authenticate a session associated with a data record; receive, via the communications module and from a server, a first message object; analyze metadata of the first message object to identify one or more display rules associated with the first message object; determine, based on one or more elements displayed on a user interface associated with the authenticated session, that the one or more elements satisfy the one or more display rules; and responsive to determining that the one or more elements satisfy the one or more display rules, display the first message object on the user interface associated with the authenticated session.

A method for prohibiting email content propagation that receives, at a server, an email message. At the server, at least one email address associated with the email message which is designated not to receive a content of the email message is identified. At the server, the email message is modified by selectively removing a content of the email message to be conveyed to the at least one email address. The server conveys the modified email message to the at least one email address. The server conveys the email message to one or more recipient email addresses except the at least one email address. Consequently, the server has sent a submitted message to multiple email addresses, while modifying the content sent to a subset of the addresses that received the email message.

A method for prohibiting email content propagation that receives, at a server, an email message. At the server, at least one email address associated with the email message which is designated not to receive a content of the email message is identified. At the server, the email message is modified by selectively removing a content of the email message to be conveyed to the at least one email address. The server conveys the modified email message to the at least one email address. The server conveys the email message to one or more recipient email addresses except the at least one email address. Consequently, the server has sent a submitted message to multiple email addresses, while modifying the content sent to a subset of the addresses that received the email message.