Data processing method organizing and processing data in a distributed computing system. By organizing select/secret content with [enterprise and external designated] categorical filters (content, contextual and taxonomic) to create further search terms for data mining both enterprise and external data sources (databases, data collections, data stores). The result being aggregated select/secret content. The aggregated select/secret content is stored in the corresponding select/secret content data store. The aggregated select/secret content is further processed for convergent or divergent characteristics. By identifying unknown data elements, another search gathers supplemental documents. Data element ranges are set by taxonomic filter and said contextual filters. Relevancy factors are identified by relationship between input and supplemental documents. Search is controlled by user selection, continuous search, iterative search (n cycles), search within m search terms, and search time.

A method and a computing device for identifying, in a network infrastructure, network devices compromised by DNS tunneling are provided. The method comprises: receiving a portion of traffic of the network infrastructure; identifying, from the traffic, a plurality of DNS queries having been generated by network devices of the network infrastructure; generating, by the processor, for a given one of the plurality of DNS queries, a respective set of feature; applying, by the processor, to the respective set of features, a pre-trained decision rule; in response to the pre-trained decision rule rendering a positive outcome, increasing a penalty score for a respective network device of the network infrastructure having transmitted the given one of the plurality of DNS queries; and in response to the penalty score associated with the respective network device exceeding a predetermined penalty score threshold, identifying the respective network device as being compromised.

A system and method of providing an interactive development environment may include providing a proxy server module, adapted to interface at least one cloud-based platform and one or more client modules, operatively connected to the proxy server, where each client module may be associated with a respective user development platform. At least one client module may receive, from the respective user development platform, one or more interactive computing documents, commonly referred to as notebooks, each representing one or more scripting code elements, commonly referred to as cells. The proxy server may scan the one or more cells, according to a set of predetermined scripting rules, and encapsulate the one or more notebooks in one or more data containers, based on the scan. The proxy server may subsequently transmit the one or more data containers to a cloud-based platform, to execute at least one cell of the one or more notebooks.

A network device may receive configuration data identifying resource subscription thresholds associated with a plurality of respective endpoint devices and may receive traffic from the plurality of endpoint devices. The network device may process the traffic and the configuration data, with a resource allocation model, to determine that processing traffic associated with a first endpoint device requires allocating a resource of the network device, and may process the configuration data, with the resource allocation model, to identify the resource of the network device from a particular resource of the network device that is currently allocated to traffic associated with a second endpoint device. The network device may allocate the particular resource of the network device to the traffic associated with the first endpoint device, and may process the traffic associated with the first endpoint device with the particular resource to generate processed traffic.

A computer-implemented method, computer program product and computing system for: obtaining hardware performance information concerning hardware deployed within a computing platform; obtaining platform performance information concerning the operation of the computing platform; obtaining application performance information concerning one or more applications deployed within the computing platform; and generating a holistic platform report concerning the computing platform based, at least in part, upon the hardware performance information, the platform performance information and the application performance information.

A secure communication system enabling secure transport of information is disclosed. The system comprises a secure network with one or more packet processing units connected by links through an internal communication system. The secure network transports packets of information between credentialed and authenticated agents. Each packet is associated with a visa issued by a visa service. The visa specifies the procedures governing the processing of the packet by the packet processing units as it is transported along a compliant flow, between agents thorough the network, according to a set of policies specified in a network configuration. Packet processing units include docks and forwarders. Adaptors serving the agents communicate with the network through tie-ins to docks. The system also includes and admin service, accessible to one more admins, that facilitates configuration and management of the network.

Systems and methods include implementing dynamic runtime code manipulation to modify application code associated with calls related to networking, with the calls implemented by application software executed as a serverless workload; intercepting the calls from the application software based on the modified application code; determining whether to permit the calls based on a set of policies; responsive to permitting a call, making the call to an operating system interface on behalf of the application software; and, responsive to not permitting the call, providing a failure notification to the application software.

Some embodiments provide a method or tool for automatically configuring a logical router on one or more edge nodes of an edge cluster (e.g., in a hosting system such as a datacenter). The method of some embodiments configures the logical router on the edge nodes based on a configuration policy that dictates the selection method of the edge nodes. In some embodiments, an edge cluster includes several edge nodes (e.g., gateway machines), through which one or more logical networks connect to external networks (e.g., external logical and/or physical networks). In some embodiments, the configured logical router connects a logical network to an external network through the edge nodes.

In one embodiment, a secure object transfer system is described. The system features a virtual private cloud network (VPC) and a controller. The VPC includes a plurality of gateways and a network load balancer, which configured to conduct a load balancing scheme on access messages from computing devices deployed within an on-premises network to direct the access memory to one of the plurality of gateways for storage or retrieval of an object from a cloud-based storage element. Each gateway includes Fully Qualified Domain Name (FQDN) filtering logic to restrict access of the computing devices to certain cloud-based storage elements in accordance with a security policy. The controller is configured to maintain and update the security policy utilized by each gateway of the plurality of gateways.

There is provided a network security method in a computer network. The method comprises detecting, by a gateway computer, a target device being connected to the computer network, detecting the target device transmitting a DNS query for resolving a hostname into an IP address, transmitting a query to a content rating system, wherein the query comprises the resolved hostname related to the DNS query of the target device, receiving, from the content rating system, a list of categorization categories assigned to the resolved hostname, determining a type of the target device on the basis of the received list of categorization categories assigned to the hostname, and generating a security related decision on the basis of the determined type of the target device.