A computer readable medium, a system, and a method for providing data security through identity access management using a transaction classifier to classify transactions according to a set of transaction data associated with the transaction and mitigate abnormal transactions. The transaction classifier is trained using a set of training data and updated after each transaction. The identity access management may also include a mitigation policy that is used to determine a mitigation technique for each transaction.

Techniques for distributed offload leveraging different offload devices are disclosed. In some embodiments, a system, process, and/or computer program product for distributed offload leveraging different offload devices includes receiving a flow at a firewall of a security service (e.g., a cloud-based security service); inspecting the flow at the firewall to determine meta information associated with the flow; and offloading the flow to an offload entity (e.g., a SmartNIC, software executed on a Network Interface Card (NIC), and/or a network device, such as a network router and/or network switch) based on the meta information associated with the flow (e.g., an application identification associated with the flow determined using deep packet inspection) and based on a policy.

Phishing attacks attempt to solicit valuable information such as personal information, account credentials, and the like from human users by disguising a malicious request for information as a legitimate inquiry, typically in the form of an electronic mail or similar communication. By tracking a combination of outbound web traffic from an endpoint and inbound electronic mail traffic to the endpoint, improved detection of phishing attacks or similar efforts to wrongly obtain sensitive information can be achieved.

Systems, methods, and computer-readable media are provided for dynamic allocation of network security resources and measures to network traffic between end terminals on a network and a network destination, based in part on an independently sourced reputation score of the network destination. In one aspect, a method includes receiving, at a cloud network controller, a request from an end terminal for information on a network destination; determining, at the cloud network controller, a reputation score for the network destination; determining, at the cloud network controller, one or more security measures to be applied when accessing the network destination, based on the reputation score; and communicating, by the cloud network controller, the one or more security measures to the end terminal, wherein the end terminal communicates the one or more security measures to a third-party security service provider for applying to communications between the end terminal and the network destination.

A computer readable medium, a system, and a method for providing data security through identity access management using a transaction classifier to classify transactions according to a set of transaction data associated with the transaction and mitigate abnormal transactions. The transaction classifier is trained using a set of training data and updated after each transaction. The identity access management may also include a mitigation policy that is used to determine a mitigation technique for each transaction.

Disclosed herein are system, apparatus, method, and computer program product embodiments for securing inter-network communications. An embodiment operates by generating a task request to be performed in a first network environment. The embodiment further operates by transmitting the task request to an application located in a second network environment. The embodiment further operates by receiving a task package from the application. The embodiment further operates by determining whether the task package includes a positive task value and, if so, calling a task in the first network environment based on the task package. The embodiment further operates by generating a creation status associated with an execution of the task in the first environment and transmitting the creation status to the application. Subsequently, the embodiment further operates by generating a final status associated with the execution of the task and transmitting the final status to the application.

A rule engine receives data flows. The data flows are between a network and an application. The rule engine determines data flow information and in dependence on the information performs an action with respect to said flow. A controller provides control information to the rule engine to define one or more actions. The communications between said rule engine and said controller are secure.

Mobile device security, device management, and policy enforcement are described in a cloud-based system where the “cloud” is used to pervasively enforce security and policy and perform device management regardless of device type, platform, location, etc. A method includes receiving one of a mobile profile and an application for an enterprise and a cloud-based system; installing the one of the mobile profile and the application on the mobile device; connecting to a network using the one of the mobile profile and the application; and having traffic content inspected and policy enforced thereon to/from the mobile device and the network via the cloud-based system.

A method includes (a) receiving and storing interaction time data associated with processes of a communication distributor server for an end-user network having an associated contact center with agent instances; (b) determining whether a trigger specified in a first logical directive is initiated; (c) upon determining that the trigger specified in the first logical directive is initiated, determining whether a metric related to the customer communications with the end-user network satisfies the condition in the first logical directive; and (d) upon determining that the metric related to the customer communications with the end-user network satisfies the condition in the first logical directive, providing the operation to at least one of the end-user network or the communication distributor server.

A computer method and system to determine one or more sub-groups of protected network servers for receiving common network filter settings for mitigating Denial of Services (Dos) attacks. Network traffic associated with the plurality of network servers is captured and collated for each of the plurality of network servers. The collated network traffic is then analyzed to determine a profile of one or more network services provided by each of the plurality of network servers. Each of the plurality of network servers is then tagged with one or more network services determined provided by each network server based upon analysis of the collated network traffic. Metadata is then determined from the collated network traffic that is associated with each of the plurality of network servers. A determination of sub-group clustering is made of one or more of the plurality of network servers contingent upon the one or more determined network service tags and the determined meta data associated with each of the plurality of network servers. Common DoS mitigation actions may then be prescribed for each of the determined sub-group clusters of network servers.