Abstract: A multi-API security policy that covers multiple API calls of a transaction is dynamically enforced at runtime, without access to the specification or code of the APIs. Calls made to APIs of the transaction are logged, and the logs are read. Data objects used by the APIs are identified. Specific data labels are assigned to specific fields of the data objects, consistently identifying data fields of specific types. Linkages are identified between specific ones of the multiple APIs, based on the consistent identification of specific types of data fields. An API call graph is constructed, identifying a sequence of API calls made during the transaction. The call graph is used to enforce the security policy, by tracking the flow of execution of the multi-API transaction at runtime, and detecting actions that violate the security policy. Security actions are taken responsive to the detected actions that violate the policy.

Abstract: A network security system and method implements dynamic access control for a protected resource using run-time contextual information. In some embodiments, the network security system and method implements a dynamic access ticket scheme for access control where the access ticket is based on run-time application context. In other embodiments, the network security system and method implements policy enforcement actions in response to detected violations using application programming interface (API) to effectively block detected policy violations without negatively impacting the operation of the application or the user of the application. In some embodiments, the network security system uses enterprise social collaboration tools to interact with the end-user or with the system administrator in the event of detected security incidents.

Abstract: A network security system and method implements dynamic access control for a protected resource using run-time contextual information. In some embodiments, the network security system and method implements a dynamic access ticket scheme for access control where the access ticket is based on run-time application context. In other embodiments, the network security system and method implements policy enforcement actions in response to detected violations using application programming interface (API) to effectively block detected policy violations without negatively impacting the operation of the application or the user of the application. In some embodiments, the network security system uses enterprise social collaboration tools to interact with the end-user or with the system administrator in the event of detected security incidents.

Abstract: Systems and methods for providing visibility in application transactions between users and an application. In some embodiments, an application security microscope is deployed at network locations to capture and analyze application transaction data and to identify API call data. The application security microscope includes an API classifier to classify captured API call data. The API classifier generates API specifications which are then used to aid in the capture and identification of API call data in the application transaction data, thereby improving the capture efficiency and accuracy of policy actions.