Abstract: Embodiments are directed to a method of providing access verification for a system that includes activating a security control device, which is in communications with a host device. The method also includes having the security control device receiving a verification signal coming from outside the system while being locally-based, and comparing the verification signal to a table of stored criteria values. The device then chooses a response based on that comparison and sends an access determination signal based on the response.

Abstract: The present system and method pertain to the detection of malicious software and processes such as malware. A cloud security policy system receives hashes and behavioral information about applications and/or processes executing on user devices. The cloud security policy system records this information and then evaluates the trustworthiness of the hashes based on the information received from the user devices to provide a security policy for the applications and/or processes. The security policy is sent from the cloud security policy system to user devices to be applied by the user devices.

Abstract: The techniques and/or systems described herein are directed to improvements in homomorphic operations within a homomorphic encryption scheme. The homomorphic operations may be performed on encrypted data received from a client device without decrypting the data at a remote computing device, thereby maintaining the confidentiality of the data. In addition to the operations of addition, subtraction, and multiplication, the homomorphic operations may include an approximate division, a sign testing, a comparison testing, and an equality testing. By combining these operations, a user may perform optimized operations with improved processor and memory requirements.

Abstract: A computer-implemented method, computer program product, and system for tagging and replacing tagged credentials with target credentials unknown to a client. The method includes; receiving an access request from a client to access a protected resource on a target server, injecting credential field tags into a credential form used to access the protected resource, auto-submitting the credential form on the client computer, replace tagged credentials with target credentials, submitting the target credentials to the target server, and updating the target credentials if the target credentials are invalid or expired without intervention by the client.

Abstract: A method includes a particular user application, without operating system kernel access, performing the operations of: identifying a set of applications that a user has permission to access, receiving a request to a access a particular application of the set of applications, and causing execution of the particular application.

Abstract: There is disclosed in one example, a computing apparatus, including: first one or more logic elements providing a code module, the code module comprising a member having a branching policy designating either a public or private member; second one or more logic elements providing a policy engine, operable to: receive a first branch instruction to the member; determine that the branch instructions does not meet the policy; and take a security action. There is also disclosed a method of providing a policy engine, and a computer-readable medium having stored thereon executable instructions for providing a policy engine.

Abstract: Technologies for managing security threats on a computing system include detecting a security threat to the computing system, determining a plurality of mitigation scenarios to employ on the computing system to mitigate the security threat, and implementing the plurality of mitigation scenarios. Each mitigation scenario includes one or more threat mitigation actions to be taken by the computing system, one or more response systems of the computing system to perform the threat mitigation actions, and a temporal sequence in which the threat mitigation actions are to be taken. The results of each mitigation scenario is evaluated and a validated mitigation scenario is determined based on the results. A user of the computing device may be subsequently trained or habituated to mitigate the security threat by requesting interaction from the user during the implementation of the validated mitigation scenario in response to a threat scenario designed to replicate the security threat.

Abstract: The disclosed computer-implemented method for curating file clusters for security analyzes may include (1) identifying a suspicious file that exists on at least one computing system within a computing community, (2) clustering a set of files that includes the suspicious file into a file cluster based at least in part on at least one characteristic shared by the set of files, (3) prioritizing at least one file included in the file cluster based at least in part on a contextual value of the file relative to the file cluster, (4) providing, for presentation to a security analyst, a graphical representation of the file cluster that highlights the prioritized file relative to the file cluster, and then (5) performing at least one security action on the suspicious file based at least in part on feedback received from the security analyst. Various other methods, systems, and computer-readable media are also disclosed.

Abstract: A system and associated method for securing communication between a first device and a second device are provided. The system includes a first device communicatively coupled with a second device over a communication connection line. The system includes a security transformation device coupled to the communication connection line. The security transformation device is configured to transform non-secure communication into secure communication to send over the communication connection line to a destination. The security transformation device is configured to evaluate communication using security evaluation functionality by either authenticating or failing to authenticate the communication. If the communication is successfully authenticated, then the communication is provided to a destination, otherwise, the communication is not provided to the destination.

Abstract: The present disclosure generally relates to managing encrypted network traffic using Domain Name System (DNS) responses. One example method includes requesting an address associated with the a domain name included in a predetermined set of domain names for which secure requests are to be identified; receiving a response from the resolution server including one or more addresses associated with the domain name; associating with the domain name a particular address selected from the received addresses; receiving a request to resolve the domain name; sending a response to the request to resolve the domain name including the particular address associated with the domain name; receiving a secure request for a resource, the secure request directed to the particular address associated with the domain name; and determining that the secure request is directed to the domain name based on the association between the particular address and the domain name.

Abstract: The disclosure related generally to systems and methods for authenticating using air-blow by user. At least one input device receives one or more air-blows associated with one or more blow speeds. A pointer on a user interface is caused to move to at least one numeric character on at least one scale in response to each of the one or more blow speeds. The at least one numeric character is compared with a predetermined personal identification number (PIN) mapped to the at least one user. The user is granted access or access is denied based on the comparing.

Abstract: Embodiments of the invention relate to improving security of computer resources.

Abstract: A management entity imports information included in security policies from security devices configured to operate in accordance with respective ones of the security policies. The information is classified into security policy classifications based on commonality in the information across the security policies. The security policy classifications are displayed as selectable security policy classifications. An entry of a policy template name and selections of multiple security policy classifications are received. The security policies in the multiple selected security policy classifications are assigned to a security policy template identified by the entered policy template name.

Abstract: An apparatus which includes one or more control modules, comprising: a state managing unit configured to manage a current state of the apparatus to control the control modules based on the current state, wherein the state of the apparatus is changed from one to another among a plurality of states with the passing of time; a storage unit configured to store state data for defining processes for controlling the respective control modules in response to a change of the state; and an data editing unit configured to edit the state data stored in the storage unit so as to change a process to be performed in a state among a plurality of states; wherein the state data includes respective state datum corresponding to each state in the plurality of states, and the state managing unit controls the control modules according to the state datum corresponding to the current state.

Abstract: Aspects of the subject disclosure may include, for example, determining whether communications are encrypted, determining a communication type for the communications according to sensitivity criteria, encrypting the communications according to the communication type to generate encrypted communications, and transmitting to a second network device the encrypted communications. Other embodiments are disclosed.

Abstract: Methods and systems for generating and validating electronic tickets are disclosed. The systems include a server that is configured to host a centralized website through which a computer application may be downloaded into a plurality of user devices. The server is further configured to issue electronic tickets to the user devices that have downloaded the computer application; embed an encrypted visual identifier that is unique to an event in each electronic ticket; generate instructions to be issued to an event administrator that identifies a decrypted form of the visual identifier for each event; and include instructions within each electronic ticket that may be executed by an event administrator to convert the encrypted visual identifier that is shown in the electronic ticket of each user device into the decrypted form of the visual identifier.

Abstract: A method for sequencing virtual machines in a shared pool of configurable network computing resources comprises sequencing at least one computing element for one or more virtual machines into a respective one or more profiles. Each virtual machine corresponds to a respective profile. The method also includes storing the one or more profiles in a security database and identifying a first group of virtual machines and a second group of virtual machines. The first group of virtual machines corresponds to a security incident in the shared pool of configurable network computing resources. The method also comprises comparing profiles of the first group of virtual machines with profiles of the second group of virtual machines and determining an alteration plan based on the comparison of profiles of the first group with profiles of the second group. The alternation plan is related to the profiles of the second group of virtual machines.

Abstract: Methods and systems for Data Leak Prevention (DLP) in a private network are provided. According to one embodiment, a packet is received by a network security device. An upper layer protocol associated with the packet is identified. It is determined whether the identified upper layer protocol is one of multiple candidate upper layer protocols having a potential to carry sensitive information with reference to a database identifying the candidate upper layer protocols, corresponding commands of interest and a corresponding suspect field within each of the commands that is to be subjected to DLP scanning. Responsive to an affirmative determination and when a command represented by the packet is one of the corresponding commands of interest for the identified upper layer protocol, then a DLP scan is performed on content contained within the corresponding suspect field of the packet. Otherwise, performance of the DLP scan for the received packet is skipped.

Abstract: A computing device, a system, and a method are provided to receive a number of inputs associated with one or more sensors of the computing device. One or more processors are configured to determine input data based on the number of inputs and authenticate a user account based on the input data. A communication interface is enabled to communicate with one or more devices based on the authentication. Further, the system may aggregate the input data based on the number of inputs. The system may determine identity data of the user account based on the aggregation. The system may transmit an indication of the identity data to the computing device.

Abstract: A secure boot method includes: obtaining a certificate digest at a digest processor from a write-once, always-on memory; calculating a flash digest using the digest processor by cryptographically processing a sensitive information image; and comparing, using the digest processor, the flash digest with the certificate digest.