Abstract: A computer includes a memory and a processor programmed to execute instructions stored in the memory. The instructions include identifying a function in a binary file, assigning one of a plurality of classifications to the function, and determining that the function requires stack cookie protection based at least in part on the classification assigned to the function.

Abstract: In embodiments of the present teachings, improved capabilities are described for detecting restricted content associated with retrieved content. The method and system may include receiving a client request for content, saving contextual information from the client request, and presenting the contextual information from the client request, and retrieved content, to a scanning facility. The scanning facility may use the contextual information and the retrieved content to initiate a remedial action on the client.

Abstract: In embodiments of the present invention improved capabilities are described for detecting restricted content associated with retrieved content. The method and system may include receiving a client request for content, saving contextual information from the client request, presenting retrieved content in response to the client request, and presenting the contextual information from the client request, and retrieved content, to a scanning facility. The scanning facility may utilize the contextual information from the client request to aid in the detection of restricted content associated with retrieved content.

Abstract: Systems, methods, and software can be used to analyze binary software codes. In some aspects, a computer-implemented method comprises: scanning, by at least one hardware processor, a binary software code to identify one or more text strings; associating, by the at least one hardware processor, the binary software code with a software platform based on the identified one or more text strings; disassembling, by the at least one hardware processor, the binary software code based on the software platform associated with the binary software code; and detecting, by the at least one hardware processor, a security risk in the disassembled binary software code.

Abstract: A computer includes a memory and a processor programmed to execute instructions stored in the memory. The instructions include identifying a function in a binary file, assigning one of a plurality of classifications to the function, and determining that the function requires stack cookie protection based at least in part on the classification assigned to the function.

Abstract: A method of determining a severity score is disclosed. The method includes receiving a binary; using the binary, determining a plurality of vulnerability parameters; and generating a report based on the plurality of vulnerability parameters.

Abstract: A computer includes a memory and a processor programmed to execute instructions stored in the memory. The instructions include identifying a function in a binary file, assigning one of a plurality of classifications to the function, and determining that the function requires stack cookie protection based at least in part on the classification assigned to the function.

Abstract: A method for symbolic analysis of a software program is described. The method comprises constructing a control flow graph (CFG), for a software program procedure, the CFG comprising nodes representing basic blocks reachable within the software program procedure, the basic blocks represented as respective functions from a first machine state on entry to a said basic block to a second machine state on exit from that basic block. The method further describes simplifying the CFG to a single node representing the software program procedure as a function from an input machine state on entry to the software program procedure to an output machine state on exit from the software program procedure, comparing said function to a rule set identifying vulnerabilities based on effects on the machine state; and determining a vulnerability within the software program procedure based on the comparing.

Abstract: Systems, methods, and software can be used to determine a security score of a binary software code. In some aspects, a computer-implemented method comprises: receiving a binary software code; inspecting the binary software code to determine at least one Common Vulnerability Scoring Standard (CVSS) factor; and determining a CVSS score based on the at least one CVSS factor.

Abstract: A method of determining a severity score is disclosed. The method includes receiving a binary; using the binary, determining a plurality of vulnerability parameters; and generating a report based on the plurality of vulnerability parameters.

Abstract: Described are methods and computing devices for identifying potential vulnerabilities in a software package. The package includes build files that include an application file and one or more associated files. The method may include scanning the application file to identify and extract a string from the application file and determining that the string is referenced in one of the associated files and obtaining data associated with the string from the associated file. The string may then be classified based, in part, on the data obtained from the associated file, and a full context may be determined for the string based, at least in part, on the classification. A relevance rank for the string is then set based on the full context and the string and its relevance rank are output.

Abstract: Systems, methods, and software can be used to analyze binary software codes. In some aspects, a computer-implemented method comprises: scanning, by at least one hardware processor, a binary software code to identify one or more text strings; associating, by the at least one hardware processor, the binary software code with a software platform based on the identified one or more text strings; disassembling, by the at least one hardware processor, the binary software code based on the software platform associated with the binary software code; and detecting, by the at least one hardware processor, a security risk in the disassembled binary software code.

Abstract: A computer includes a memory and a processor programmed to execute instructions stored in the memory. The instructions include processing a binary file to determine a security risk associated with the binary file. Processing the binary file includes determining a characteristic from metadata of the binary file. The security risk associated with the binary file is based at least in part on the characteristic of the binary file.

Abstract: A computer includes a memory and a processor programmed to execute instructions stored in the memory. The instructions include identifying a function in a binary file, assigning one of a plurality of classifications to the function, and determining that the function requires stack cookie protection based at least in part on the classification assigned to the function.

Abstract: In embodiments of the present invention improved capabilities are described for detecting restricted content associated with retrieved content. The method and system may include receiving a client request for content, saving contextual information from the client request, presenting retrieved content in response to the client request, and presenting the contextual information from the client request, and retrieved content, to a scanning facility. The scanning facility may utilize the contextual information from the client request to aid in the detection of restricted content associated with retrieved content.

Abstract: In embodiments of the present invention improved capabilities are described for detecting restricted content associated with retrieved content. The method and system may include receiving a client request for content, saving contextual information from the client request, presenting retrieved content in response to the client request, and presenting the contextual information from the client request, and retrieved content, to a scanning facility. The scanning facility may utilize the contextual information from the client request to aid in the detection of restricted content associated with retrieved content.

Abstract: In embodiments of the present invention improved capabilities are described for detecting restricted content associated with retrieved content. The method and system may include receiving a client request for content, saving contextual information from the client request, presenting retrieved content in response to the client request, and presenting the contextual information from the client request, and retrieved content, to a scanning facility. The scanning facility may utilize the contextual information from the client request to aid in the detection of restricted content associated with retrieved content.

Abstract: In embodiments of the present invention improved capabilities are described for detecting restricted content associated with retrieved content. The method and system may include receiving a client request for content, saving contextual information from the client request, presenting retrieved content in response to the client request, and presenting the contextual information from the client request, and retrieved content, to a scanning facility. The scanning facility may utilize the contextual information from the client request to aid in the detection of restricted content associated with retrieved content.

Abstract: In embodiments of the present invention improved capabilities are described for detecting restricted content associated with retrieved content. The method and system may include receiving a client request for content, saving contextual information from the client request, presenting retrieved content in response to the client request, and presenting the contextual information from the client request, and retrieved content, to a scanning facility. The scanning facility may utilize the contextual information from the client request to aid in the detection of restricted content associated with retrieved content.

Abstract: In embodiments of the present invention improved capabilities are described for detecting restricted content associated with retrieved content. The method and system may include receiving a client request for content, saving contextual information from the client request, presenting retrieved content in response to the client request, and presenting the contextual information from the client request, and retrieved content, to a scanning facility. The scanning facility may utilize the contextual information from the client request to aid in the detection of restricted content associated with retrieved content.