Abstract: Methods, systems, and apparatus, including computer program products, for distributed security system authorization. Client device authentication instructions are executed on a client device to determine if authentication data accessible by the client device authentication instructions are stored at the client device. If the authentication data are stored at the client device, the client device authentication instructions generate authenticated user data and store the authenticated user data at the client device. If the authentication data are not stored at the client device, the client device authentication instructions generate a login environment that allows a user of the client device to input login data. The login data are provided to a verification process that in response to verification provide the authentication data to the client device.

Abstract: Secure fast platform hibernation and resumption for computing systems. An embodiment of an apparatus includes a processor to operate according to an operating system, the processor to transition the apparatus to a first reduced power state in response to a request, the transition to the first reduced power state including the processor to store context data for the apparatus in a volatile system memory, and logic to transition the apparatus to a second reduced power state, the logic to write the context data from the volatile system memory to a nonvolatile memory for the transition to the second reduced power state, wherein the logic is to implement one or more security measures for the writing of the context data into the nonvolatile memory.

Abstract: Systems, methods and apparatus for a distributed security that detects embedded resource request identifiers. The system can identify requests, such as HTTP requests, and can identify encoded prefix data corresponding to URI prefixes, such as Base64 or Base16 encoded URI prefixes “www.” and “http:”.

Abstract: Systems, methods and apparatus for detecting malicious requests. In one aspect, a browser request is received from a client device. It is determined whether the request includes tracer data in a first parameter type. If the request is determined to include the tracer data in the first parameter type, then the request is allowed. If the request is determined to include the tracer data in a parameter type other than the first parameter type, then a security process is initiated.

Abstract: Systems, methods and apparatus for a distributed security system that detects proxied resource requests. The system can search data communications, such as HTTP requests and responses, for proxy strings that are indicative of a string pattern associated with corresponding proxy software. Security operations can be initiated for each data communication that includes a proxy string. The security operations can block the data communication, modify the data communication, and/or generate security notifications for system administrators.

Abstract: Secure fast platform hibernation and resumption for computing systems. An embodiment of an apparatus includes a processor to operate according to an operating system, the processor to transition the apparatus to a first reduced power state in response to a request, the transition to the first reduced power state including the processor to store context data for the apparatus in a volatile system memory, and logic to transition the apparatus to a second reduced power state, the logic to write the context data from the volatile system memory to a nonvolatile memory for the transition to the second reduced power state, wherein the logic is to implement one or more security measures for the writing of the context data into the nonvolatile memory.

Abstract: System and methods for injecting content into a response for improving client-side security. The system includes a content injection service external to network edges of at least one system. The content injection service receives a request from a client within the at least one system and identifies or anticipates a potential threat associated with the response. The content injection service is configured to determine an appropriate counter for the identified or anticipated potential threat and in response injects content into the response according to the potential or anticipated threat identified.

Abstract: Systems, methods and apparatus for a distributed security that monitors communications to manage client browser network access based upon the browser configuration of the client browser by use of a configuration script executed in the browser environment. Such management can reduce the exposure of potentially vulnerable client browsers to domains associated with malicious activity.

Abstract: Systems, methods and apparatus for a distributed security that provides security processing external to a network edge. The system can identify requests, such as HTTP requests, and can identify embedded resource request identifiers, such as embedded URLs. The embedded resource request identifiers can be classified and appropriate security measures can be initiated based on the classifications.

Abstract: Systems, methods and apparatus for a distributed security that detects proxied resource requests. The system can identify proxy strings, each of the proxy strings being indicative of a proper substring in a string of data constituting a proxy communication, the proxy communications being communications that are generated by processing systems executing a plurality of proxy applications. The proxy strings can be store and access to the stored proxy strings can be provided to facilitate detection of proxy communications for the one or more proxy applications in resource requests.

Abstract: System and methods for injecting content into a response for improving client-side security. The system includes a content injection service external to network edges of at least one system. The content injection service receives a request from a client within the at least one system and identifies or anticipates a potential threat associated with the response. The content injection service is configured to determine an appropriate counter for the identified or anticipated potential threat and in response injects content into the response according to the potential or anticipated threat identified.

Abstract: Systems, methods and apparatus for a distributed security that monitors communications to manage client browser network access based upon the browser configuration of the client browser by use of a configuration script executed in the browser environment. Such management can reduce the exposure of potentially vulnerable client browsers to domains associated with malicious activity.