Abstract: Methods and apparatus related to improving secure communications are described. In an embodiment, a security agent pins a domain to a certificate. The certificate is used in authenticating the domain, and the existence of a pinning indicator within the certificate is used in authenticating the domain. Once the security agent pins the domain to a certificate, a relationship between the domain and the certificate used in authenticating the domain is stored. Other embodiments are also disclosed and claimed.

Abstract: Methods, systems, and apparatus relating to enforcement of same origin policy of sensitive data are described. In an embodiment, a security agent may help ensure release of sensitive data is only triggered by authorized sources. The security agent may help ensure sensitive data is only released to authorized destinations. A security agent may translate or obfuscate sensitive data. Sensitive data may include HTTP cookies, session data, authentication information, authorization information, personal information, user credentials, and/or other data sensitive in nature. Sensitive data destinations and/or sensitive data origins may be identified. Identification may be performed using secure means (such as for example a SSL/TLS handshake). Other embodiments are also disclosed and claimed.

Abstract: Methods, systems, and apparatus relating to enforcement of same origin policy of sensitive data are described. In an embodiment, a security agent may help ensure release of sensitive data is only triggered by authorized sources. The security agent may help ensure sensitive data is only released to authorized destinations. A security agent may translate or obfuscate sensitive data. Sensitive data may include HTTP cookies, session data, authentication information, authorization information, personal information, user credentials, and/or other data sensitive in nature. Sensitive data destinations and/or sensitive data origins may be identified. Identification may be performed using secure means (such as for example a SSL/TLS handshake). Other embodiments are also disclosed and claimed.

Abstract: Some embodiments of the invention may enhance security, usability, and/or efficiency for entities by identifying destination servers on behalf of the entity. In an embodiment, the destination identification may be based on secure authentication of the destination server. The entity may be a business communication agent, or a business user, or an end user. An embodiment of the invention may enhance security by preventing sensitive data from being released to unintended destination(s) and/or ensuring sensitive data is released to intended destination(s). An embodiment of the invention may improve usability by removing the need for the entity to identify the server. An embodiment of the invention may improve usability by removing the need for an entity to remember and/or specifying sensitive data. An embodiment of the invention may improve efficiency by automating the tasks of identifying the destination servers and determining whether the destination server is allowed receipt of the sensitive data.

Abstract: Systems, methods, and apparatus to analyze potential risks of communicating online are described. In an embodiment, the communication may include communicating with a destination and/or communicating over a communication channel and/or communicating through a network entry and/or communicating using a client. Potential risks may be used to determine whether to proceed with online communications and/or whether the risks are prohibitive for online communications. Other embodiments are also claimed and disclosed.

Abstract: Systems, methods, and apparatus to analyze potential risks of communicating online are described. In an embodiment, the communication may include communicating with a destination and/or communicating over a communication channel and/or communicating through a network entry and/or communicating using a client. Potential risks may be used to determine whether to proceed with online communications and/or whether the risks are prohibitive for online communications. Other embodiments are also claimed and disclosed.

Abstract: Methods, systems, and apparatus relating to enforcement of same origin policy of sensitive data are described. In an embodiment, a security agent may help ensure release of sensitive data is only triggered by authorized sources. The security agent may help ensure sensitive data is only released to authorized destinations. A security agent may translate or obfuscate sensitive data. Sensitive data may include HTTP cookies, session data, authentication information, authorization information, personal information, user credentials, and/or other data sensitive in nature. Sensitive data destinations and/or sensitive data origins may be identified. Identification may be performed using secure means (such as for example a SSL/TLS handshake). Other embodiments are also disclosed and claimed.

Abstract: Systems, methods, and apparatus to analyze potential risks of communicating online are described. In an embodiment, the communication may include communicating with a destination and/or communicating over a communication channel and/or communicating through a network entry and/or communicating using a client. Potential risks may be used to determine whether to proceed with online communications and/or whether the risks are prohibitive for online communications. Other embodiments are also claimed and disclosed.