Abstract: In one embodiment, a method includes receiving, by a WebAuthn proxy, login prompt information from a browser. The WebAuthn proxy and the browser are installed on a device. The method also includes generating, by the WebAuthn proxy, a WebAuthn credential request based on the login prompt information and communicating, by the WebAuthn proxy, the WebAuthn credential request to a WebAuthn authenticator. The method further includes receiving, by the WebAuthn proxy, a WebAuthn response from the WebAuthn authenticator and communicating, by the WebAuthn proxy, the WebAuthn response to the browser.

Abstract: In one embodiment, a method includes establishing, by an identity agent installed on a device, a connection to a browser installed on the device and generating, by the identity agent, first device information, a public key, and a private key. The method also includes communicating, by the identity agent, the first device information and the public key to an authentication service and receiving, by the identity agent, a unique identifier from the authentication service. The method further includes generating, by the identity agent, a first signature of the first device information and communicating, by the identity agent, the first signature, the first device information, and the unique identifier to the browser.

Abstract: In one embodiment, a method includes receiving, by a WebAuthn proxy, login prompt information from a browser. The WebAuthn proxy and the browser are installed on a device. The method also includes generating, by the WebAuthn proxy, a WebAuthn credential request based on the login prompt information and communicating, by the WebAuthn proxy, the WebAuthn credential request to a WebAuthn authenticator. The method further includes receiving, by the WebAuthn proxy, a WebAuthn response from the WebAuthn authenticator and communicating, by the WebAuthn proxy, the WebAuthn response to the browser.

Abstract: An authentication system handles authentication requests to apply introspection and policy enforcement. A policy server obtains a client security policy and an authenticator security policy. The policy server obtains an encrypted credential request with client metadata from a client and determines whether the client metadata satisfies the client security policy. The policy server provides the encrypted credential request to an authenticator device and obtains an encrypted credential response with authenticator metadata in response. The policy server determines whether the authenticator metadata satisfies the authenticator security policy. The policy server processes the encrypted credential response, without decrypting the encrypted credential request or the encrypted credential response, based on a determination of whether the client metadata satisfies the client security policy and the authenticator metadata satisfies the authenticator security policy.

Abstract: An authentication system handles authentication requests to apply introspection and policy enforcement. A policy server obtains a client security policy and an authenticator security policy. The policy server obtains an encrypted credential request with client metadata from a client and determines whether the client metadata satisfies the client security policy. The policy server provides the encrypted credential request to an authenticator device and obtains an encrypted credential response with authenticator metadata in response. The policy server determines whether the authenticator metadata satisfies the authenticator security policy. The policy server processes the encrypted credential response, without decrypting the encrypted credential request or the encrypted credential response, based on a determination of whether the client metadata satisfies the client security policy and the authenticator metadata satisfies the authenticator security policy.

Abstract: Embodiments of the invention describe systems and methods for malicious software detection and analysis. A binary executable comprising obfuscated malware on a host device may be received, and incident data indicating a time when the binary executable was received and identifying processes operating on the host device may be recorded. The binary executable is analyzed via a scalable plurality of execution environments, including one or more non-virtual execution environments and one or more virtual execution environments, to generate runtime data and deobfuscation data attributable to the binary executable. At least some of the runtime data and deobfuscation data attributable to the binary executable is stored in a shared database, while at least some of the incident data is stored in a private, non-shared database.