Abstract: In embodiments of the present teachings, improved capabilities are described for detecting restricted content associated with retrieved content. The method and system may include receiving a client request for content, saving contextual information from the client request, and presenting the contextual information from the client request, and retrieved content, to a scanning facility. The scanning facility may use the contextual information and the retrieved content to initiate a remedial action on the client.

Abstract: In embodiments of the present invention improved capabilities are described for detecting restricted content associated with retrieved content. The method and system may include receiving a client request for content, saving contextual information from the client request, presenting retrieved content in response to the client request, and presenting the contextual information from the client request, and retrieved content, to a scanning facility. The scanning facility may utilize the contextual information from the client request to aid in the detection of restricted content associated with retrieved content.

Abstract: Systems, methods, and software can be used to analyze binary software codes. In some aspects, a computer-implemented method comprises: scanning, by at least one hardware processor, a binary software code to identify one or more text strings; associating, by the at least one hardware processor, the binary software code with a software platform based on the identified one or more text strings; disassembling, by the at least one hardware processor, the binary software code based on the software platform associated with the binary software code; and detecting, by the at least one hardware processor, a security risk in the disassembled binary software code.

Abstract: A method of determining a severity score is disclosed. The method includes receiving a binary; using the binary, determining a plurality of vulnerability parameters; and generating a report based on the plurality of vulnerability parameters.

Abstract: A method for symbolic analysis of a software program is described. The method comprises constructing a control flow graph (CFG), for a software program procedure, the CFG comprising nodes representing basic blocks reachable within the software program procedure, the basic blocks represented as respective functions from a first machine state on entry to a said basic block to a second machine state on exit from that basic block. The method further describes simplifying the CFG to a single node representing the software program procedure as a function from an input machine state on entry to the software program procedure to an output machine state on exit from the software program procedure, comparing said function to a rule set identifying vulnerabilities based on effects on the machine state; and determining a vulnerability within the software program procedure based on the comparing.

Abstract: Systems, methods, and software can be used to determine a security score of a binary software code. In some aspects, a computer-implemented method comprises: receiving a binary software code; inspecting the binary software code to determine at least one Common Vulnerability Scoring Standard (CVSS) factor; and determining a CVSS score based on the at least one CVSS factor.

Abstract: A method of determining a severity score is disclosed. The method includes receiving a binary; using the binary, determining a plurality of vulnerability parameters; and generating a report based on the plurality of vulnerability parameters.

Abstract: Systems, methods, and software can be used to identify functions prone to logic errors in software components using binary static analysis. In some aspects, one computer-implemented method includes identifying a function defined within a binary software component; determining one or more complexity characteristics of the function based on included instructions; determining, based on the complexity characteristics, whether the function is likely to produce errors when the instructions included in the function are executed by a processor; and in response to determining that the function is likely to contain errors, generating an indication that the function requires further review.

Abstract: Described are methods and computing devices for identifying potential vulnerabilities in a software package. The package includes build files that include an application file and one or more associated files. The method may include scanning the application file to identify and extract a string from the application file and determining that the string is referenced in one of the associated files and obtaining data associated with the string from the associated file. The string may then be classified based, in part, on the data obtained from the associated file, and a full context may be determined for the string based, at least in part, on the classification. A relevance rank for the string is then set based on the full context and the string and its relevance rank are output.

Abstract: Systems, methods, and software can be used to analyzing binary software components utilizing multiple instruction sets. In some aspects, one computer-implemented method includes identifying a program section in a binary software component; performing a first disassembly process according to a first instruction set on the program section to produce a first disassembly result; performing a second disassembly process according to a second instruction set different from the first instruction set on the program section to produce a second disassembly result; comparing the first disassembly result to the second disassembly result; and determining a utilized instruction set associated with the program section based at least in part on comparing the first disassembly result to the second disassembly result, wherein the utilized instruction set is either the first instruction set or the second instruction set.

Abstract: Certain embodiments of the present invention provide methods and systems for dynamic classification of electronic vendors. Certain embodiments provide a method for dynamic vendor classification. The method includes analyzing a vendor based on a comparison of vendor features; categorizing the vendor based on the analysis; and permitting access to the vendor according to the categorization of the vendor. The categorization may include trusted, not trusted, or unsure, for example. Analysis may include comparing a first outlet of the vendor with a second outlet of the vendor, for example. Analysis may include comparing an outlet of the vendor with an outlet of a second vendor, for example. A vendor may be defined as a particular outlet for a vendor and/or all outlets associated with a vendor (a vendor entity).

Abstract: Systems, methods, and software can be used to analyze binary software codes. In some aspects, a computer-implemented method comprises: scanning, by at least one hardware processor, a binary software code to identify one or more text strings; associating, by the at least one hardware processor, the binary software code with a software platform based on the identified one or more text strings; disassembling, by the at least one hardware processor, the binary software code based on the software platform associated with the binary software code; and detecting, by the at least one hardware processor, a security risk in the disassembled binary software code.

Abstract: Systems, methods, and software can be used to identify functions prone to logic errors in software components using binary static analysis. In some aspects, one computer-implemented method includes identifying a function defined within a binary software component; determining one or more complexity characteristics of the function based on included instructions; determining, based on the complexity characteristics, whether the function is likely to produce errors when the instructions included in the function are executed by a processor; and in response to determining that the function is likely to contain errors, generating an indication that the function requires further review.

Abstract: Systems, methods, and software can be used to analyzing binary software components utilizing multiple instruction sets. In some aspects, one computer-implemented method includes identifying a program section in a binary software component; performing a first disassembly process according to a first instruction set on the program section to produce a first disassembly result; performing a second disassembly process according to a second instruction set different from the first instruction set on the program section to produce a second disassembly result; comparing the first disassembly result to the second disassembly result; and determining a utilized instruction set associated with the program section based at least in part on comparing the first disassembly result to the second disassembly result, wherein the utilized instruction set is either the first instruction set or the second instruction set.

Abstract: In embodiments of the present invention improved capabilities are described for detecting restricted content associated with retrieved content. The method and system may include receiving a client request for content, saving contextual information from the client request, presenting retrieved content in response to the client request, and presenting the contextual information from the client request, and retrieved content, to a scanning facility. The scanning facility may utilize the contextual information from the client request to aid in the detection of restricted content associated with retrieved content.

Abstract: In embodiments of the present invention improved capabilities are described for detecting restricted content associated with retrieved content. The method and system may include receiving a client request for content, saving contextual information from the client request, presenting retrieved content in response to the client request, and presenting the contextual information from the client request, and retrieved content, to a scanning facility. The scanning facility may utilize the contextual information from the client request to aid in the detection of restricted content associated with retrieved content.

Abstract: Certain embodiments of the present invention provide methods and systems for dynamic classification of electronic vendors. Certain embodiments provide a method for dynamic vendor classification. The method includes analyzing a vendor based on a comparison of vendor features; categorizing the vendor based on the analysis; and permitting access to the vendor according to the categorization of the vendor. The categorization may include trusted, not trusted, or unsure, for example. Analysis may include comparing a first outlet of the vendor with a second outlet of the vendor, for example. Analysis may include comparing an outlet of the vendor with an outlet of a second vendor, for example. A vendor may be defined as a particular outlet for a vendor and/or all outlets associated with a vendor (a vendor entity).

Abstract: In embodiments of the present invention improved capabilities are described for detecting restricted content associated with retrieved content. The method and system may include receiving a client request for content, saving contextual information from the client request, presenting retrieved content in response to the client request, and presenting the contextual information from the client request, and retrieved content, to a scanning facility. The scanning facility may utilize the contextual information from the client request to aid in the detection of restricted content associated with retrieved content.

Abstract: In embodiments of the present invention improved capabilities are described for detecting restricted content associated with retrieved content. The method and system may include receiving a client request for content, saving contextual information from the client request, presenting retrieved content in response to the client request, and presenting the contextual information from the client request, and retrieved content, to a scanning facility. The scanning facility may utilize the contextual information from the client request to aid in the detection of restricted content associated with retrieved content.

Abstract: Certain embodiments of the present invention provide methods and systems for dynamic classification of electronic vendors. Certain embodiments provide a method for dynamic vendor classification. The method includes analyzing a vendor based on a comparison of vendor features; categorizing the vendor based on the analysis; and permitting access to the vendor according to the categorization of the vendor. The categorization may include trusted, not trusted, or unsure, for example. Analysis may include comparing a first outlet of the vendor with a second outlet of the vendor, for example. Analysis may include comparing an outlet of the vendor with an outlet of a second vendor, for example. A vendor may be defined as a particular outlet for a vendor and/or all outlets associated with a vendor (a vendor entity).