Abstract: Embodiments of the present invention include methods involving an authentication application, a client application, or a combination of a network access control server with the authentication application and the client application. The client application collects compliance data regarding the user device and communicates the compliance data to the network access control server. The network access control server generates a compliance check result based on whether the compliance data indicates that the user device is compliant with a security policy for the software-as-a-service server. The authentication application grants access by the user device when the compliance check result is positive; and the authentication application denies access by the user device when the compliance check result is negative. In some embodiments, the compliance check result or a user device identifier is stored in a web browser cookie or a client certificate on the user device.

Abstract: Computer security vulnerability assessment is performed with product binary data and product vulnerability data that correspond with product identification data. A correspondence between the product binary data and the product vulnerability data is determined, and a binaries-to-vulnerabilities database is generated. The binaries-to-vulnerabilities database is used to scan binary data from a target device to find matches with the product binary data. A known security vulnerability of the target device is determined based on the scanning and the correspondence between the product binary data and the vulnerability data. In some embodiments, the target device is powered off and used as an external storage device to receive the binary data therefrom.

Abstract: A method, program and/or system reads first data through a first path from a location in a data storage. Second data is read through a second path from the same location in the data storage. The first data is compared to the second data. A match between the first data and the second data indicates that the first path did not encrypt the first data. A mismatch between the first data and the second data indicates that the first path encrypted the first data.

Abstract: Embodiments of the present invention include methods involving an authentication application, a client application, or a combination of a network access control server with the authentication application and the client application. The client application collects compliance data regarding the user device and communicates the compliance data to the network access control server. The network access control server generates a compliance check result based on whether the compliance data indicates that the user device is compliant with a security policy for the software-as-a-service server. The authentication application grants access by the user device when the compliance check result is positive; and the authentication application denies access by the user device when the compliance check result is negative. In some embodiments, the compliance check result or a user device identifier is stored in a web browser cookie or a client certificate on the user device.

Abstract: A method, program and/or system reads first data through a first path from a location in a data storage. Second data is read through a second path from the same location in the data storage. The first data is compared to the second data. A match between the first data and the second data indicates that the first path did not encrypt the first data. A mismatch between the first data and the second data indicates that the first path encrypted the first data.

Abstract: Computer security vulnerability assessment is performed with product binary data and product vulnerability data that correspond with product identification data. A correspondence between the product binary data and the product vulnerability data is determined, and a binaries-to-vulnerabilities database is generated. The binaries-to-vulnerabilities database is used to scan binary data from a target device to find matches with the product binary data. A known security vulnerability of the target device is determined based on the scanning and the correspondence between the product binary data and the vulnerability data. In some embodiments, the target device is powered off and used as an external storage device to receive the binary data therefrom.

Abstract: A method, program and/or system reads first data through a first path from a location in a data storage. Second data is read through a second path from the same location in the data storage. The first data is compared to the second data. A match between the first data and the second data indicates that the first path did not encrypt the first data. A mismatch between the first data and the second data indicates that the first path encrypted the first data.

Abstract: Computer security vulnerability assessment is performed with product binary data and product vulnerability data that correspond with product identification data. A correspondence between the product binary data and the product vulnerability data is determined, and a binaries-to-vulnerabilities database is generated. The binaries-to-vulnerabilities database is used to scan binary data from a target device to find matches with the product binary data. A known security vulnerability of the target device is determined based on the scanning and the correspondence between the product binary data and the vulnerability data. In some embodiments, the target device is powered off and used as an external storage device to receive the binary data therefrom.

Abstract: A method, program and/or system reads first data through a first path from a location in a data storage. Second data is read through a second path from the same location in the data storage. The first data is compared to the second data. A match between the first data and the second data indicates that the first path did not encrypt the first data. A mismatch between the first data and the second data indicates that the first path encrypted the first data.

Abstract: A method, program and/or system reads first data through a first path from a location in a data storage. Second data is read through a second path from the same location in the data storage. The first data is compared to the second data. A match between the first data and the second data indicates that the first path did not encrypt the first data. A mismatch between the first data and the second data indicates that the first path encrypted the first data.

Abstract: A method, program and/or system reads a file through a first path from a data storage to obtain a first data. The file is read through a second path from the data storage to obtain a second data. The first data is compared to the second data. When the first data matches the second data, the file is determined not to be encrypted in the data storage. When the first data does not match the second data, the file is determined to be encrypted in the data storage.

Abstract: Embodiments of the present invention involve a method and system including a network access control server, an authentication application running on a software-as-a-service server, and a client application running on a user device. The client application collects compliance data regarding the user device and communicates the compliance data to the network access control server. The network access control server generates a compliance check result based on whether the compliance data indicates that the user device is compliant with a security policy for the software-as-a-service server. The authentication application grants access by the user device when the compliance check result is positive; and the authentication application denies access by the user device when the compliance check result is negative. In some embodiments, the compliance check result is stored in a cookie of one or more web browsers installed on the user device.

Abstract: A method, program and/or system for determining whether a data storage is encrypted. A file is written through a first path to the data storage. The file is read through a second path from the data storage. First data known to have been written in the file is compared to second data that has been read from the file. When the first data matches the second data, the first path is determined not to have encrypted the file when writing to the data storage. When the first data does not match the second data, the first path is determined to have encrypted the file when writing to the data storage.

Abstract: A method, program and/or system for determining whether a data storage is encrypted. A file is written through a first path to the data storage. The file is read through a second path from the data storage. First data known to have been written in the file is compared to second data that has been read from the file. When the first data matches the second data, the first path is determined not to have encrypted the file when writing to the data storage. When the first data does not match the second data, the first path is determined to have encrypted the file when writing to the data storage.