Abstract: Techniques are provided for security code for integration with an application. A first request associated with a request by an application to an application server is received. The application includes security code that performs a set of one or more operations on one or more input parameters. The application is provided one or more parameter values, wherein the security code generates a secret cryptographic key based on the one or more parameter values. A security key is received that includes encrypted client data collected at the client device that is encrypted using the secret cryptographic key. The secret cryptographic key is generated based on the one or more parameter values and knowledge of the set of one or more operations. It is determined that the decrypted client data matches a pattern of data associated with malware. The application server is prevented from processing a second request.

Abstract: In an approach, an apparatus comprises: one or more processors; a processor logic coupled to the one or more processors and configured to: intercept, from a client computer, a request directed to a server computer that identifies a purported user agent executing on the client computer; send, to the server computer, the request from the client computer; intercept, from the server computer, one or more original instructions to be executed by the purported user agent of the client computer; determine one or more features supported by the purported user agent that are not utilized by the one or more original instructions; transform the one or more original instructions into one or more revised instructions which, when executed by the purported user agent, cause the purported user agent to utilize the one or more features; send, to the client computer, the one or more revised instructions.

Abstract: In an embodiment, a computer system configured to: generate a first challenge credential to be sent to a client computer; render one or more first dynamic-credential instructions, which when executed by the client computer, cause the client computer to generate a first dynamic credential that corresponds to the first challenge credential; modify a first set of instructions, which define one or more original operations, to produce a second set of instructions, wherein the second set of instructions include the first challenge credential and the one or more first dynamic-credential instructions, and which when executed by the client computer, cause the first challenge credential to be included in the one or more requests sent from the client computer; send the second set of instructions to a second computer.

Abstract: Techniques are provided for security code for integration with an application. A first request associated with a request by an application to an application server is received. The application includes security code that performs a set of one or more operations on one or more input parameters. The application is provided one or more parameter values, wherein the security code generates a secret cryptographic key based on the one or more parameter values. A security key is received that includes encrypted client data collected at the client device that is encrypted using the secret cryptographic key. The secret cryptographic key is generated based on the one or more parameter values and knowledge of the set of one or more operations. It is determined that the decrypted client data matches a pattern of data associated with malware. The application server is prevented from processing a second request.

Abstract: Techniques are provided for client-side security key generation. An initial request is received from an application executing on a client device. The application includes a security component includes security code. In response to the initial request, a key component is generated. The key component includes one or more parameters from which a valid security key can be generated at the client device by executing the security code. The key component is provided to the client device. A security key associated with a request from the client device to an application server is received. The security key is checked for validity. In response to determining that the security key is valid, processing of the request by the application server is caused.

Abstract: In an embodiment, a computer system configured to: generate a first challenge credential to be sent to a client computer; render one or more first dynamic-credential instructions, which when executed by the client computer, cause the client computer to generate a first dynamic credential that corresponds to the first challenge credential; modify a first set of instructions, which define one or more original operations, to produce a second set of instructions, wherein the second set of instructions include the first challenge credential and the one or more first dynamic-credential instructions, and which when executed by the client computer, cause the first challenge credential to be included in the one or more requests sent from the client computer; send the second set of instructions to a second computer.

Abstract: Techniques are provided for client-side security key generation. An initial request is received from an application executing on a client device. The application includes a security component includes security code. In response to the initial request, a key component is generated. The key component includes one or more parameters from which a valid security key can be generated at the client device by executing the security code. The key component is provided to the client device. A security key associated with a request from the client device to an application server is received. The security key is checked for validity. In response to determining that the security key is valid, processing of the request by the application server is caused.

Abstract: In an approach, an apparatus comprises: one or more processors; a processor logic coupled to the one or more processors and configured to: intercept, from a client computer, a request directed to a server computer that identifies a purported user agent executing on the client computer; send, to the server computer, the request from the client computer; intercept, from the server computer, one or more original instructions to be executed by the purported user agent of the client computer; determine one or more features supported by the purported user agent that are not utilized by the one or more original instructions; transform the one or more original instructions into one or more revised instructions which, when executed by the purported user agent, cause the purported user agent to utilize the one or more features; send, to the client computer, the one or more revised instructions.

Abstract: A computer-implemented security method includes receiving, at a server sub-system, reports from a plurality of clients that were served content served by a web server system, the different versions of content varying from each other by polymorphic transformation that inserts varying content at common locations in the content; determining, with the server sub-system, an effectiveness level of security countermeasures applied to the content, using the received reports; selecting an updated security countermeasure package determined to address malware identified using data from the reports; and providing to the web server system information causing the web server system to switch to the updated security countermeasure package.

Abstract: Computer systems and methods in various embodiments are configured for improving the security and efficiency of server computers interacting through an intermediary computer with client computers that may be executing malicious and/or autonomous headless browsers or “bots”.

Abstract: Computer systems and methods in various embodiments are configured for improving the security and efficiency of client computers interacting with server computers through an intermediary computer using one or more polymorphic protocols. In an embodiment, a computer system comprises a memory; a processor coupled to the memory; a processor logic coupled to the processor and the memory, and configured to: intercept, from a server computer, a first file and a second file, wherein the first file defines a first object with a first identifier and the second file comprises a reference to the first object by the first identifier; generate a second identifier; replace the first identifier with the second identifier in the first file; add one or more first instructions to the first file; remove the reference to the first identifier from the second file; add, to the second file, one or more second instructions, which when executed cause the one or more first instructions to be executed and produce the second identifier.

Abstract: The automated, real-time detection of specific blocks of code within a larger body of source code is described. Specific implementations relate to the detection of known code libraries in web page code to improve the efficiency of the generation of polymorphic transformations of the web page code for the purpose of impeding automated cyber-attacks.

Abstract: Computer systems and methods in various embodiments are configured for improving the security and efficiency of server computers interacting through an intermediary computer with client computers that may be executing malicious and/or autonomous headless browsers or “bots”.

Abstract: The automated, real-time detection of specific blocks of code within a larger body of source code is described. Specific implementations relate to the detection of known code libraries in web page code to improve the efficiency of the generation of polymorphic transformations of the web page code for the purpose of impeding automated cyber-attacks.

Abstract: Computer systems and methods in various embodiments are configured for improving the security and efficiency of client computers interacting with server computers through an intermediary computer using one or more polymorphic protocols. In an embodiment, a computer system comprises a memory; a processor coupled to the memory; a processor logic coupled to the processor and the memory, and configured to: intercept, from a server computer, a first file and a second file, wherein the first file defines a first object with a first identifier and the second file comprises a reference to the first object by the first identifier; generate a second identifier; replace the first identifier with the second identifier in the first file; add one or more first instructions to the first file; remove the reference to the first identifier from the second file; add, to the second file, one or more second instructions, which when executed cause the one or more first instructions to be executed and produce the second identifier.

Abstract: The automated, real-time detection of specific blocks of code within a larger body of source code is described. Specific implementations relate to the detection of known code libraries in web page code to improve the efficiency of the generation of polymorphic transformations of the web page code for the purpose of impeding automated cyber-attacks.

Abstract: Techniques for minifying a client-side web application are described. In one embodiment, a computer-implemented method includes performing a static analysis of a set of files written in a dynamic programming language that make up the web application. A single minified web application file is generated based on a traversal of a dependency graph that includes, in proper dependency order, components that are needed at runtime and does not include components of the set of files that will not be needed at runtime. The single minified web application file may be delivered to end user computing devices in place of the original set of files without loss of web application functionality.

Abstract: Techniques and mechanisms that assist web page developers in “live styling” a web page without having to repeatedly compile a meta-language style sheet are disclosed. In one embodiment, these techniques and mechanisms include styling functionality to help the developer of the web page carry out a cycle of a streamlined web page live styling process. With the styling functionality, the developer can direct input to a user interface control to change the value of a corresponding meta-language style sheet variable. In response to the input, presentation of the web page is virtually instantaneously updated to reflect the changed value. The developer may repeatedly direct input to the user interface controls until the desired web page appearance is achieved.