Abstract: A method and apparatus for securing a computer using an optimal configuration for security software based on user behavior is described. In one embodiment, the method for providing an optimal configuration to secure a computer based on user behavior includes examining computer user activity to produce behavior indicia with respect to computer security from malicious threats and determining an optimal configuration for security software based on the behavior indicia.

Abstract: File reputations are used to identify malicious file sources. Attempts to access files from external sources are monitored. For each monitored attempt to access a file, a reputation of the specific file is determined. Responsive to a determined reputation of a file meeting a threshold, the file is adjudicated to be malicious. Attempts by sources to distribute malicious files are tracked. Responsive to tracked attempts by sources to distribute malicious files, reputations of file sources are determined. Responsive to a determined reputation of a source meeting a threshold, the source is adjudicated to be malicious, and files the source distributes are analyzed to determine whether they comprise malware. Malicious sources are blocked. Malware and malicious sources are analyzed to identify exploits and distribution patterns.

Abstract: A computer-implemented method for determining whether to evaluate the trustworthiness of digitally signed files based on signer reputation may include (1) identifying a file, (2) determining that the file has been digitally signed, (3) identifying a signer responsible for digitally signing the file, (4) identifying the signer's reputation, and then (5) determining whether to evaluate the trustworthiness of the file based at least in part on the signer's reputation. In one example, the signer's reputation may be based at least in part on the determined trustworthiness of at least one additional file that was previously signed by the signer. Various other methods, systems, and encoded computer-readable media are also disclosed.