Abstract: A system described herein is configured to receive an image of a field of view from which a display screen can be observed. The image is captured while the display screen presents sensitive content. The system then determines that the image depicts a viewer or act not authorized for the sensitive content and, in response, initiates a security action. Additionally, the system may determine that a received image depicts a lack of viewer engagement with displayed content and, in response, may initiate an action to ensure viewer engagement with the content.

Abstract: The present invention provides a computer-implemented method in a mobile device programmed for the method, includes receiving in the mobile device, an indication to enter a limited functionality mobile device state, and initiating in the mobile device, a limited functionality mobile device state. In this way a mobile device can be temporarily suspended in some or all operations, including functionality that could cause the loss of private or privileged information or data. The method permits a manager to exercise discretion at the potential loss of the device or the potential recovery of the device so as to save its functionality by suspending for periods of time or acting to sever the device permanently. The method further allows automatic triggers to cause a device to enter a limited functionality state and emerge therefrom when the triggering situation no longer exists.

Abstract: A computer-implemented, method for monitoring and establishing a secure communication session to a client computing system by a secure communication server system programmed to perform the method including monitoring in the secure communication server system, a network traffic level between the client computing system and the secure communication server system, determining in the secure communication server system, whether the network traffic level drops below a set network traffic level, and wherein when the network traffic level is determined by the secure communication server system to drop below the set network traffic level, the method includes sending with the secure communication server system, a management communication to the client computing system to reestablish a secure communication session with the secure communication server system. A subsequent secure communication session between the client computing system and the secure communication server system may or may not be established.

Abstract: Providing secure web application development and operation. In a web development environment, code developed for the web application is analyzed to identify vulnerabilities and remedial actions are identified. The remedial actions may be automatically invoked or a developer can be prompted to take particular actions to remediate the vulnerability.

Abstract: A computer-implemented method for securing data to be stored in a computing device programmed to perform the method includes determining in the computing device, a save request from an application running upon the computing device to an operating system of the computing device to save a file in a memory of the computing device, determining in the computing device, whether a first key is available, and when the first key is available, the method includes automatically encrypting in the computing device, the file using the first key to form an encrypted file, in response to the save request, and automatically requesting with the computing device, the operating system of the computing device to store the encrypted file in the memory.

Abstract: A web application is more efficiently analyzed by intelligently generating attack sequences to be used in the assessment. Rather than simply sending a canned list of static strings at a web application, the operation of the web application is analyzed to determine the filtering and acceptance characteristics of the web site. As this information is ascertained, a vocabulary of allowed symbols is created. This vocabulary is used in the building of attack strings and as such, the number of attack strings fired at the web application is greatly reduced, as well as the number of false positives.

Abstract: A computer-implemented method for executing a modified version of a software application in a computing system programmed to perform the method including initiating in the computing system, execution of a software application comprising an initial version of a function, wherein the initial version of the function consists of computer executable code, receiving in the computing system, a modified version of the function, wherein the modified version of the function which can be machine code, taking in human-readable configuration data and using that to direct operation, receiving in the computing system, a request to execute the function from within the software application, in response to the request to execute the function, the method includes inhibiting in the computing system, execution of the version of the function, and interpreting in the computing system, the modified version of the function to thereby execute the function.

Abstract: A computer-implemented method for dynamically delivering a securitized version of an application to a mobile device in a computing system programmed to perform the method includes receiving a request for the application from a mobile device; sending the request for the application to an application server, receiving the application from the application server in response to the request for the application, determining with the computing system, a securitized version of the original requested application, and sending the securitized version of the application to the mobile device. In the invention, if the securitized version is not previously held in storage by the computing device, the computing device creates the securitized version and sends that to the mobile device.

Abstract: A computer-implemented method for dynamically directing mobile device traffic in a computing system programmed to perform the method includes receiving with the computing system, a request for resolution of a domain name associated with a web address from a mobile device, determining in the computing system, whether the domain name is not subject to security policies, determining in the computing system, a publically-accessible IP address associated with the domain name, when the domain name is determined to not be subject to the security policies, the method comprises providing from the computing system, the publically-accessible IP address associated with the domain name to the mobile, and when the domain name is determined to be subject to the security policies, the method comprises providing from the computing system, an IP address associated with the computing system to the mobile.

Abstract: A recursive web crawling and analysis tool that includes conducting an initial crawl of a target to identify testable or analyzable objects. The objects are then parsed to identify vulnerabilities, as well as additional objects that can be analyzed. An attack is then launched against the analyzable objects in an effort to break or verify the vulnerabilities. During this attack, additional analyzable objects may be discovered. If such additional objects are discovered, the web crawler is invoked on the additional objects as well, and the results of the crawl are fed back into the parser and attacker functions.

Abstract: Various embodiments of systems, methods, software tools, etc. for providing secure web application development are provided. One embodiment comprises a method for developing a secure web application. One such method comprises: analyzing code associated with a web application to identify at least one vulnerable input; and validating the at least one vulnerable input.

Abstract: A vulnerability assessment tool that is operative to analyze web sites by simultaneously operating a crawling process and an audit process. Once the crawling process is invoked, the results are provided to the audit process. The audit process, rather than waiting until the crawl process is completed, simultaneously audits the web site based on the already provided crawl results. The results of the audit are also fed back to the crawl process to further enhance the crawl.

Abstract: Various embodiments of systems, methods, software tools, etc. for performing an assessment of an application are provided. One embodiment comprises a method for performing an assessment of a web application. One such method comprises: recording user interactions with a web application; and playing back the user interactions to perform an assessment of the web application.

Abstract: A web application is more efficiently analyzed by identifying the sub-applications used to generate the various web pages available at the web application and then limiting the vulnerability assessment to just a subset of the web pages generated by each sub-application. The sub-applications can be identified by detecting similarity between the web pages, based on the user interface presentation, the inputs required or allowed, or both. For the user interface presentation, the markup language used to generate the user interface is reduced to common markup language elements by removing content, attribute values and white space and then determining the edit distances between the various pages. Small edit distance values indicate similarity and thus, likely generated by a common sub-application.

Abstract: The inputs of a web application are detected through a technique such as crawling, and then the characteristics of the inputs are determined. The characteristics are determined by identifying how the inputs react to various probes containing varying characters and varying numbers of characters. As such, the characters allowed by the input are identified, the maximum and minimum number of characters that are accepted and the manner in which the characters are treated by the web application. Further characteristics of the inputs are determined by examining the context of the inputs, the markup language associated with the input, the size of the input, etc. The knowledge regarding the input characterizations can be applied in a variety of settings.

Abstract: A web application is more efficiently analyzed by intelligently generating attack sequences to be used in the assessment. Rather than simply sending a canned list of static strings at a web application, the operation of the web application is analyzed to determine the filtering and acceptance characteristics of the web site. As this information is ascertained, a vocabulary of allowed symbols is created. This vocabulary is used in the building of attack strings and as such, the number of attack strings fired at the web application is greatly reduced, as well as the number of false positives.

Abstract: An automated Web security analysis system and process identifies security vulnerabilities in a target Internet Web site by parsing through the target Web sit to search for a predetermined list of common security vulnerabilities. The process is recursive, exploiting information gathered throughout the process to search for additional security vulnerabilities. A prioritized list of detected security vulnerabilities is then presented to a user, including preferably a list of recommendations to eliminate the detected security vulnerabilities.

Abstract: A vulnerability assessment tool that is operative to analyze web sites by simultaneously operating a crawling process and an audit process. Once the crawling process is invoked, the results are provided to the audit process. The audit process, rather than waiting until the crawl process is completed, simultaneously audits the web site based on the already provided crawl results. The results of the audit are also fed back to the crawl process to further enhance the crawl.

Abstract: Providing secure web application development and operation. In a web development environment, code developed for the web application is analyzed to identify vulnerabilities and remedial actions are identified. The remedial actions may be automatically invoked or a developer can be prompted to take particular actions to remediate the vulnerability.

Abstract: A crawler that is either based on an interactive mode of operation or includes an interactive mode along with one or more other modes, such as automatic or manual. Similar to an automatic mode crawler, the crawler traverses web sites, web content and links. However, if the crawler encounters a structure that requires human interaction, such as a form, a radio button selector, a drop down selector, a human verification test, etc., the crawler pauses and prompts a user to take action.