Abstract: The disclosed computer-implemented method for controlling uploading of potentially sensitive information to the Internet may include (i) loading, at the computing device, at least a portion of a webpage and (ii) performing a security action including (A) converting, at the computing device, components of the webpage from an online status to an offline status, (B) receiving a sensitive information input to a respective offline component of the webpage, (C) converting, based on a stored user preference and in response to receiving the sensitive information input, the respective offline component to the online status, (D) buffering an outgoing network request comprising the sensitive information input, (E) receiving an approval input indicating approval to transmit the potentially sensitive information to the Internet, and (F) releasing the outgoing network request in response to receiving the approval input. Various other methods, systems, and computer-readable media are also disclosed.

Abstract: The disclosed computer-implemented method for establishing restricted interfaces for database applications may include analyzing, by a computing device, query behavior of an application for query requests from the application to a remote database in a computer system and identifying, based on the analysis, an expected query behavior for the application. The method may include establishing, between the application and the remote database, a restricted interface. The method may include receiving, at the restricted interface, a query request from the application to the remote database and limiting, by the restricted interface, the query request from the application to the remote database based on the expected query behavior. The method may include determining, by checking the query request against the expected query behavior, that the query request is anomalous query behavior and performing a security action with respect to the computer system.

Abstract: Uniform Resource Locator (URL) transformation and redirection with access control. A method may include registering for an account with a secure redirection application; requesting, from the secure redirection application, a unique site identifier for an online entity; receiving, from the secure redirection application, the unique site identifier; submitting user data and the received unique site identifier to the online entity; receiving, from the online entity, a unique URL generated by the secure redirection application, in response to submitting the user data and the received unique site identifier to the online entity; and actuating the unique URL to be directed to the online entity.

Abstract: User-directed identity verification over a network. In one embodiment, a method may include receiving identity information of a user, storing the identity information, calculating a confidence score for the identity information that indicates a level of confidence that the identity information belongs to the user, receiving a request for the identity information of the user, or for confirmation of possession of the identity information of the user, to be sent to an organization, sending an authorization request for the user to authorize the organization to access the identity information or to receive the confirmation of possession of the identity information, receiving a grant of authorization for the organization to access the identity information or to receive the confirmation of possession of the identity information, sending the identity information, or the confirmation of possession of the identity information, and the confidence score for the identity information.

Abstract: The disclosed computer-implemented method for detecting security incidents may include (i) collecting, by a security server, security information describing security events detected on at least one client device, (ii) generating, based on the collected security information, a mathematical graph that includes a set of nodes designating machine-windows of data and a set of nodes designating detected security events, (iii) executing a random-walk-with-restart algorithm on the generated mathematical graph to sort the set of nodes designating machine-windows of data in terms of relevance to a set of ground truth nodes that indicate confirmed security threats, and (iv) performing a remedial security action to protect a user in response to detecting a candidate security threat based on sorting the set of nodes designating machine-windows of data by executing the random-walk-with-restart algorithm. Various other methods, systems, and computer-readable media are also disclosed.

Abstract: The disclosed computer-implemented method for securing computing systems on private networks may include (i) identifying a set of computing systems that are connected via a private network, (ii) calculating, for each computing system in the set, a malware-vulnerability rating that reflects a probability of the computing system being compromised by a malware attack, a malware-exposure rating that is based on a relationship between the computing system and one or more other computing system within the set, and a conditional infection probability that is based on the malware-vulnerability and malware-exposure ratings and that indicates a probability of the computing system becoming infected if one or more of the other computing systems are infected, and (iii) performing, based on the conditional infection probabilities of the computing systems in the set, a security action within the private network. Various other methods, systems, and computer-readable media are also disclosed.

Abstract: User-directed identity verification over a network. In one embodiment, a method may include receiving identity information of a user, storing the identity information, calculating a confidence score for the identity information that indicates a level of confidence that the identity information belongs to the user, receiving a request for the identity information of the user, or for confirmation of possession of the identity information of the user, to be sent to an organization, sending an authorization request for the user to authorize the organization to access the identity information or to receive the confirmation of possession of the identity information, receiving a grant of authorization for the organization to access the identity information or to receive the confirmation of possession of the identity information, sending the identity information, or the confirmation of possession of the identity information, and the confidence score for the identity information.