Abstract: In one implementation, an object analysis system identifies an object within a software module, and determines a size of the object based on at least one operation within the software module. The object analysis system identifies the object and determines the size of the object without reference to source code of the software module.

Abstract: Embodiments disclosed herein relate to a process flow optimized directed graph traversal. In one embodiment, a processor performs a depth first traversal of the optimized directed graph where a node from a first node is not traversed until the nodes before the first node are traversed. The processor may output information associated with the nodes based on the traversal.

Abstract: Embodiments disclosed herein relate to a process flow optimized directed graph traversal. In one embodiment, a processor performs a depth first traversal of the optimized directed graph where a node from a first node is not traversed until the nodes before the first node are traversed. The processor may output information associated with the nodes based on the traversal.

Abstract: In one implementation, an object analysis system identifies an object within a software module, and determines a size of the object based on at least one operation within the software module. The object analysis system identifies the object and determines the size of the object without reference to source code of the software module.

Abstract: Detecting obfuscated attacks on a computer. A first program function is invoked to render static components of a web page and identify program code within the web page or associated file. In response, before executing the identified program code, a malicious-code detector is invoked to scan the identified program code for malicious code. If the malicious-code detector identifies malicious code in the identified program code, the identified program code is not executed. If no malicious code is detected, a second program function generates revised program code from execution of the identified, program code. In response, before executing the revised program code, the malicious-code detector is invoked to scan the revised program code for malicious code. If the malicious-code detector identifies malicious code in the revised program code, the revised program code is not executed.

Abstract: System, method and program product for detecting a malicious SQL query in a parameter value field of a request. The parameter value field is searched for query operands, characters and/or symbols and combinations of query operands, characters and/or symbols indicative of malicious SQL injection. A respective score assigned to each of the query operands, characters and/or symbols or combinations of query operands, characters and/or symbols found in the parameter value field is added to yield a total score for at least two of the query operands, characters and/or symbols or combinations of query operands, characters and/or symbols found in the parameter value field. Responsive to the total score exceeding a threshold, the request is blocked.

Abstract: System, method and program product for detecting a malicious SQL query in a parameter value field of a request. The parameter value field is searched for query operands, characters and/or symbols and combinations of query operands, characters and/or symbols indicative of malicious SQL injection. A respective score assigned to each of the query operands, characters and/or symbols or combinations of query operands, characters and/or symbols found in the parameter value field is added to yield a total score for at least two of the query operands, characters and/or symbols or combinations of query operands, characters and/or symbols found in the parameter value field. Responsive to the total score exceeding a threshold, the request is blocked.

Abstract: Detecting obfuscated attacks on a computer. A first program function is invoked to render static components of a web page and identify program code within the web page or associated file. In response, before executing the identified program code, a malicious-code detector is invoked to scan the identified program code for malicious code. If the malicious-code detector identifies malicious code in the identified program code, the identified program code is not executed. If no malicious code is detected, a second program function generates revised program code from execution of the identified, program code. In response, before executing the revised program code, the malicious-code detector is invoked to scan the revised program code for malicious code. If the malicious-code detector identifies malicious code in the revised program code, the revised program code is not executed.