Abstract: System, product and method for connectivity-based scrambling is disclosed. Port scrambling mode is selected based on connectivity to a network. In one mode, ports of authorized outgoing communications are scrambled, while ports of unauthorized outgoing communications remain unscrambled. In another mode, ports of unauthorized outgoing communications are scrambled, while ports of authorized outgoing communications remain unscrambled. In some cases, under the first mode, ports of all incoming communications are descrambled, while in the second mode, ports of all incoming communications remain unscrambled.

Abstract: A system, product and method for preventing unauthorized outgoing communications. The method comprises, in response to an attempt to transmit an outgoing communication by a transmitting software entity, obtaining a list of software entities which have performed Inter-Process Communication (IPC), directly or indirectly, with the transmitting software entity. The method further comprises for each software entity in the list of software entities, checking whether the software entity is an unauthorized software entity. In response to detecting an unauthorized software entity in the list of software entities, the outgoing communication may be blocked. As a result, the outgoing communication is prevented from being transmitted.

Abstract: A method, apparatus, and computer program product for port scrambling usage in heterogeneous networks. Responsive to receiving a communication directed towards a network, wherein port scrambling and port descrambling are employed by the network, a transformation function is applied on a port at which the communication is directed to be received, whereby obtaining a scrambled port, and the communication is redirected to be received at the scrambled port. Responsive to receiving a communication from the network directed outside thereof, an inverse of the transformation function is applied on a port at which the communication is directed to be received, whereby obtaining a descrambled port, and the communication is redirected to be received at the descrambled port. Each device belonging to the network is configured for performing selective port scrambling of outgoing communications and port descrambling of incoming communications by utilizing the transformation function and inverse thereof, respectively.

Abstract: System, product and method for connectivity-based scrambling is disclosed. Port scrambling mode is selected based on connectivity to a network. In one mode, ports of authorized outgoing communications are scrambled, while ports of unauthorized outgoing communications remain unscrambled. In another mode, ports of unauthorized outgoing communications are scrambled, while ports of authorized outgoing communications remain unscrambled. In some cases, under the first mode, ports of all incoming communications are descrambled, wile in the second mode, ports of all incoming communications remain unscrambled.

Abstract: System, product and method for connectivity-based scrambling is disclosed. Port scrambling mode is selected based on connectivity to a network. In one mode, ports of authorized outgoing communications are scrambled, while ports of unauthorized outgoing communications remain unscrambled. In another mode, ports of unauthorized outgoing communications are scrambled, while ports of authorized outgoing communications remain unscrambled. In some cases, under the first mode, ports of all incoming communications are descrambled, while in the second mode, ports of all incoming communications remain unscrambled.

Abstract: A device, method and product for port-scrambling-based networks. The method comprising in response to a device intending to transmit an outgoing communication to a target device in a computer network, via a first port, scrambling the first port of the outgoing communication to obtain a second port by applying a transformation function which utilizes a certificate that is shared among a portion of the devices in the computer network; and transmitting the outgoing communication to via the second target port. The method comprises receiving, via a second source port, an incoming communication from a source device in the computer network, descrambling the second source port of the incoming communication to obtain a first source port by applying a reverse function of the transformation function; and directing the incoming communication at the first source port instead of the second source port.

Abstract: Method, system and product for detection of invalid port accesses in port-scrambling-based networks. The network may comprise a plurality of computers, each of which is configured to selectively scramble port of outgoing communications transmitted over the network and to descramble ports of incoming communications received from the network. The selective scrambling of ports may be based on a whitelist of programs. Invalid port accesses are monitored for. Invalid port accesses may be a communication transmitted over the network directing at a port, wherein an unscrambled port obtained after descrambling the port, is an invalid port. Invalid port accesses may be logged and actions may be taken to mitigate potential security risk represented thereby.

Abstract: A method, system and computer program product providing port scrambling for securing communications in internal computer networks are disclosed. A transformation function is applied on an identifier of a first port at which an outgoing communication is designated to be received, whereby an identifier of a second port the outgoing communication is directed to be received at is obtained. The transformation function depends on at least one parameter shared among a plurality of devices in a computer network, whereby a device receiving the communication at the second port is enabled to apply an inverse transformation function on the identifier of the second port to obtain the identifier of the first port and redirect the communication thereto. The transformation function is applied in condition that transmittal of the outgoing communication was requested by an application program listed in a list of authorized application programs for the plurality of devices.

Abstract: A method, a computerized apparatus and a computer program product for automatic generation of security configuration and deployment thereof. The method comprises monitoring programs executed by a device within an organizational network, to identify an attempt to transmit outgoing communications. In response to determining a program executed by the device is attempting to transmit an outgoing communication: checking whether the program is listed in a base list of authorized programs. In response to determining that the program is listed in the base list, adding the program to a list of authorized programs.

Abstract: A system, product and method for preventing unauthorized outgoing communications. The method comprises, in response to an attempt to transmit an outgoing communication by a transmitting software entity, obtaining a list of software entities which have performed Inter-Process Communication (IPC), directly or indirectly, with the transmitting software entity. The method further comprises for each software entity in the list of software entities, checking whether the software entity is an unauthorized software entity. In response to detecting an unauthorized software entity in the list of software entities, the outgoing communication may be blocked. As a result, the outgoing communication is prevented from being transmitted.

Abstract: Method, system and product for detection of invalid port accesses in port-scrambling-based networks. The network may comprise a plurality of computers, each of which is configured to selectively scramble port of outgoing communications transmitted over the network and to descramble ports of incoming communications received from the network. The selective scrambling of ports may be based on a whitelist of programs. Invalid port accesses are monitored for. Invalid port accesses may be a communication transmitted over the network directing at a port, wherein an unscrambled port obtained after descrambling the port, is an invalid port. Invalid port accesses may be logged and actions may be taken to mitigate potential security risk represented thereby.

Abstract: A device, method and product for port-scrambling-based networks. The method comprising in response to a device intending to transmit an outgoing communication to a target device in a computer network, via a first port, scrambling the first port of the outgoing communication to obtain a second port by applying a transformation function which utilizes a certificate that is shared among a portion of the devices in the computer network; and transmitting the outgoing communication to via the second target port. The method comprises receiving, via a second source port, an incoming communication from a source device in the computer network, descrambling the second source port of the incoming communication to obtain a first source port by applying a reverse function of the transformation function; and directing the incoming communication at the first source port instead of the second source port.

Abstract: A computer-implemented method, computerized apparatus and computer program product for monitoring traffic in a computer network. The computer network comprises a plurality of devices configured to apply a transformation function on a target port identifier of a requested transmission by an application program executing thereon and direct the transmission to a different target port per the scrambled identifier thereby obtained. The transformation function depends on at least one parameter shared among the plurality of devices and applying thereof is conditioned on the application program requesting transmission being listed in a list of authorized application programs. Attempts to access invalid ports as defined by the transformation function are identified and an action for mitigating a security threat ascribed thereto is provided.

Abstract: A method, system and computer program product providing port scrambling for securing communications in internal computer networks are disclosed. A transformation function is applied on an identifier of a first port at which an outgoing communication is designated to be received, whereby an identifier of a second port the outgoing communication is directed to be received at is obtained. The transformation function depends on at least one parameter shared among a plurality of devices in a computer network, whereby a device receiving the communication at the second port is enabled to apply an inverse transformation function on the identifier of the second port to obtain the identifier of the first port and redirect the communication thereto. The transformation function is applied in condition that transmittal of the outgoing communication was requested by an application program listed in a list of authorized application programs for the plurality of devices.

Abstract: A computer-implemented method, computerized apparatus and computer program product for monitoring traffic in a computer network. The computer network comprises a plurality of devices configured to apply a transformation function on a target port identifier of a requested transmission by an application program executing thereon and direct the transmission to a different target port per the scrambled identifier thereby obtained. The transformation function depends on at least one parameter shared among the plurality of devices and applying thereof is conditioned on the application program requesting transmission being listed in a list of authorized application programs. Attempts to access invalid ports as defined by the transformation function are identified and an action for mitigating a security threat ascribed thereto is provided.

Abstract: A method, system and computer program product providing port scrambling for securing communications in internal computer networks are disclosed. A transformation function is applied on an identifier of a first port at which an outgoing communication is designated to be received, whereby an identifier of a second port the outgoing communication is directed to be received at is obtained. The transformation function depends on at least one parameter shared among a plurality of devices in a computer network, whereby a device receiving the communication at the second port is enabled to apply an inverse transformation function on the identifier of the second port to obtain the identifier of the first port and redirect the communication thereto. The transformation function is applied in condition that transmittal of the outgoing communication was requested by an application program listed in a list of authorized application programs for the plurality of devices.

Abstract: A computer-implemented method, computerized apparatus and computer program product for monitoring traffic in a computer network. The computer network comprises a plurality of devices configured to apply a transformation function on a target port identifier of a requested transmission by an application program executing thereon and direct the transmission to a different target port per the scrambled identifier thereby obtained. The transformation function depends on at least one parameter shared among the plurality of devices and applying thereof is conditioned on the application program requesting transmission being listed in a list of authorized application programs. Attempts to access invalid ports as defined by the transformation function are identified and an action for mitigating a security threat ascribed thereto is provided.

Abstract: A method, system and computer program product providing port scrambling for securing communications in internal computer networks are disclosed. A transformation function is applied on an identifier of a first port at which an outgoing communication is designated to be received, whereby an identifier of a second port the outgoing communication is directed to be received at is obtained. The transformation function depends on at least one parameter shared among a plurality of devices in a computer network, whereby a device receiving the communication at the second port is enabled to apply an inverse transformation function on the identifier of the second port to obtain the identifier of the first port and redirect the communication thereto. The transformation function is applied in condition that transmittal of the outgoing communication was requested by an application program listed in a list of authorized application programs for the plurality of devices.

Abstract: A computer-implemented method, computerized apparatus and computer program product for enhanced resistance to reverse engineering of code using incremental polymorphism. Incremental modifications to a software resource of a computer program are received from a server and used for updating the resource from a current to an updated state in each of the computer program instances at a plurality of devices, whereby updating is performed in a synchronized manner and without the updated resource being transmitted via a communication channel.

Abstract: A computer-implemented method, computerized apparatus and computer program product for monitoring traffic in a computer network. The computer network comprises a plurality of devices configured to apply a transformation function on a target port identifier of a requested transmission by an application program executing thereon and direct the transmission to a different target port per the scrambled identifier thereby obtained. The transformation function depends on at least one parameter shared among the plurality of devices and applying thereof is conditioned on the application program requesting transmission being listed in a list of authorized application programs. Attempts to access invalid ports as defined by the transformation function are identified and an action for mitigating a security threat ascribed thereto is provided.