Abstract: A new approach is proposed that contemplates systems and methods to provide identification and mitigation of malware attack via Web assets hosted on a Web application, site, or platform in an automated and proactive manner. From the moment the Web assets are hosted on the Web application platform and protected by a Web application security device, the hosted Web assets are constantly monitored and assessed for potential risks. Whenever there is a new instance or a modification of a Web asset, a copy of the Web asset is automatically downloaded and analyzed for potential vulnerabilities. If a suspicious indicator of malicious contents in the Web asset is detected during the analysis, a plurality of security policies are created and applied to the Web application security device to mitigate threats of the Web asset and protect users of the Web application against malware attacks via the tampered Web asset.

Abstract: A new approach is proposed that contemplates systems and methods to provide identification and mitigation of malware attack via Web assets hosted on a Web application, site, or platform in an automated and proactive manner. From the moment the Web assets are hosted on the Web application platform and protected by a Web application security device, the hosted Web assets are constantly monitored and assessed for potential risks. Whenever there is a new instance or a modification of a Web asset, a copy of the Web asset is automatically downloaded and analyzed for potential vulnerabilities. If a suspicious indicator of malicious contents in the Web asset is detected during the analysis, a plurality of security policies are created and applied to the Web application security device to mitigate threats of the Web asset and protect users of the Web application against malware attacks via the tampered Web asset.

Abstract: The invention is a firewall capable of blocking access to a website or other Internet node based on a domain name. A DNS request is monitored and a domain name is decoded from the DNS request. An IP address is received in a response to the DNS request. The IP address and domain name are associated with each other. The steps are executed non-intrusively with respect to traffic flow through the firewall. Afterward, a determination is made if the IP address is associated with a domain name for which access is restricted. If the domain name is a restricted domain name, access to content of the website is denied by blocking traffic flow on the basis of identifying the source IP address of data packets.

Abstract: The invention is a firewall capable of blocking access to a website or other Internet node based on a domain name. A DNS request is monitored and a domain name is decoded from the DNS request. An IP address is received in a response to the DNS request. The IP address and domain name are associated with each other. The steps are executed non-intrusively with respect to traffic flow through the firewall. Afterward, a determination is made if the IP address is associated with a domain name for which access is restricted. If the domain name is a restricted domain name, access to content of the website is denied by blocking traffic flow on the basis of identifying the source IP address of data packets.