Abstract: The present disclosure relates to systems, methods, and computer-readable media for enhancing security of communications between instances of clients and servers while enabling rotation of server certificates (e.g., X.509 certificates). The systems described herein involve updating a client list of server certificates (e.g., a certificate thumbprint) without reconfiguring or re-installing a client and/or server application, starting a new session (e.g., a hypertext transfer protocol secure (HTTPS) session), or deploying new code. The systems described herein may passively or actively update a client list of certificates to enable a client to security verify an identity of a server instance in a non-invasive way that boosts security from man-in-the-middle types of attacks.

Abstract: The present disclosure relates to systems, methods, and computer-readable media for enhancing security of communications between instances of clients and servers while enabling rotation of server certificates (e.g., X.509 certificates). The systems described herein involve updating a client list of server certificates (e.g., a certificate thumbprint) without reconfiguring or re-installing a client and/or server application, starting a new session (e.g., a hypertext transfer protocol secure (HTTPS) session), or deploying new code. The systems described herein may passively or actively update a client list of certificates to enable a client to security verify an identity of a server instance in a non-invasive way that boosts security from man-in-the-middle types of attacks.

Abstract: A system discloses providing secure remote desktop session host experience to a user for a selected application while controlling the user's access to non-core functionalities of the selected application. An implementation of the system disclosed herein identifies a non-core functionality of an application running on a server, flags the executable files, shared object library files, and the registration keys necessary for the non-core functionality of the application, and disables the application's access to the identified executable files, the identified shared object library files, and the identified registration keys.

Abstract: The present disclosure relates to systems, methods, and computer-readable media for enhancing security of communications between instances of clients and servers while enabling rotation of server certificates (e.g., X.509 certificates). The systems described herein involve updating a client list of server certificates (e.g., a certificate thumbprint) without reconfiguring or re-installing a client and/or server application, starting a new session (e.g., a hypertext transfer protocol secure (HTTPS) session), or deploying new code. The systems described herein may passively or actively update a client list of certificates to enable a client to security verify an identity of a server instance in a non-invasive way that boosts security from man-in-the-middle types of attacks.

Abstract: Examples related to secure computing systems are disclosed. In one example, a method includes, at a local agent computing device, sending to a remote work scheduling computing device a work context of the local agent computing device, the work context describing a set of work that the local agent is configured to execute, and polling a remote work depository for work compatible with the work context. The method further includes receiving a response from the remote work depository identifying a job within the work context, the job being requested by a computing device other than the remote work scheduling computing device, and executing the job.

Abstract: Examples related to secure computing systems are disclosed. In one example, a method includes, at a local agent computing device, sending to a remote work scheduling computing device a work context of the local agent computing device, the work context describing a set of work that the local agent is configured to execute, and polling a remote work depository for work compatible with the work context. The method further includes receiving a response from the remote work depository identifying a job within the work context, the job being requested by a computing device other than the remote work scheduling computing device, and executing the job.

Abstract: A system discloses providing secure remote desktop session host experience to a user for a selected application while controlling the user's access to non-core functionalities of the selected application. An implementation of the system disclosed herein identifies a non-core functionality of an application running on a server, flags the executable files, shared object library files, and the registration keys necessary for the non-core functionality of the application, and disables the application's access to the identified executable files, the identified shared object library files, and the identified registration keys.