Abstract: The present invention relates to methods and apparatuses for securing otherwise unsecured computer communications that addresses the above shortcomings among others. According to certain aspects, the invention relates to methods and apparatuses for implementing device snooping, in which some or all traffic passing between a host and a connected device is captured into memory and analyzed in real time by system software. According to other aspects, the invention relates to real time capture of certain types of traffic and communication of the captured traffic to a remote management system. According to still further aspects, the invention relates to detecting security threats in real time. Upon threat detection, possible actions are blocking individual devices or alerting a system administrator. According to certain additional aspects, the security functions performed by methods and apparatuses according to the invention can be logically transparent to the upstream host and to the downstream device.

Abstract: The present invention relates to providing security functionality over computer system mass storage data, and more particularly relates to a system and method of transparent data backup on either local or remote storage devices such as SATA storage devices. According to aspects of the invention, the system is transparent to operating system and application software layers. That makes it unnecessary to make any software modifications to the file system, device drivers, operating system, or applications, or installing specialized applications or hardware. In embodiments, the snapshot functionality of the invention is implemented entirely in hardware, and is not designed to slow down performance of the rest of the system.

Abstract: In general, embodiments of the invention include methods and apparatuses for securing otherwise unsecured computer audio and video subsystems. Embodiments of the invention perform watermarking of video and/or audio data streams output by a computer system. Additional security features that are included in embodiments of the invention include fingerprinting, snooping, capturing streams for local or remote analytics or archiving, and mixing of secure system content with local audio and video content.

Abstract: In general, embodiments of the invention include methods and apparatuses for securely storing computer system data. Embodiments of the invention encrypt and decrypt SATA data transparently to software layers. That makes it unnecessary to make any software modifications to the file system, device drivers, operating system, or application. Encryption key management is performed either remotely on a centralized Remote Management System or locally. Embodiments of the invention implement background disk backups using snapshots. Additional security features that are included in embodiments of the invention include virus scanning, a virtual/network drive, a RAM drive and a port selector that provides prioritized and/or background access to SATA mass storage to a secure subsystem.

Abstract: The present invention relates to a system that manages security of one or more computer systems and/or one or more different types of I/O channels such as USB, Ethernet, SATA, and SAS. According to certain aspects, the management system is distributed. That is, a central management system and computer subsystems are physically distributed within one or more geographical areas, and communicate with each other by passing messages through a computer network. According to certain additional aspects, the configuration and/or security functions performed by methods and apparatuses according to the invention can be logically transparent to the upstream host and to the downstream device.

Abstract: The present invention relates to methods and apparatuses for securing otherwise unsecured internal and external computer communications. According to one aspect, the invention relates to methods and apparatuses for implementing device gatekeeping. According to another aspect the invention relates to methods and apparatuses for encrypting and decrypting data sent over an external or internal interface. According to another aspect, the invention relates to methods and apparatuses for implementing device snooping, in which some or all traffic passing between a host and a connected device is captured into memory and analyzed in real time by system software. In embodiments, the software can also act upon analyzed information. According to certain additional aspects, the security functions performed by methods and apparatuses according to the invention can be logically transparent to the upstream host and/or to the downstream device.

Abstract: The present invention relates to a system and architecture for securing otherwise unsecured computer subsystems. According to one aspect, the invention provides an independent hardware platform for running software in a secure manner. According to another aspect, the invention provides the means to control and secure all disk, network and other I/O transactions. According to still further aspects, the invention provides a means to monitor and prevent unauthorized user and malicious software activity Additional aspects include providing a secure platform for device and user authentication as well as encryption key management, providing a means to perform background backup snapshots, and providing the means for enabling full management over computer operations.

Abstract: The present invention provides methods and apparatuses for computer system security. According to certain aspects, embodiments of the invention comprise a portable storage device that, when attached, “unlocks” a computer system, such as a desktop, laptop, tablet computer running a conventional operating system such as Windows, thereby creating added security. More particularly, embodiments of the invention use a standard USB memory stick as an “ignition key” to unlock and operate a PC, tablet or other computer system. The ignition key can be required to boot the computer, utilize peripheral devices, ports, network connections, a keyboard and/or a mouse of the computer system, and limit access to certain parts of computer. According to further aspects, in these and other embodiments, the invention is implemented using a modified BIOS that prevents a computer from fully booting into an operational state until verifying the presence of, and information stored on the “ignition key” connected to the computer.

Abstract: In general, embodiments of the invention include methods and apparatuses for securely storing computer system data. Embodiments of the invention encrypt and decrypt SATA data transparently to software layers. That makes it unnecessary to make any software modifications to the file system, device drivers, operating system, or application. Encryption key management is performed either remotely on a centralized Remote Management System or locally. Embodiments of the invention implement background disk backups using snapshots. Additional security features that are included in embodiments of the invention include virus scanning, a virtual/network drive, a RAM drive and a port selector that provides prioritized and/or background access to SATA mass storage to a secure subsystem.

Abstract: The present invention relates to providing security functionality over computer system mass storage data, and more particularly relates to a system and method of transparent data backup on either local or remote storage devices such as SATA storage devices. According to aspects of the invention, the system is transparent to operating system and application software layers. That makes it unnecessary to make any software modifications to the file system, device drivers, operating system, or applications, or installing specialized applications or hardware. In embodiments, the snapshot functionality of the invention is implemented entirely in hardware, and is not designed to slow down performance of the rest of the system.

Abstract: The present invention relates to a system and architecture for securing otherwise unsecured computer subsystems. According to one aspect, the invention provides an independent hardware platform for running software in a secure manner. According to another aspect, the invention provides the means to control and secure all disk, network and other I/O transactions. According to still further aspects, the invention provides a means to monitor and prevent unauthorized user and malicious software activity Additional aspects include providing a secure platform for device and user authentication as well as encryption key management, providing a means to perform background backup snapshots, and providing the means for enabling full management over computer operations.

Abstract: In general, embodiments of the invention include methods and apparatuses for securely storing computer system data. Embodiments of the invention encrypt and decrypt SATA data transparently to software layers. That makes it unnecessary to make any software modifications to the file system, device drivers, operating system, or application. Encryption key management is performed either remotely on a centralized Remote Management System or locally. Embodiments of the invention implement background disk backups using snapshots. Additional security features that are included in embodiments of the invention include virus scanning, a virtual/network drive, a RAM drive and a port selector that provides prioritized and/or background access to SATA mass storage to a secure subsystem.

Abstract: The present invention relates to providing security functionality over computer system mass storage data, and more particularly relates to a system and method of transparent data backup on either local or remote storage devices such as SATA storage devices. According to aspects of the invention, the system is transparent to operating system and application software layers. That makes it unnecessary to make any software modifications to the file system, device drivers, operating system, or applications, or installing specialized applications or hardware. In embodiments, the snapshot functionality of the invention is implemented entirely in hardware, and is not designed to slow down performance of the rest of the system.

Abstract: In general, embodiments of the invention include methods and apparatuses for securing otherwise unsecured computer audio and video subsystems. Embodiments of the invention perform watermarking of video and/or audio data streams output by a computer system. Additional security features that are included in embodiments of the invention include fingerprinting, snooping, capturing streams for local or remote analytics or archiving, and mixing of secure system content with local audio and video content.

Abstract: The present invention relates to a system that manages security of one or more computer systems and/or one or more different types of I/O channels such as USB, Ethernet, SATA, and SAS. According to certain aspects, the management system is distributed. That is, a central management system and computer subsystems are physically distributed within one or more geographical areas, and communicate with each other by passing messages through a computer network. According to certain additional aspects, the configuration and/or security functions performed by methods and apparatuses according to the invention can be logically transparent to the upstream host and to the downstream device.

Abstract: In general, embodiments of the invention include methods and apparatuses for securing otherwise unsecured computer audio and video subsystems. Embodiments of the invention perform watermarking of video and/or audio data streams output by a computer system. Additional security features that are included in embodiments of the invention include fingerprinting, snooping, capturing streams for local or remote analytics or archiving, and mixing of secure system content with local audio and video content.

Abstract: The present invention relates to a system and architecture for securing otherwise unsecured computer subsystems. According to one aspect, the invention provides an independent hardware platform for running software in a secure manner. According to another aspect, the invention provides the means to control and secure all disk, network and other I/O transactions. According to still further aspects, the invention provides a means to monitor and prevent unauthorized user and malicious software activity Additional aspects include providing a secure platform for device and user authentication as well as encryption key management, providing a means to perform background backup snapshots, and providing the means for enabling full management over computer operations.

Abstract: The present invention relates to a system that manages security of one or more computer systems and/or one or more different types of I/O channels such as USB, Ethernet, SATA, and SAS. According to certain aspects, the management system is distributed. That is, a central management system and computer subsystems are physically distributed within one or more geographical areas, and communicate with each other by passing messages through a computer network. According to certain additional aspects, the configuration and/or security functions performed by methods and apparatuses according to the invention can be logically transparent to the upstream host and to the downstream device.

Abstract: In general, embodiments of the invention include methods and apparatuses for securing otherwise unsecured computer interfaces by performing transparent data encryption and decryption. According to certain transparency aspects, the encryption and decryption functionality of the invention do not require any changes to the software layers such as file systems, device drivers, operating systems, or applications. Embodiments of the invention offload encryption key management to a centralized key management system that can be remotely located from the secured computer. Alternative embodiments perform key management locally.

Abstract: The present invention relates to methods and apparatuses for securing otherwise unsecured internal and external computer communications. According to one aspect, the invention relates to methods and apparatuses for implementing device gatekeeping. According to another aspect the invention relates to methods and apparatuses for encrypting and decrypting data sent over an external or internal interface. According to another aspect, the invention relates to methods and apparatuses for implementing device snooping, in which some or all traffic passing between a host and a connected device is captured into memory and analyzed in real time by system software. In embodiments, the software can also act upon analyzed information. According to certain additional aspects, the security functions performed by methods and apparatuses according to the invention can be logically transparent to the upstream host and/or to the downstream device.