Abstract: Computerized methods and systems detect unauthorized and potentially malicious, as well as malicious records, typically in the form of electronic forms, such as those where users input information (into input blocks or fields), such as bank and financial institution electronic forms and the like. Should such an unauthorized form, be detected, the detection causes the taking of protective action by the computer whose on whose browser the unauthorized form has been rendered.

Abstract: A method for monitoring access of users to Internet SaaS applications includes the CISO (company Internet security office) in the configuration and operation of the method, instead of relying only on whatever security the SaaS application implements. Certificates, not accessible to users, are pushed to a user's client. When an access request is received from a client by an application, a gateway requests from the client the certificate. After a notification and approval process with the user, a received certificate is verified, user access to the application is allowed or denied, and the CISO notified of the attempted access.

Abstract: A system for cloud-connected, agent-based, next-generation endpoint protection, comprising a next-generation endpoint protection software agent operating on the processor of a computing device, that collects process information for processes operating on the processor and transmits the process information to a remote remediation server, a remote mediation server that receives and analyzes the process information and sends instructions to the next-generation endpoint protection agent, and a method for cloud-connected, agent-based, next-generation endpoint protection.

Abstract: A next-generation enhanced comprehensive cybersecurity platform, comprising a user entity behavior analytics server that analyzes user behavior across security endpoints and prevents unauthorized activity, and a plurality of next-generation endpoint protection software agents operating on security endpoints that collect activity and OS information and send it to the user entity behavior analytics server for analysis, and a method for malware detection and mitigation using a next-generation enhanced comprehensive cybersecurity platform.

Abstract: A method for monitoring access of users to Internet SaaS applications includes the CISO (company Internet security office) in the configuration and operation of the method, instead of relying only on whatever security the SaaS application implements. Certificates, not accessible to users, are pushed to a user's client. When an access request is received from a client by an application, a gateway requests from the client the certificate. After a notification and approval process with the user, a received certificate is verified, user access to the application is allowed or denied, and the CISO notified of the attempted access.

Abstract: Computerized methods and systems mitigate the effect of a ransomware attack on an endpoint by detecting access events associated with requests by processes, including ransomware processes, to access data items on the endpoint. The data items are hidden from the operating system processes executed on the endpoint. In response to detecting an access event, an action is taken against the process associated with the access event.

Abstract: Computerized methods and systems mitigate the effect of a ransomware attack on an endpoint by detecting access events associated with requests by processes, including ransomware processes, to access data items on the endpoint. The data items are hidden from the operating system processes executed on the endpoint. In response to detecting an access event, an action is taken against the process associated with the access event.

Abstract: Computerized methods and systems detect unauthorized and potentially malicious, as well as malicious records, typically in the form of electronic forms, such as those where users input information (into input blocks or fields), such as bank and financial institution electronic forms and the like. Should such an unauthorized form, be detected, the detection causes the taking of protective action by the computer whose on whose browser the unauthorized form has been rendered.

Abstract: Methods and systems for preventing cyber-attacks on web sessions are disclosed. These methods and systems comprise elements of hardware and software for intercepting a Hyper Text Transfer Protocol (HTTP) transaction; analyzing the HTTP headers of the intercepted HTTP transaction for web session vulnerabilities; and, based on the result of analyzing the HTTP headers of the intercepted HTTP transaction for web session vulnerabilities, inserting at least one HTTP protocol element into the series of HTTP headers of the HTTP transaction.

Abstract: Methods and systems for prevent unauthorized use of a Domain Name System (DNS) channel in an organization are disclosed. These methods and systems comprise elements of hardware and software for receiving a packet; determining whether the packet is a DNS packet or a non-DNS packet; if the packet is a DNS packet, determining whether the destination address of the packet denotes a legitimate DNS server; and, according to whether the destination address of the packet denotes a legitimate DNS server, permitting the packet.