Abstract: In one embodiment, a method includes: receiving an input by an application executable on a computing device, the application being presented in a first window displayable on the computing device and configured to provide access to another application, and the another application being displayable in a second window different than the first window; and providing by the application a message to the another application to modify access to content of the another application via the computing device in response to receipt of the input by the application, so as prevent display of the content within the second window of the computing device.

Abstract: Described embodiments provide systems and methods for protecting private data or confidential information. A device can receive a request from a client for a page from a server that includes confidential information to be verified with an owner of the confidential information. The device may be intermediary between the client and the server. Prior to providing the page to the client for rendering, the device may replace a first user interface (UI) element having the confidential information in the page, with a second UI element to obfuscate the confidential information. The device may receive an activation of the second UI element to request the owner to verify the confidential information from the client. The device may send to the client an update to the page to include an indication of whether the confidential information has been correctly verified with the owner.

Abstract: In one disclosed method, a first application accessed by a client device receives an indicator of an action that a second application is configured to take with respect to a third application. The client device accesses a fourth application and presents, based at least in part on the indicator received by the first application, a user interface element for the fourth application. Based at least in part on detecting selection of the user interface element, the client device presents a user interface configured to cause the second application to take the action with respect to the third application in response to a user input. The client device detects the user input to the user interface and causes, based at least in part on the user input, the second application to perform the action with respect to the third application.

Abstract: Examples described herein attempt to mitigate risk associated with digitally storing sensitive information (e.g., passwords) in insecure applications and transferring the stored sensitive information to a sensitive information field (e.g., a password field in a login page). A computing device may detect a transfer to a sensitive field. The computing device may determine if a source application for the transfer is an insecure application. If the source application is an insecure application, the computing device may provide a risk mitigation action. The computing device may also transmit to an analytic server telemetry data comprising the identification of the source application, identification of a target application containing the sensitive information field, and a username associated with the computing device. The analytic server may calculate risk score based on the received telemetry data and provide further risk mitigation actions to the computing device.

Abstract: Disclosed is a system for generating a document having a sequence of steps. A user input selecting an element of an application is received, where the user input indicates the element corresponds to a step in the sequence of steps to be represented in the document. A record is stored, where the record includes at least data representing the selected element and a sequence identifier, indicating a relative position of the step within the sequence of steps. The document is generated by using the data in the record to generate a visual portion for the step, and using the sequence identifier to determine a position of the visual portion in the document relative to another visual portion(s) representing another step(s) in the sequence of steps.

Abstract: In one aspect, an example methodology implementing the disclosed techniques includes, by a computing device, monitoring an application for suspicious activity based on keystrokes to input data to the application and detecting an instance of suspicious activity within the application based on a sequence of keystrokes to input the data to the application, the sequence of keystrokes to provide characters indicative of sensitive data and in a format different than an expected format for the input data. The method also includes, by the computing device, generating an action to prevent loss of sensitive data in response to detection of the instance of suspicious activity.

Abstract: In one aspect, an illustrative methodology implementing the disclosed techniques includes, by a computing device, determining that an application process includes use of a first image and a second image, one of the first and second images being generated as part of the application process, and detecting a difference in content of the first image or the second image based on a comparison of the first and second images. The method also includes, by the computing device, revoking access to a file that includes at least one of the first and second images based on the detection of the difference in content of one of the first and second images.

Abstract: A method for creating and executing a micro-application includes receiving a user selection of a user interface element within a user interface of a primary application. Source code associated with the selected user interface element is parsed to obtain at least one attribute associated with the selected user interface element. Data associated with the selected user interface element is identified based on the source code. A response based on the at least one attribute and the data is generated. A microapp configured to process the response to obtain the data from within the primary application is generated.

Abstract: A computer system is provided. The computer system includes a memory and at least one processor coupled to the memory and configured to identify a first domain name associated with a website that served a login form to a web browser. The at least one processor is further configured to identify a one-time password (OTP) entry request served from the website in response to transmitting user credentials to the website. The at least one processor is further configured to identify a second domain name associated with an OTP server that provided an OTP. The at least one processor is further configured to perform a security action in response to determining that the first domain name differs from the second domain name. The security action may include blocking a response to the OTP request from the website, providing a warning, and/or obtaining confirmation for the response to the OTP entry request.

Abstract: A computer system is provided. The computer system includes a memory and at least one processor coupled to the memory. The at least one processor is configured to scan session data representative of operation of a user interface comprising a plurality of user interface elements; detect, at a point in the session data, at least one changed element within the plurality of user interface elements; classify, in response to detecting the at least one changed element, the at least one changed element as either indicating or not indicating an error; store an association between the error and the point in the session data; and provide access to the point in the session data via the association.

Abstract: A computer system is provided. The computer system includes a memory, a network interface, and at least one processor configured to monitor a user interface comprising a plurality of user interface elements; detect at least one changed element within the plurality of user interface elements; classify, in response to detecting the at least one changed element, the at least one changed element as either indicating or not indicating an error; generate, in response to classifying the at least one changed element as indicating an error, an error signature that identifies the at least one changed element; identify, using the error signature, a remediation for the error; and provide the remediation in association with the at least one changed element.

Abstract: Systems and methods including notification techniques for sharing information related to detected dialogs on secondary computing devices associated with a user are provided. For example, a system can include a user interface (UI) monitor on a first client computing device configured to detect a dialog and send an indication of the dialog to a workspace backend. The workspace backend can facilitate communication between the first client computing device and one or more secondary computing devices associated with the user such that the user receives notifications of dialogs displayed on the first client computing device on the one or more secondary computing devices. The user has the option of responding to the dialog on a secondary computing device, and the workspace backend facilitates transmission of the user response on the secondary computing device back to the first client computing device.

Abstract: In some embodiments, a computing system may receive at least first data indicative of a first event of a first system of record accessed using first access credentials associated with a user, determine, based at least in part on first stored contextual data associated with the user, to create at least a first notification of the first event based at least in part on the first data, and send the first notification to a client device operated by the user.

Abstract: Described embodiments provide systems and methods for contextual confidence scoring-based access control. The systems and methods can include one or more processors configured to receive a request from the client device to access an item of content. The one or more processors can select a first subset of authentication techniques. The authentication techniques identifiable with a score. The one or more processors can determine that a sum of the scores of the selected first subset of the authentication techniques exceeds a threshold. The one or more processors can transmit, to the client device, one or more authentication requests utilizing the selected first subset of authentication techniques. The one or more processors can provide, responsive to successful authentication by the client device, access to the item of content to the client device.

Abstract: Described embodiments provide systems and methods for adaptive data loss prevention. A first computing device may generate, according to a first response from a server and an output from a second computing device identifying sensitive data in the first response, at least one rule regarding the sensitive data, and at least one template for data loss prevention (DLP) responses. The first computing device may determine, according to the at least one rule, a match to a second response from the server, that includes the sensitive data. The first computing device may provide, according to the match and the at least one template, a DLP response to redact the sensitive data of the second response, in place of a DLP output from the second computing device identifying the sensitive data in the second response.

Abstract: Techniques are disclosed for providing data loss protection of sensitive information during display on a secondary display separate from a display of a computing device. An example methodology implementing the techniques includes identifying sensitive information within content displayable with use of a display of a computing device and adding metadata to the sensitive information, the metadata to cause a change in an appearance of the content before display of that content on a secondary display, the secondary display being separate from the display of the computing device. The method also includes, responsive to a determination to display the content on the secondary display, modifying the content based on the added metadata so that sensitive information is hidden from view while the content is shown on the secondary display and providing on the secondary display the modified content so as to prevent the sensitive information from being viewable by users.

Abstract: Methods and systems for unifying display of virtual resources are described herein. A virtual session between a client device and a server device may be established. During the virtual session, a user may request, via the client device, to access a uniform resource locator (URL) via a browser associated with the server device. The URL request may be redirected. For example, the client device may receive, from the server device, a request to access the URL via a different browser. The client device may determine another browser with which to access the URL, and the URL may be launched via the other browser. The client device may generate a unified display of the URL launched via the other browser and one or more other URLs.

Abstract: Methods and systems for performing secure device selection based on sensitive content detection are described herein. The methods and systems may analyze content being accessed via a virtual session established with a first device to determine that at least a portion of the content is sensitive content, determine information indicating one or more security features of the first device and one or more security features of a second device associated with a user of the first device, determine, based on the information, that the second device is more secure than the first device, and, responsive to the determination that the second device is more secure than the first device, transfer the virtual session to the second device or enter a more secure configuration of the first device.

Abstract: A computer system is provided. The computer system includes a memory and at least one processor coupled to the memory. The at least one processor is configured to scan session data representative of operation of a user interface comprising a plurality of user interface elements; detect, at a point in the session data, at least one changed element within the plurality of user interface elements; classify, in response to detecting the at least one changed element, the at least one changed element as either indicating or not indicating an error; store an association between the error and the point in the session data; and provide access to the point in the session data via the association.

Abstract: A computer system is provided. The computer system includes a memory, a network interface, and at least one processor configured to monitor a user interface comprising a plurality of user interface elements; detect at least one changed element within the plurality of user interface elements; classify, in response to detecting the at least one changed element, the at least one changed element as either indicating or not indicating an error; generate, in response to classifying the at least one changed element as indicating an error, an error signature that identifies the at least one changed element; identify, using the error signature, a remediation for the error; and provide the remediation in association with the at least one changed element.