Abstract: One disclosed method involves causing, by a computing system, installation of at least a first application and a second application, determining, by the computing system, first application data indicative of modifications occurring in response to installation of the first application, determining, by the computing system, second application data indicative of modifications occurring in response to installation of the second application, and processing the first application data and the second application data to generate a set of application policies to control use of the first application and the second application at a user device.

Abstract: Implementations for managing mobile devices associated with enterprise operations include actions of receiving a request to access information regarding a mobile application for download to and installation on a mobile device of a user, the request including an enterprise identifier, receiving a tenant-specific configuration based on the identifier, the tenant-specific configuration including criteria for mobile applications to be available for download to and installation on mobile devices associated with the enterprise, transmitting a request for a list of available mobile applications to an application and certification database, the request including the tenant-specific configuration, receiving the list of available mobile applications, which includes a subset of mobile applications of a superset of mobile applications, the subset of mobile applications being provided based on the tenant-specific configuration, and providing graphical representations of each mobile application in the list of available mob

Abstract: Methods, systems, and apparatus, including computer programs encoded on a computer storage medium, for receiving source code and an indication that a portion of the source code is insecure. Receiving an annotation to the source code that identifies the indication as being a false positive indication. The annotation includes a logical statement showing that the portion of the source code is not insecure, where the logical statement can be executed by a processor to prove that the portion of the source code is not insecure. Processing the annotation to determine whether the logical statement proves that the portion of the source code is not insecure. In response to determining that the logical statement proves that the portion of the source code is not insecure, retaining the annotation in the source code, and removing the indication that the portion of the source code is insecure.

Abstract: Implementations of the present disclosure include methods, systems, and computer-readable storage mediums for receiving results from security testing of source code, each result indicating a potential security vulnerability of the source code, displaying graphical representations of the results to a user, and, by a fix recommendation generator: receiving user input indicating a result of the results, receiving a set of code clones, each code clone being provided based on at least a snippet of the source code underlying the result, receiving a set of repairs, each repair being associated with a code clone, and mitigating a previously determined security vulnerability, and providing a set of fix recommendations based on the set of code clones, the set of repairs, and similarity metrics, each similarity metric indicating a similarity between the at least a snippet of the source code and a respective code clone.

Abstract: Implementations of the present disclosure include methods, systems, and computer-readable storage mediums for receiving results from security testing of source code, each result indicating a potential security vulnerability of the source code, displaying graphical representations of the results to a user, and, by a fix recommendation generator: receiving user input indicating a result of the results, receiving a set of code clones, each code clone being provided based on at least a snippet of the source code underlying the result, receiving a set of repairs, each repair being associated with a code clone, and mitigating a previously determined security vulnerability, and providing a set of fix recommendations based on the set of code clones, the set of repairs, and similarity metrics, each similarity metric indicating a similarity between the at least a snippet of the source code and a respective code clone.

Abstract: Methods, systems, and apparatus, including computer programs encoded on a computer storage medium, for receiving source code and an indication that a portion of the source code is insecure. Receiving an annotation to the source code that identifies the indication as being a false positive indication. The annotation includes a logical statement showing that the portion of the source code is not insecure, where the logical statement can be executed by a processor to prove that the portion of the source code is not insecure. Processing the annotation to determine whether the logical statement proves that the portion of the source code is not insecure. In response to determining that the logical statement proves that the portion of the source code is not insecure, retaining the annotation in the source code, and removing the indication that the portion of the source code is insecure.

Abstract: Implementations for managing mobile devices associated with enterprise operations include actions of receiving a request to access information regarding at least one mobile application for download to and installation on a mobile device of a user, the request including an identifier associated with an enterprise, receiving a tenant-specific configuration based on the identifier, the tenant-specific configuration including criteria for mobile applications to be available for download to and installation on mobile devices associated with the enterprise, transmitting a request for a list of available mobile applications to an application and certification database, the request including the tenant-specific configuration, receiving the list of available mobile applications, which includes a subset of mobile applications of a superset of mobile applications, the subset of mobile applications being provided based on the tenant-specific configuration, and providing graphical representations of each mobile applicatio