Abstract: An approach is disclosed for processing one or more HTTP requests and responses, by a protection solution, where a version of the plurality of HTTP requests and responses is at least version 2. When an HTTP settings request is detected in the one or more HTTP requests, by the protection solution, a protected dynamic dictionary is allocated in a protected memory area and an allocation of an application dynamic dictionary in application space in an HTTP server is prevented. When an HTTP header request is detected in the one or more HTTP requests, fields of the HTTP header are decompressed into the protected dynamic dictionary, the HTTP header request is updated to form an updated header request based on content in the protected dynamic dictionary, and the updated header request is sent to the HTTP server.

Abstract: Techniques for identifying outlier application connections for computer security are described. These techniques include identifying one or more connections between a client application and one or more services, over a communication network, and determining to switch from an outlier connection learning phase to an outlier connection detection phase based on the identified or more connections, including determining, in real-time and based on a confidence level and a number of previously analyzed connections, to switch to the outlier connection detection phase. The techniques further include determining, based on the switch to the outlier connection detection phase, that a first connection of the identified one or more connections is an outlier connection, and acting to reduce a security risk relating to the first connection.

Abstract: A mechanism is provided for monitoring and controlling data access. Responsive to intercepting a response from a server to a request for information from a client device, a security system agent applies pattern matching using a predefined set of sensitive data pattern rules to identify at least one sensitive data access included in the response. Responsive to identifying at least one sensitive data access matching one or more of the predefined set of sensitive data pattern rules, the security system agent modifies that the request from the client by marking the at least one sensitive data access as sensitive thereby forming a modified request. The security system agent sends the modified request to the security system thereby causing the security system to process the modified request without access the sensitive data associated with the at least one marked sensitive data access.

Abstract: A mechanism is provided for monitoring and controlling data access. Responsive to intercepting a response from a server to a request for information from a client device, a security system agent applies pattern matching using a predefined set of sensitive data pattern rules to identify at least one sensitive data access included in the response. Responsive to identifying at least one sensitive data access matching one or more of the predefined set of sensitive data pattern rules, the security system agent modifies that the request from the client by marking the at least one sensitive data access as sensitive thereby forming a modified request. The security system agent sends the modified request to the security system thereby causing the security system to process the modified request without access the sensitive data associated with the at least one marked sensitive data access.