Abstract: A method for identifying security vulnerabilities in a third party software component includes generating a test application for the third party software component. The test application is generated such that every externally accessible data path in the third party component is called. The test application and the third party software component are analyzed using a static application security testing (SAST) code analyzer. One or more test results are obtained from the SAST code analyzer. The one or more test results are used to identify security vulnerabilities in the third party component.

Abstract: Techniques are described for improving real-time application protection (RTAP) systems (e.g., web application firewalls (WAFs), runtime application self-protection (RASP) systems). In particular, a device within a trusted network may monitor or test the configuration settings of the RTAP systems, network traffic into the RTAP systems, and/or log information from the RTAP systems. For example, the device may detect drift in a configuration for a particular RTAP system by comparing the configuration settings of the RTAP systems to baseline configuration settings and classifying any detected drift as good drift or bad drift. In some examples, the device may maintain the configuration settings or set the configuration settings as the baseline configuration settings when the configurations settings include good drift from the baseline configuration settings. In other examples, the device may set the configuration settings with the bad drift to the baseline configuration settings.

Abstract: A method for identifying security vulnerabilities in a third party software component includes generating a test application for the third party software component. The test application is generated such that every externally accessible data path in the third party component is called. The test application and the third party software component are analyzed using a static application security testing (SAST) code analyzer. One or more test results are obtained from the SAST code analyzer. The one or more test results are used to identify security vulnerabilities in the third party component.

Abstract: Techniques are described for improving real-time application protection (RTAP) systems (e.g., web application firewalls (WAFs), runtime application self-protection (RASP) systems). In particular, a device within a trusted network may monitor or test the configuration settings of the RTAP systems, network traffic into the RTAP systems, and/or log information from the RTAP systems. For example, the device may detect drift in a configuration for a particular RTAP system by comparing the configuration settings of the RTAP systems to baseline configuration settings and classifying any detected drift as good drift or bad drift. In some examples, the device may maintain the configuration settings or set the configuration settings as the baseline configuration settings when the configurations settings include good drift from the baseline configuration settings. In other examples, the device may set the configuration settings with the bad drift to the baseline configuration settings.

Abstract: Techniques are described for improving real-time application protection (RTAP) systems (e.g., web application firewalls (WAFs), runtime application self-protection (RASP) systems). In particular, a device within a trusted network may be configured to identify risks of the RTAP systems. For example, the device may compare a plurality of attack signatures, from configuration settings of an application protection system to a plurality of defects from a defect data store; determine that at least one configuration setting of the application protection system corresponding to an application does not include protections for at least one defect of the plurality of defects; and in response to determine that the at least one configuration setting of the application protection system does not include protections for the at least one defect, generate an alert corresponding to the at least one defect.

Abstract: The invention provides an apparatus and method for strengthening the wrists, forearms and hands. The apparatus comprises a pair of elongate members that are slidable with respect to one another, with force being required for moving the elongate members away from one another. The apparatus enables a user to strengthen the wrist while maintaining it in a locked position. The apparatus finds particular use in rehabilitation and physical therapy for injuries of the wrist and hand.

Abstract: A method for identifying security vulnerabilities in a third party software component includes generating a test application for the third party software component. The test application is generated such that every externally accessible data path in the third party component is called. The test application and the third party software component are analyzed using a static application security testing (SAST) code analyzer. One or more test results are obtained from the SAST code analyzer. The one or more test results are used to identify security vulnerabilities in the third party component.

Abstract: A method for identifying security vulnerabilities in a third party software component includes generating a test application for the third party software component. The test application is generated such that every externally accessible data path in the third party component is called. The test application and the third party software component are analyzed using a static application security testing (SAST) code analyzer. One or more test results are obtained from the SAST code analyzer. The one or more test results are used to identify security vulnerabilities in the third party component.