Abstract: Systems and methods are provided for detecting the presence of a key logger program that is executing on a processing device of an information handling system by inputting simulated keystrokes to an information handling system with known key stroke characteristic/s (e.g., quantity of keystrokes as a function of time, keystroke data size as a function of time, and/or keystroke values as a function of time), and monitoring to detect resulting system activity characteristics that match the known key stroke characteristic/s of the simulated key strokes.

Abstract: Systems and methods are provided that may be implemented to secure a publicly-hosted web application so that it will render only within the determined context of a trusted client application. Such an authentication decision may be made, for example, using front-end web application code that is rendered in a client web view together with client application code to authenticate the client application context in which the web page is rendered. In this way, the web application may validate that it is being rendered in the context of a trusted and/or well-known client application rendering engine/environment.

Abstract: An information handling system may identify a process identifier of a client application that has requested a connection with the information handling system. The information handling system may obtain an access control list of a process associated with the process identifier. The information handling system may determine whether to establish a connection between the client application and the information handling system based, at least in part, on analysis of the access control list.

Abstract: An information handling system may include a processor to execute code of a threat level detection module to receive and store in memory labeled data descriptive of operating environment variables related to the information handling system including operating environment variables selected from a basic input/output system (BIOS) setting, an information handling system hardware setting, and at least one of an operating system (OS) environment setting, a developer tool access setting, or a network setting; the processor to determine, via execution of a machine learning process of the threat level detection module, a threat level value; and a security module associated with a first application executed on the information handling system to: map the threat level value with the first application; and adjust the security level associated with the first application based on the provided threat level value to modify security checks operating with the first application.

Abstract: Systems and methods are provided for detecting the presence of a key logger program that is executing on a processing device of an information handling system by inputting simulated keystrokes to an information handling system with known key stroke characteristic/s (e.g., quantity of keystrokes as a function of time, keystroke data size as a function of time, and/or keystroke values as a function of time), and monitoring to detect resulting system activity characteristics that match the known key stroke characteristic/s of the simulated key strokes.

Abstract: Pre-boot authentication at an information handling system is selectively bypassed based upon conditions detected at the information handling system that indicate a trusted environment. A security monitor integrated with the pre-boot authentication system detects predetermined conditions that authorize bypassing of the pre-boot authentication, such as location, behavior or password type indications of a trusted environment. In one embodiment, a password is input with touches to match a timing and position passcode, such as by mimicking a musical rhythm.

Abstract: Systems and methods to secure platform application services between platform client applications and platform services in an information handling system. The information handling system may include a client application that may transmit an application service request over an application services inter-process communication (IPC) channel. The information handling system may also include a server services application that may receive the application service request from the client application via the application services IPC channel. The server services application may query a publisher name of the client application and authenticate the client application based on the publisher name of the client application and a list of trusted client application publishers maintained by the server services application. When the client application is authenticated, the server services application may process the first application service request.

Abstract: Systems and methods are provided that may be implemented to secure a publicly-hosted web application so that it will render only within the determined context of a trusted client application. Such an authentication decision may be made, for example, using front-end web application code that is rendered in a client web view together with client application code to authenticate the client application context in which the web page is rendered. In this way, the web application may validate that it is being rendered in the context of a trusted and/or well-known client application rendering engine/environment.

Abstract: An information handling system operating a local inter-process communication securing system may comprise a memory and a processor executing machine readable code instructions of the local inter-process communication securing system performing a verification process of a candidate client application to instruct the candidate client application and a server application for which the local inter-process communication securing system acts as an API to establish a first named pipe having an endpoint address randomly generated by the local inter-process communication securing system, to receive a candidate client identification and a randomly generated string of alpha-numeric characters from the server application, and to instruct the server application to establish a first communication session, via the first named pipe, with the candidate client application upon determining the candidate client identification matches an authenticated client identification and that the randomly generated string of alpha-numeric c

Abstract: Pre-boot authentication at an information handling system is selectively bypassed based upon conditions detected at the information handling system that indicate a trusted environment. A security monitor integrated with the pre-boot authentication system detects predetermined conditions that authorize bypassing of the pre-boot authentication, such as location, behavior or password type indications of a trusted environment. In one embodiment, a password is input with touches to match a timing and position passcode, such as by mimicking a musical rhythm.

Abstract: In accordance with embodiments of the present disclosure, an information handling system may include a processor and a non-transitory computer-readable medium embodying a program of instructions, the program of instructions configured to, when read and executed by the processor: receive a toast notification trigger; and responsive to the toast notification trigger, launch an instance of an application associated with the toast notification trigger and communicate arguments related to a toast notification to the application via an application protocol of the application in order to bridge communication between legacy stack components and containerized stack solutions of an operating system, such that the application issues to the operating system a request to display a toast notification responsive to the toast notification trigger and completes a toast action responsive to user interaction with the toast notification.

Abstract: Systems and methods to secure platform application services between platform client applications and platform services in an information handling system. The information handling system may include a client application that may transmit an application service request over an application services inter-process communication (IPC) channel. The information handling system may also include a server services application that may receive the application service request from the client application via the application services IPC channel. The server services application may query a publisher name of the client application and authenticate the client application based on the publisher name of the client application and a list of trusted client application publishers maintained by the server services application. When the client application is authenticated, the server services application may process the first application service request.

Abstract: In accordance with embodiments of the present disclosure, an information handling system may include a processor and a non-transitory computer-readable medium embodying a program of instructions, the program of instructions configured to, when read and executed by the processor: receive a toast notification trigger; and responsive to the toast notification trigger, launch an instance of an application associated with the toast notification trigger and communicate arguments related to a toast notification to the application via an application protocol of the application in order to bridge communication between legacy stack components and containerized stack solutions of an operating system, such that the application issues to the operating system a request to display a toast notification responsive to the toast notification trigger and completes a toast action responsive to user interaction with the toast notification.

Abstract: An active tamper detection circuit with bypass detection is provided. A bypass detection circuit is coupled to an active mesh loop. The bypass detector includes a voltage comparator with a variable hysteresis control circuit and a calibration engine. The bypass detector detects a change in impedance in the mesh when an attacker attempts to bypass the active loop using a wire. As part of a boot-up sequence, the calibration engine runs a hysteresis sweep on the voltage comparator and stores a hysteresis sweep boot-up signature. When bypass protection is enabled, the bypass detector runs a hysteresis sweep of the voltage comparator periodically at a predetermined interval. Each sweep generates a generated signature that is compared to the stored boot-up signature. Any signature mismatch will be signaled as an impedance mismatch, or tamper. The hysteresis step size is also programmable. The calibration engine can make small changes to the boot-up signature to allow for small voltage variations.

Abstract: Pre-boot authentication at an information handling system is selectively bypassed based upon conditions detected at the information handling system that indicate a trusted environment. A security monitor integrated with the pre-boot authentication system detects predetermined conditions that authorize bypassing of the pre-boot authentication, such as location, behavior or password type indications of a trusted environment. In one embodiment, a password is input with touches to match a timing and position passcode, such as by mimicking a musical rhythm.

Abstract: Pre-boot authentication at an information handling system is selectively bypassed based upon conditions detected at the information handling system that indicate a trusted environment. A security monitor integrated with the pre-boot authentication system detects predetermined conditions that authorize bypassing of the pre-boot authentication, such as location, behavior or password type indications of a trusted environment. In one embodiment, a password is input with touches to match a timing and position passcode, such as by mimicking a musical rhythm.

Abstract: A one-time programmable (OTP) memory has a plurality of pages. A predefined section of each page is configured to store error policy bits. When an indicator in a first predefined location has a first value, the page is configured to store data with error correction code (ECC) bits, and when the indicator has a second value, at least a portion of the page is configured to store data with redundancy. Address translation circuitry is configured to, in response to receiving an access address, use a second predefined location of an accessed page of the plurality of pages accessed by the access address to determine a physical address in the accessed page which corresponds to the access address.

Abstract: An information handling system operating a local inter-process communication securing system may comprise a memory and a processor executing machine readable code instructions of the local inter-process communication securing system performing a verification process of a candidate client application to instruct the candidate client application and a server application for which the local inter-process communication securing system acts as an API to establish a first named pipe having an endpoint address randomly generated by the local inter-process communication securing system, to receive a candidate client identification and a randomly generated string of alpha-numeric characters from the server application, and to instruct the server application to establish a first communication session, via the first named pipe, with the candidate client application upon determining the candidate client identification matches an authenticated client identification and that the randomly generated string of alpha-numeric c

Abstract: An integrated circuit includes a one-time programmable (OTP) memory having a plurality of pages and address translation circuitry. A first line of each page is configured to store error policy bits. When a first bit of the first line has a first value, the page is configured to store data with error correction code (ECC) bits, and when the first bit has a second value, at least a portion of the page is configured to store data with redundancy. The address translation circuitry is configured to, in response to receiving an access address, use the first line of an accessed page of the plurality of pages accessed by the access address to determine a physical address in the accessed page which corresponds to the access address.