Abstract: A system and method for providing remote zero trust access to a private network. A cloud server provides a user at a remote device with access to the private network. A proxy server interfaces between the remote device and the private network. A web interface initiates a session with the user. The proxy server allows the user to enter login credentials, verifies the entered login credentials, provides a dashboard page for displaying a list of assets available to the user at the private network, establishes a first remote session between a client at the remote device and the proxy server, establishes a second remote session between the proxy server and a proxy agent at the remote server, and informs the proxy agent of a selected asset, and enables the user to access the selected asset via the first remote session, the second remote session, and the proxy agent.

Abstract: A system and method for detecting page impersonation in phishing attacks. The system and method embody an application programming interface (API) which detects phishing attempts by extracting an embedded URL from an e-mail message and capturing a screenshot image of the referenced site. The captured screenshot is analyzed with an image recognition module that compares the captured screenshot with a record screenshot of one or more trusted sites. If the comparison indicates that the screenshots differ, the embedded URL is marked as safe. If the comparison indicates that the screenshots are the same, the domain of the embedded URL is compared with the domain for the trusted site. When the domains differ, the e-mail is marked as a page impersonation attempt. When the domains correspond, the e-mail is marked as safe. The system includes a page impersonation database of trusted site URLs, domains, and record screenshots.

Abstract: A hardware, key-file and password assisted enterprise key and password management system. By leveraging hardware and key files, along with public-key cryptography, an extremely efficient and secure key, access and password management system is provided. After configuring an account, the user needs only one hardware key device and need only remember a single strong password.

Abstract: An encryption system, method, and computer software program product provides encrypted transmission of data between a server and a web browser application on a client computing device. The system includes an Internet browser; a JavaScript data encryption library; a public key encryption algorithm; a server; and a public private key pair of the user. The JavaScript library loads in user's browser and configured with symmetric and asymmetric encryption libraries and codes. Server sends an encrypted key data to the browser/JavaScript application. The user may then provide their private key and the JavaScript library decrypts the encrypted key data and obtains a symmetric key used to encrypt the data the server transmits to the browser during a session. With the server transmitting data in encrypted form, the browser is configured to decrypt the received data using the JavaScript data encryption library and the private key of the user.

Abstract: An application or a plugin to Email client application such as Outlook or Thunderbird is described which automatically analyzes and detects Phishing emails. The application reads emails in an email client that an end user is using to access his/her emails. The application views source code of the email with all email headers, analyzes signatures, SMTP logs, and all traces of email origin.

Abstract: A system, method, apparatus, and computer program product to detect page impersonation in phishing attacks. The system detects phishing attempts by extracting an embedded URL from an e-mail message and captures a screenshot image of the referenced site. The captured screenshot is analyzed with an image recognition module that compares the captured screenshot with a record screenshot of one or more trusted sites. If the comparison indicates that the screenshots differ, the embedded URL is marked as safe. If the comparison indicates that the screenshots are the same, the domain of the embedded URL is compared with the domain for the trusted site. When the domains differ, the e-mail is marked as a page impersonation attempt. When the domains correspond, the e-mail is marked as safe. The system includes a page impersonation database of trusted site URLs, domains, and record screenshots.

Abstract: An application or a plugin to Email client application such as Outlook or Thunderbird to automatically analyze and detect Phishing emails. The application to attach itself or have an ability to read emails in an email client software that the end user is using to access his/her emails. The application can view source code of the email with all email headers, analyze signatures, SMTP logs and all traces of email origin.

Abstract: An encryption system, method, and computer software program product provides encrypted transmission of data between a server and a web browser application on a client computing device. The system includes an Internet browser; a JavaScript data encryption library; a public key encryption algorithm; a server; and a public private key pair of the user. The JavaScript library loads in user's browser and configured with symmetric and asymmetric encryption libraries and codes. Server sends an encrypted key data to the browser/JavaScript application. The user may then provide their private key and the JavaScript library decrypts the encrypted key data and obtains a symmetric key used to encrypt the data the server transmits to the browser during a session. With the server transmitting data in encrypted form, the browser is configured to decrypt the received data using the JavaScript data encryption library and the private key of the user.

Abstract: Systems and methods for preventing drivers from being loaded in Windows® OS kernel space. A security driver according to aspects of the invention is loaded in kernel space and is configured to register a filter to provide a notification in the event of an ImageLoad. So configured, the Windows® kernel provides a notification on all executables being loaded to the kernel on a first method and all file system related activities for a second method before executing them. The user may then selectively determine whether the executable or the file system related activities may be executed.

Abstract: A hardware, key-file and password assisted enterprise key and password management system. By leveraging hardware and key files, along with public-key cryptography, an extremely efficient and secure key, access and password management system is provided. After configuring an account, the user needs only one hardware key device and need only remember a single strong password.