Abstract: There is disclosed a method of providing passive phishing remediation for an enterprise, including: displaying, to a user of a mobile device, an email; receiving from the user a one-click request to perform additional analysis of the email; providing the email to a phishing mitigation service; assigning the email a reputation score, generating a human-readable reputation display for the email, wherein the human-readable reputation display includes at least three grades comprising safe, unknown or unreliable, and unsafe or malicious; and providing the human-readable reputation display as a push notification to the mobile device.

Abstract: In an example, there is disclosed a computing apparatus, including: a hardware platform comprising a processor and a memory; software to access a network or internet resource according to a domain name; a network stack to provide network or internet access; and a virtual private network (VPN), configured to locally intercept a domain name-based access request, query a domain policy repository to determine whether the domain name should be blocked, and to query an external domain name system (DNS) server for an internet protocol (IP) address for the domain name and pass the request through the network stack if the domain name should not be blocked.

Abstract: There is disclosed in one example a computing apparatus, including: a hardware platform including a processor and a memory; a network interface; and a phishing mitigation engine including instructions encoded within the memory to: receive via the network request a validation request from a mobile computing device, the validation request including an e-mail payload; query a cloud phishing reputation service for a reputation, the query including information from the e-mail payload; receive from the cloud phishing reputation service reputation data for the e-mail payload; and provide a push notification to the mobile computing device, the push notification including a reputation notice for the e-mail payload.

Abstract: In an example, there is disclosed a computing apparatus, including: a hardware platform comprising a processor and a memory; software to access a network or internet resource according to a domain name; a network stack to provide network or internet access; and a virtual private network (VPN), configured to locally intercept a domain name-based access request, query a domain policy repository to determine whether the domain name should be blocked, and to query an external domain name system (DNS) server for an internet protocol (IP) address for the domain name and pass the request through the network stack if the domain name should not be blocked.

Abstract: A system, method, and computer program product are provided for managing at least one aspect of a connection based on application behavior. In use, a connection request is received from an application. Additionally, a behavior of the application is identified. Furthermore, at least one aspect of a connection made in response to the connection request is managed, based on the behavior.

Abstract: A system, method, and computer program product are provided for managing at least one aspect of a connection based on application behavior. In use, a connection request is received from an application. Additionally, a behavior of the application is identified. Furthermore, at least one aspect of a connection made in response to the connection request is managed, based on the behavior.

Abstract: A method, system, and computer program product are provided for determining whether a process identified utilizing a first proxy is associated with an additional proxy. In use, a process is identified, utilizing the first proxy. Further, it is determined whether the process is associated with the additional proxy. In addition, an action is conditionally performed based on the determination.