Abstract: A method and program product are provided for implementing object state changes in a data network system that includes at least one application having a plurality of objects. Each object is capable of being in of a plurality of different object states. The method comprises utilizing a network monitor to identify potential object state anomaly candidates from among the plurality of objects and utilizing object measurements taken during a predetermined time segment to determine if the current object state of a potential object state anomaly candidate should change from the current object state to an updated object state.

Abstract: A method for monitoring performance of a data center that includes: (a) a performance monitor analyzing packets that flow between a client and a web or application server; (b) assigning packets to contexts where a context is a request-reply entity; (c) determining one or more of application, network, and back-end latency measures wherein: (i) the application latency measure is a time it takes for an application to respond to a request, (ii) the network latency measure is a time that it takes for packets to go through a network between the client and the web or application server, and (iii) the back-end latency is a time required for a back-end system to execute a request and respond to the application server.

Abstract: A system and method for protection of Web based applications are described. The techniques described provide an enterprise wide approach to preventing attacks of Web based applications. Individual computer networks within the enterprise monitor network traffic to identify anomalous traffic. The anomalous traffic can be identified by comparing the traffic to a profile of acceptable user traffic when interacting with the application. The anomalous traffic, or security events, identified at the individual computer networks are communicated to a central security manager. The central security manager correlates the security events at the individual computer networks to determine if there is an enterprise wide security threat. The central security manager can then communicate instructions to the individual computer networks so as to provide an enterprise wide solution to the threat.

Abstract: A method and program product are provided for implementing object state changes in a data network system that includes at least one application having a plurality of objects. Each object is capable of being in of a plurality of different object states. The method comprises utilizing a network monitor to identify potential object state anomaly candidates from among the plurality of objects and utilizing object measurements taken during a predetermined time segment to determine of the current object state of a potential object state anomaly candidate should change from the current object state to an updated object state.

Abstract: A method for monitoring performance of a data center that includes: (a) a performance monitor analyzing packets that flow between a client and a web or application server; (b) assigning packets to contexts where a context is a request-reply entity; (c) determining one or more of application, network, and back-end latency measures wherein: (i) the application latency measure is a time it takes for an application to respond to a request, (ii) the network latency measure is a time that it takes for packets to go through a network between the client and the web or application server, and (iii) the back-end latency is a time required for a back-end system to execute a request and respond to the application server.

Abstract: A system and method for protection of Web based applications are described. A Web application security system is included within a computer network to monitor traffic received from a wide area network, such as the Internet, and determine if there is a threat to the Web application. The Web application security system monitors web traffic in a non-inline configuration and identifies any anomalous traffic against a profile that identifies acceptable behavior of a user of the application. Any anomalous traffic is analyzed and appropriate protective action is taken to secure the Web application against an attack.

Abstract: A system and method for protection of Web based applications are described. An agent is included in a web server such that traffic is routed through the agent. A security module is also in communication with the agent. The agent receives information about the application profile, and patterns of acceptable traffic behavior, from the security module. The agent acts as a gatekeeper, holding up suspicious traffic that does not match the pattern of acceptable traffic behavior until the suspicious traffic has been analyzed by the security module. Using the agent, malicious traffic can dropped before it can reach the application, or the user can be logged out, or both.

Abstract: A system and method for protection of Web based applications are described. The techniques described provide an enterprise wide approach to preventing attacks of Web based applications. Individual computer networks within the enterprise monitor network traffic to identify anomalous traffic. The anomalous traffic can be identified by comparing the traffic to a profile of acceptable user traffic when interacting with the application. The anomalous traffic, or security events, identified at the individual computer networks are communicated to a central security manager. The central security manager correlates the security events at the individual computer networks to determine if there is an enterprise wide security threat.