Abstract: A keyboard detection system, that includes a processor that operates to detect at least one anomaly in input data and determine a correlation between the at least one anomaly and a characteristic of an inconsistent keyboard type. The processor may operate to determine the correlation between the at least one anomaly and the characteristic of the inconsistent keyboard type based on a lookup table or algorithm.

Abstract: Disclosed herein are systems and methods of executing scanning software, such an executable software program or script (e.g., PowerShell script), by a computing device of an enterprise, such as a security server, may instruct the computing device to search all or a subset of computing devices in an enterprise network. The scanning software may identify PowerShell scripts containing particular malware attributes, according to a malicious-code dataset. The computing system executing the scanning software may scan through the identified PowerShell scripts to identify particular strings, values, or code-portions, and take a remedial action according to the scanning software programming.

Abstract: The present disclosure relates generally to improved systems and methods for ensuring continued network security in a data network. More specifically, present embodiments are directed to detecting and responding to the failure of a security detection module employed for network security in the data network. A detection failure monitoring system may detect that a security detection module has failed by executing a number of test cases simulating conditions that should be flagged by the security detection module. To that end, when the detection failure monitoring system determines that a security detection module did not flag a condition produced by an executed test case, the detection failure monitoring system may implement a response to address the failed security detection module. Accordingly, the systems and techniques provided herein may maintain network security with improved granularity and robustness.

Abstract: A keyboard detection system, that includes a processor that operates to detect at least one anomaly in input data and determine a correlation between the at least one anomaly and a characteristic of an inconsistent keyboard type. The processor may operate to determine the correlation between the at least one anomaly and the characteristic of the inconsistent keyboard type based on a lookup table or algorithm.

Abstract: Disclosed herein are systems and methods of executing scanning software, such an executable software program or script (e.g., PowerShell script), by a computing device of an enterprise, such as a security server, may instruct the computing device to search all or a subset of computing devices in an enterprise network. The scanning software may identify PowerShell scripts containing particular malware attributes, according to a malicious-code dataset. The computing system executing the scanning software may scan through the identified PowerShell scripts to identify particular strings, values, or code-portions, and take a remedial action according to the scanning software programming.

Abstract: The present disclosure relates generally to improved systems and methods for ensuring continued network security in a data network. More specifically, present embodiments are directed to detecting and responding to the failure of a security detection module employed for network security in the data network. A detection failure monitoring system may detect that a security detection module has failed by executing a number of test cases simulating conditions that should be flagged by the security detection module. To that end, when the detection failure monitoring system determines that a security detection module did not flag a condition produced by an executed test case, the detection failure monitoring system may implement a response to address the failed security detection module. Accordingly, the systems and techniques provided herein may maintain network security with improved granularity and robustness.

Abstract: Disclosed herein are systems and methods of executing scanning software, such an executable software program or script (e.g., PowerShell script), by a computing device of an enterprise, such as a security server, may instruct the computing device to search all or a subset of computing devices in an enterprise network. The scanning software may identify PowerShell scripts containing particular malware attributes, according to a malicious-code dataset. The computing system executing the scanning software may scan through the identified PowerShell scripts to identify particular strings, values, or code-portions, and take a remedial action according to the scanning software programming.

Abstract: A computer-implemented method can be performed to identify the publication of sensitive data and/or malware to a third-party site. According to the method, at least one processor retrieves data items stored on a computer system over a network, the computer system hosting a third-party site, to which the data items are published. The at least one processor stores the data items in local, computer-readable memory, and processes the data items stored in the local, computer-readable memory based on at least one search criteria. The at least one processor determines that at least one of the data items satisfies the at least one search criteria, and in response, provides an alert identifying the at least one data items.