Abstract: A TEE system that includes a first platform that runs a first TEE, a second platform that runs a second TEE, and a merging unit that is adapted to merge a first output from the first TEE of the first platform, with a second output from the second TEE of the second platform, so as to form an output of the TEE system. The first TEE and the second TEE are based on different implementations. In this way, the security of the system is improved, as a malicious actor even be able to access “t” machines, still would not be able to retrieve the secret unless there are multiple exploitable TEE vulnerabilities on all executing TEE platforms at the same time.

Abstract: The presently described techniques relate generally to configuration and use of a software platform that provides tools for users to store, arrange, and visualize genetic data, such as may be derived from a nucleic acid sequencing device. In addition, such a software platform may include one or more tools that allow a user to annotate genetic data with information available from external and/or internal genetic databases and to create custom reports based on such information. In practice, the software platform may be generic with respect to the sequencing device generating the sequence data, one or more upstream analytic packages, such as may perform variant identification or calling, and one or more external or internal data stores (e.g., knowledge bases or databases) used to access information about the sequence and/or variants identified therein.

Abstract: A distributed key management system, which contains a server, a plurality of key-holding devices adapted to communicate with the server; and a key-requesting device adapted to communicate with the server. Each one of the plurality of key-holding devices is adapted to hold a different fragment of a private key. The server is adapted to reconstruct the private key based on the fragments received from the plurality of key-holding devices. The key-requesting device is adapted to obtain the private key from the server. The systems according to the invention provide a zero-trust model key management scheme and would eliminate the risk of key leakage to unauthorized person while providing flexibility of authorizing devices.

Abstract: A method includes: identifying, by a runtime instrumentation agent of a web server, a plurality of attack surfaces of a web application executed on the web server; generating, by the runtime instrumentation agent, a plurality of hash values, where each hash value is generated based on one of the plurality of attack surfaces; and transmitting, by the runtime instrumentation agent, the plurality of hash values to an attack server external to the web server, where the attack server is to determine whether to scan each attack surface based on the plurality of hash values.

Abstract: Examples herein disclose via use of a physical processor, detecting a specific application programming interface (API) call to interact with an application running on a production server. Based on the detection of the specific API call, die examples assist, using the physical processor, a scanning session based on the specific API call Using the physical processor, the examples identify a modification to the application based on the scanning session.

Abstract: A TEE system that includes a first platform that runs a first TEE, a second platform that runs a second TEE, and a merging unit that is adapted to merge a first output from the first TEE of the first platform, with a second output from the second TEE of the second platform, so as to form an output of the TEE system. The first TEE and the second TEE are based on different implementations. In this way, the security of the system is improved, as a malicious actor even be able to access “t” machines, still would not be able to retrieve the secret unless there are multiple exploitable TEE vulnerabilities on all executing TEE platforms at the same time.

Abstract: A method for preventing blockchain intrusion includes the steps of detecting a transaction broadcasted to a blockchain network, determining if the transaction is authorized or unauthorized, and taking a prevention action if the transaction is unauthorized. The proposed system and method are not only adapted to detect unauthorized transactions but they can also cancel unauthorized transactions if the system prepare some data/arrangements in advance.

Abstract: In some examples, a method may include detecting a vulnerability in an application during execution on a first computing device. The method may include triggering a breakpoint based on the detecting, thereby pausing the execution of the application before execution of a portion of code that exploits the vulnerability. The method may include communicating a message indicating occurrence of the breakpoint. The method may include receiving a connection request from a second computing device in response to the message. The method may include resuming execution of the application from the breakpoint subject to a signal from the second computing device.

Abstract: Information stored in a Hypertext Transfer Protocol (HTTP) session is monitored. Based on the monitoring, authentication information in the information stored in the HTTP session is identified.

Abstract: In some examples, a system includes a scan execution engine and a scan adaptation engine. The scan execution engine may execute a scan of a web application hosted on a web host. During scan execution, the scan adaptation engine may adapt a subsequent scan portion for later execution based on a scan metric received from a monitoring agent that monitors the web application, the web host, or both.

Abstract: A distributed key management system, which contains a server, a plurality of key-holding devices adapted to communicate with the server; and a key-requesting device adapted to communicate with the server. Each one of the plurality of key-holding devices is adapted to hold a different fragment of a private key. The server is adapted to reconstruct the private key based on the fragments received from the plurality of key-holding devices. The key-requesting device is adapted to obtain the private key from the server. The systems according to the invention provide a zero-trust model key management scheme and would eliminate the risk of key leakage to unauthorized person while providing flexibility of authorizing devices.

Abstract: The present invention relates to methods, systems and apparatus for capturing, integrating, organizing, navigating and querying large-scale data from high-throughput biological and chemical assay platforms. It provides a highly efficient meta-analysis infrastructure for performing research queries across a large number of studies and experiments from different biological and chemical assays, data types and organisms, as well as systems to build and add to such an infrastructure. According to various embodiments, methods, systems and interfaces for identifying genes that are potentially associated with a biological, chemical or medical concept of interest.

Abstract: Examples herein disclose via use of a physical processor, detecting a specific application programming interface (API) call to interact with an application running on a production server. Based on the detection of the specific API call, die examples assist, using the physical processor, a scanning session based on the specific API call Using the physical processor, the examples identify a modification to the application based on the scanning session.

Abstract: Examples disclosed herein relate to modifying a web page. In one example, in response to beginning execution of a process initiating generation of a web page of a web application at a server, a runtime agent is executed. In this example, the runtime agent modifies code of the web page to inject code to protect output of the web page. In the example, the process can be executed using the modified code to generate a modified web page.

Abstract: Example embodiments disclosed herein relate to generating a point-wise protection based on dynamic security analysis. Vulnerability solution recommendation are provided based on the dynamic security analysis. A point-wise protection is generated based on a selection of the vulnerability solution recommendation.

Abstract: A method for attack detection includes: intercepting, by a runtime security agent, a request for a web resource; determining whether the intercepted request was triggered from an external website; determining whether the intercepted request was triggered from a current session; determining whether the intercepted request is requesting a static file type; and in response to a determination that the intercepted request was triggered from an external website and was not triggered from a current session, or a determination that the intercepted request was triggered from an external website and is not requesting a static file type, providing, by the runtime security agent, an indication of a potential attack.

Abstract: Example embodiments disclosed herein relate to determining a secure activity of an application under test (AUT). Execution of an application under test is monitored. During an attack vector, an application programming interface associated with a secure activity is determined. A message is sent to a security test that secure activity occurred.

Abstract: Systems and methods are provided for identifying genes with outlier expression across multiple samples, including: at least one processor; and at least one non-transitory computer readable medium containing instructions that, when executed by the at least one processor, cause the at least one processor to perform operations including: receiving gene expression data of a plurality of samples, the samples comprising gene expression values corresponding to genes; standardizing the gene expression data using the median and median absolute deviation of each gene; determining a value of a distribution statistic for the standardized gene expression observations based on a probability of outlier gene expression data; determining a null distribution of the distribution statistic using the standardized gene expression data; and outputting a significance value of the genes across the multiple samples, the significance value based on the value of the distribution statistic and the null distribution.

Abstract: Example embodiments disclosed herein relate to an approach for installing a runtime agent during a security test. A security test is initiated or performed on an application under test executing on a server. An application vulnerability associated with the application under test is determined. The application vulnerability is exploited to install the runtime agent on the server. The security test is continued using the runtime agent to receive additional information about the application under test.

Abstract: A method includes: identifying, by a runtime instrumentation agent of a web server, a plurality of attack surfaces of a web application executed on the web server; generating, by the runtime instrumentation agent, a plurality of hash values, where each hash value is generated based on one of the plurality of attack surfaces; and transmitting, by the runtime instrumentation agent, the plurality of hash values to an attack server external to the web server, where the attack server is to determine whether to scan each attack surface based on the plurality of hash values.