Abstract: A small piece of hardware connects to a mobile device and filters out attacks and malicious code. Using the piece of hardware, a mobile device can be protected by greater security and possibly by the same level of security offered by its associated corporation/enterprise. In one embodiment, a mobile security system includes a connection mechanism for connecting to a data port of a mobile device and for communicating with the mobile device; a network connection module for acting as a gateway to a network; a security policy for determining whether to forward content intended for the mobile device to the mobile device; and a security engine for executing the security policy.

Abstract: A secure data exchange system comprising a security device including a first external device plug, and a security engine operative to enforce a security policy on data transfer requests received from the host; an external device including a second external device plug; and a host including a first external device port operative to communicatively couple with the first external device plug, a second external device port operative to communicatively couple with the second external device plug, and a driver, e.g., a redirect driver, operative to transfer a data transfer request to the security device before executing the data transfer request.

Abstract: A method comprises detecting a removable media device being coupled to an external device port of a digital device having an operating system and a file system, authenticating a password to access the removable media device, causing redirection code to be temporarily generated on the digital device, intercepting with the redirection code a data request, determining to allow the data request based on a security policy, allowing the operating system or file system to provide the data based on the determination, detecting the removable media device being removed from the digital device; and terminating the at least a portion of the redirection code.

Abstract: A small piece of hardware connects to a mobile device and filters out attacks and malicious code. Using the piece of hardware, a mobile device can be protected by greater security and possibly by the same level of security offered by its associated corporation/enterprise. In one embodiment, a mobile security system includes a connection mechanism for connecting to a data port of a mobile device and for communicating with the mobile device; a network connection module for acting as a gateway to a network; a security policy for determining whether to forward content intended for the mobile device to the mobile device; and a security engine for executing the security policy.

Abstract: A wireless security method performed by a network monitoring system for a wireless station, the method maintaining continuous wireless service, the method including identifying a desired network, to which the wireless station is currently connected vis a legitimate access point, as having become an undesirable network, based on a network security policy, and based on network variables, activate the legitimate access point to create a desired network, comprising changing network variables of the undesired network, and maintaining the wireless station connection to the network, based on the security policy.

Abstract: A small piece of hardware connects to a mobile device and filters out attacks and malicious code. Using the piece of hardware, a mobile device can be protected by greater security and possibly by the same level of security offered by its associated corporation/enterprise. In one embodiment, a mobile security system includes a connection mechanism for connecting to a data port of a mobile device and for communicating with the mobile device; a network connection module for acting as a gateway to a network; a security policy for determining whether to forward content intended for the mobile device to the mobile device; and a security engine for executing the security policy.

Abstract: Method for orchestrating wireless sensors, including registering each of a plurality of monitoring sensors that are attached to a respective plurality of wireless hosting equipment, with an orchestrator, generating, for each sensor, a monitoring plan including a description of wireless channels/protocols for the sensor to monitor, and amounts of time that the sensor should spend monitoring each channel/protocol prior to advancing to a next channel/protocol, wherein the monitoring plan for a sensor includes directives that instruct the sensor what to do when a monitoring period for a channel/protocol is interrupted before its intended monitoring time is finished, attempting, by the sensors, to monitor the channels/protocols specified in the sensor's monitoring plan in accordance with the time specified in the sensor's monitoring plan, and generating, by each sensor, an execution report including time spent at each channel/protocol, amount of data collected from each channel/protocol, and data captured from eac

Abstract: Systems and methods for providing security services during a power management mode are disclosed. In some embodiments, a method comprises detecting with a mobile security system a wake event on a mobile device, providing from the mobile security system a wake signal, the providing being in response to the wake event to wake a mobile device from a power management mode, and managing with the mobile security system security services of the mobile device. Managing security services may comprise scanning a hard drive of the mobile devices for viruses and/or other malware. Managing security services may also comprise updating security applications or scanning the mobile device for unauthorized data.

Abstract: Systems and methods for implementing content, streaming, and network security inside a chip or inside a computing device are disclosed. In exemplary embodiments, a system comprises a communication chip and a second processor. The communication chip comprises a router and security instructions. The router is configured to intercept untrusted data between a network, and a first router. The second processor is configured to receive the untrusted data from the router, process the untrusted data with the security instructions to produce trusted data, and provide the trusted data to the router.

Abstract: A secure data exchange system comprising a security device including a first external device plug, and a security engine operative to enforce a security policy on data transfer requests received from the host; an external device including a second external device plug; and a host including a first external device port operative to communicatively couple with the first external device plug, a second external device port operative to communicatively couple with the second external device plug, and a driver, e.g., a redirect driver, operative to transfer a data transfer request to the security device before executing the data transfer request.

Abstract: A hardware device with embedded software, for detecting Wi-Fi network attacks, including random access memory storing operating software for the device, Flash or EEPROM memory storing Wi-Fi network attack rules and attack data, a Wi-Fi interface monitoring and intercepting Wi-Fi packets and Wi-Fi frames transmitted to and from a mobile station being protected by the device, embedded operating software analyzing sequences of Wi-Fi packets and frames intercepted by the Wi-Fi interface to detect an attempted Wi-Fi network attack, based on the attack rules and the attack data stored in the Flash or EEPROM memory, and sending a notification message to the mobile station when an attempted Wi-Fi network attack is detected, a processor running the embedded operating software, and a power supply supplying power to the processor, to the random access memory, to the Flash or EEPROM memory, and to the Wi-Fi interface.

Abstract: In various embodiments, a method comprises detecting a removable media device coupled to a digital device, authenticating a password to access the removable media device, injecting redirection code into the digital device, intercepting, with the redirection code, a request for data, determining to allow the request for data based on a security policy, and providing the data based on the determination. The method may further comprise selecting the security policy from a plurality of security policies based, at least in part, on the password and/or filtering the content of the requested data. Filtering the content may comprise scanning the data for malware. Filtering the content may also comprise scanning the data for confidential information.

Abstract: Orchestrating wireless monitoring sensors, including registering each sensor with an orchestrator, generating, by the orchestrator for each sensor, a monitoring plan including a description of wireless channels and protocols for the sensor to monitor, and amounts of time that the sensor should spend monitoring each channel/protocol, attempting, by each of the sensors, to monitor the channels/protocols specified in the sensor's monitoring plan in accordance with the amounts of time specified in the monitoring plan, generating, by each sensor, an execution report including, for each channel/protocol monitored by the sensor, the actual time spent at the channel/protocol, the actual amount of data collected from the channel/protocol, and data captured from the channel/protocol, generating, by the orchestrator, a current coverage map indicating coverage of each channel over space and time, and further generating, by the orchestrator, one or more respective updated monitoring plans, based on the current coverage ma

Abstract: A digital content marketplace filter engine may be configured to identify a communication between a digital content marketplace client and a digital content marketplace server. An analysis engine may be configured to review the communication against a digital content marketplace policy. A response engine configured to block, allow or modify the communication to conform to the digital content marketplace policy.

Abstract: A computer performs dynamic address isolation. The computer comprises an application associated with an application address, a network interface coupled to receive incoming data packets from and transmit outgoing data packets to an external network, a network address translation engine configured to translate between the application address and a public address, and a driver for automatically forwarding the outgoing data packets to the network address translation engine to translate the application address to the public address, and for automatically forwarding the incoming data packets to the network address translation engine to translate the public address to the application address. The computer may communicate with a firewall configured to handle both network-level security and application-level security.

Abstract: A digital content marketplace filter engine may be configured to identify a communication between a digital content marketplace client and a digital content marketplace server. An analysis engine may be configured to review the communication against a digital content marketplace policy. A response engine configured to block, allow or modify the communication to conform to the digital content marketplace policy.

Abstract: A sticker attachable to an item of goods, including a processor, a storage communicatively coupled with the processor, storing a unique address for the sticker, storing operation code for the processor, and storing a plurality of data messages, wherein data messages include an address of a source sticker, an address of a destination computer and data relating to current properties of the source sticker, a wireless communicator for wirelessly transmitting and receiving data messages, and a power source supplying power to the processor, the storage and the wireless communicator, wherein the operation code includes instructions causing the processor to transmit data messages stored in the storage via the wireless communicator to currently nearby stickers that are within range of the wireless communicator, to receive data messages from the nearby stickers, and to store the received data messages in the storage.

Abstract: Systems and methods for providing security services during a power management mode are disclosed. In some embodiments, a method comprises detecting with a mobile security system a wake event on a mobile device, providing from the mobile security system a wake signal, the providing being in response to the wake event to wake a mobile device from a power management mode, and managing with the mobile security system security services of the mobile device. Managing security services may comprise scanning a hard drive of the mobile devices for viruses and/or other malware. Managing security services may also comprise updating security applications or scanning the mobile device for unauthorized data.

Abstract: Systems and methods for implementing content, streaming, and network security inside a chip or inside a computing device are disclosed. In exemplary embodiments, a system comprises a communication chip and a second processor. The communication chip comprises a router and security instructions. The router is configured to intercept untrusted data between a network, and a first router. The second processor is configured to receive the untrusted data from the router, process the untrusted data with the security instructions to produce trusted data, and provide the trusted data to the router.

Abstract: In various embodiments, a method comprises detecting a removable media device coupled to a digital device, authenticating a password to access the removable media device, injecting redirection code into the digital device, intercepting, with the redirection code, a request for data, determining to allow the request for data based on a security policy, and providing the data based on the determination. The method may further comprise selecting the security policy from a plurality of security policies based, at least in part, on the password and/or filtering the content of the requested data. Filtering the content may comprise scanning the data for malware. Filtering the content may also comprise scanning the data for confidential information.