Abstract: Methods, systems, and computer-readable media for automated code generation using analysis of design diagrams are disclosed. A diagram-to-code system determines one or more security properties of a plurality of components associated with a software product. Relationships between the components are indicated in a software design diagram. At least some of the security properties are determined using input to a user interface. The diagram-to-code system generates one or more secure code packages based (at least in part) on the software design diagram and the one or more security properties. The secure code package(s) implement one or more security controls associated with the software product. The secure code package(s) are provided to a developer. The secure code package(s) and additional program code from the developer are compiled into a compiled software product. Execution of the compiled software product mitigates security vulnerabilities using the one or more security controls.

Abstract: A design inspector tool generates secure source code related to stencils and design elements of an architecture diagram. The design inspector tool may retrieve source code from a source code repository that includes source code that is relevant to the stencils and design elements implemented by the design inspector tool. When or after a user modifies the source code, the design inspector tool feeds contextual information associated with the stencils and the design elements into a trained machine learning logic. The trained machine learning logic processes the contextual information to retrieve contextually relevant auto complete secure code suggestions from the source code repository. The contextually relevant auto complete source code suggestions may be presented to the user as an option for replacing or augmenting the modified source code.

Abstract: Methods, systems, and computer-readable media for automated detection of ambiguities in software design diagrams are disclosed. One or more graphs are determined that represent a plurality of elements of a design diagram. The one or more graphs comprise a plurality of nodes representing components and a plurality of edges representing relationships between the components. An evaluation of the design diagram with respect to one or more rules is initiated by a rules engine. The evaluation is based (at least in part) on traversal of the one or more graphs. Based (at least in part) on the evaluation, one or more flaws are identified in the design diagram. A modified design diagram is generated that represents remediation of at least a portion of the one or more flaws.

Abstract: A system, method, and computer-readable medium for detecting malicious computer code are provided. Instructions, such as HTML or JavaScript instructions may be received from a server, parsed, and executed. During execution of the instructions, one or more functions of a software application, such as a web browser, may be hooked, and an event object may be created for each called function that is hooked, resulting in a collection of event objects. Rules may be matched with event objects of the collection of event objects to detect malicious code. Attributes from the matched event objects may then be used to locate original malicious script or code injected into a web page.

Abstract: Systems and methods are provided for malware scanning and detection. In one exemplary embodiment, the method includes a hub computing device that receives, from a controller computing device, a scan request, and identifies spoke computing devices for performing the scan request. The method performed by the hub computing device also includes sending to the identified spoke computing devices, the scan request, receiving, from the spoke computing devices, results associated with the scan request, and sending, to the controller computing device, the results associated with the scan request.

Abstract: Techniques for providing information security threat assessment and amelioration are disclosed. The techniques may include obtaining fundamental data, obtaining document data, preparing fundamental instance nodes from the fundamental data, preparing document nodes from the document data, preparing edges between at least some of the nodes, storing the nodes and the edges in a manner that reflects a graph structure, and causing to be displayed at least a portion of a graph defined by at least one node and at least one edge.

Abstract: A system, method, and computer-readable medium for detecting malicious computer code are provided. A dataset may be accessed and converted to a binary dataset according to a predefined conversion algorithm. One or more cycles in the binary dataset may be identified. Statistical analysis may be performed on the identified one or more cycles. A determination that the set of dataset includes malicious software code may be made based on the performed statistical analysis.

Abstract: Techniques for providing information security threat assessment and amelioration are disclosed. The techniques may include obtaining fundamental data, obtaining document data, preparing fundamental instance nodes from the fundamental data, preparing document nodes from the document data, preparing edges between at least some of the nodes, storing the nodes and the edges in a manner that reflects a graph structure, and causing to be displayed at least a portion of a graph defined by at least one node and at least one edge.

Abstract: Systems and methods are provided for malware scanning and detection in a computing system. In one exemplary embodiment, the method includes launching, in a computing device of the computing system, a virtual machine, and launching, in the virtual machine of the computing device, an internet browser. The method also includes requesting, by the internet browser, data from a web page, and performing, using one or more analysis tools, analysis on the web page. In the method, performing analysis on the web page includes performing monitoring and recording of system application programming interface (API) calls, and creating software objects associated with the web page. The method also includes performing antivirus scanning of the software objects, de-obfuscating JavaScript associated with the software objects, and correlating data associated with the performed analysis to determine if the web page is a malicious web page.

Abstract: Techniques for providing information security threat assessment and amelioration are disclosed. The techniques may include obtaining fundamental data, obtaining document data, preparing fundamental instance nodes from the fundamental data, preparing document nodes from the document data, preparing edges between at least some of the nodes, storing the nodes and the edges in a manner that reflects a graph structure, and causing to be displayed at least a portion of a graph defined by at least one node and at least one edge.

Abstract: Techniques for providing computer security vulnerability intelligence are disclosed. The techniques include obtaining distributable vulnerability data that includes, for each of a plurality of software packages and associated vulnerabilities, threat mitigation information and a threat priority parameter, where the distributable vulnerability data was derived from an intelligence graph including a plurality of fundamental instance nodes, a plurality of document nodes, and a plurality of edges.

Abstract: The present invention generally relates to systems and methods for classifying executable files as likely malware or likely benign. The techniques utilize temporally-ordered network behavioral artifacts together with machine learning techniques to perform the classification. Because they rely on network behavioral artifacts, the disclosed techniques may be applied to executable files with obfuscated code.

Abstract: The present invention generally relates to systems and methods for classifying executable files as likely malware or likely benign. The techniques utilize temporally-ordered network behavioral artifacts together with machine learning techniques to perform the classification. Because they rely on network behavioral artifacts, the disclosed techniques may be applied to executable files with obfuscated code.

Abstract: Systems and methods are provided for malware scanning and detection in a computing system. In one exemplary embodiment, the method includes launching, in a computing device of the computing system, a virtual machine, and launching, in the virtual machine of the computing device, an internet browser. The method also includes requesting, by the internet browser, data from a web page, and performing, using one or more analysis tools, analysis on the web page. In the method, performing analysis on the web page includes performing monitoring and recording of system application programming interface (API) calls, and creating software objects associated with the web page. The method also includes performing antivirus scanning of the software objects, de-obfuscating JavaScript associated with the software objects, and correlating data associated with the performed analysis to determine if the web page is a malicious web page.

Abstract: The present invention generally relates to systems and methods for classifying executable files as likely malware or likely benign. The techniques utilize temporally-ordered network behavioral artifacts together with machine learning techniques to perform the classification. Because they rely on network behavioral artifacts, the disclosed techniques may be applied to executable files with obfuscated code.

Abstract: Systems and methods are provided for malware scanning and detection in a computing system. In one exemplary embodiment, the method includes launching, in a computing device of the computing system, a virtual machine, and launching, in the virtual machine of the computing device, an internet browser. The method also includes requesting, by the internet browser, data from a web page, and performing, using one or more analysis tools, analysis on the web page. In the method, performing analysis on the web page includes performing monitoring and recording of system application programming interface (API) calls, and creating software objects associated with the web page. The method also includes performing antivirus scanning of the software objects, de-obfuscating JavaScript associated with the software objects, and correlating data associated with the performed analysis to determine if the web page is a malicious web page.

Abstract: A system, method, and computer-readable medium for detecting malicious computer code are provided. A dataset may be accessed and converted to a binary dataset according to a predefined conversion algorithm. One or more cycles in the binary dataset may be identified. Statistical analysis may be performed on the identified one or more cycles. A determination that the set of dataset includes malicious software code may be made based on the performed statistical analysis.

Abstract: Techniques for providing information security threat assessment and amelioration are disclosed. The techniques may include obtaining fundamental data, obtaining document data, preparing fundamental instance nodes from the fundamental data, preparing document nodes from the document data, preparing edges between at least some of the nodes, storing the nodes and the edges in a manner that reflects a graph structure, and causing to be displayed at least a portion of a graph defined by at least one node and at least one edge.

Abstract: Techniques for providing computer security vulnerability intelligence are disclosed. The techniques include obtaining distributable vulnerability data that includes, for each of a plurality of software packages and associated vulnerabilities, threat mitigation information and a threat priority parameter, where the distributable vulnerability data was derived from an intelligence graph including a plurality of fundamental instance nodes, a plurality of document nodes, and a plurality of edges.

Abstract: The present invention generally relates to systems and methods for classifying executable files as likely malware or likely benign. The techniques utilize temporally-ordered network behavioral artifacts together with machine learning techniques to perform the classification. Because they rely on network behavioral artifacts, the disclosed techniques may be applied to executable files with obfuscated code.