Abstract: Systems, methods, and software products, determine permission profiles for computer executable functions (functions). The systems, methods and software products, utilize both static analysis and dynamic analysis, in order to determine the minimal set of permissions based on the inter-relations between these two analysis methods, i.e., static analysis, and dynamic analysis, to determine the permission profiles for computer executable functions (functions).

Abstract: Systems, methods, and software products, determine permission profiles for computer executable functions (functions). The systems, methods and software products, utilize both static analysis and dynamic analysis, in order to determine the minimal set of permissions based on the inter-relations between these two analysis methods, i.e., static analysis, and dynamic analysis, to determine the permission profiles for computer executable functions (functions).

Abstract: A method of protecting a web server by applying a trusted web engine (TWE) to execute a webpage code in parallel to a client side web engine (CSWE), comprising a proxy server adapt to use a TWE to execute a code of a webpage provided by a web server, issue to the web server a plurality of trusted requests originating from the TWE, receive a plurality of client side requests originating from a CSWE executing the code of the webpage on a client device in parallel to the TWE, receive from the web server a plurality of responses to the plurality of trusted requests and sending to the CSWE at least some of the plurality of responses synchronized by correlating at least some of the plurality of client side requests with corresponding trusted requests according to identification information injected into the at least some client side requests.

Abstract: Secured connections are provided over a telephone access network using encryption/decryption equipment installed at a customer's premises and at a network facility. For outbound calls, the access network is secured before the destination number or any other critical information is sent over the access network. Inbound calls are routed through a secure center to prevent the identification of the calling party and to secure these communications over the access network. By providing encryption/decryption equipment at the network facility, the system provides secured connections over the access network regardless of whether the remote party is secured. The system also may be configured to provide end-to-end secured connections.