Abstract: Methods and systems for generating stateful attacks for simulating and testing security infrastructure readiness. Attack templates descriptive of a plurality of attacks to be executed against one or more targets are defined. The attack templates are processed to compile a decision tree by traversing through a list of attack templates to create a logical tree with tree branches representing different execution paths through which attacks may be executed against the targets. During attack simulations and/or testing, single and/or multi-stage attacks are executed against targets, wherein attack sequences are dynamically determined using the execution paths in the decision tree in view of real-time results. The attacks may be executed against various types of targets, including target in existing security infrastructures and simulated targets. Moreover, the attacks may originate from computer systems within security infrastructures or remotely using computer systems external to the security infrastructures.

Abstract: Nutritive polypeptides are provided herein. Also provided are various other embodiments including nucleic acids encoding the polypeptides, recombinant microorganisms that make the polypeptides, vectors for expressing the polypeptides, methods of making the polypeptides using recombinant microorganisms, compositions and formulations that comprise the polypeptides, and methods of using the polypeptides, compositions and formulations.

Abstract: Methods and systems for generating stateful attacks for simulating and testing security infrastructure readiness. Attack templates descriptive of a plurality of attacks to be executed against one or more targets are defined. The attack templates are processed to compile a decision tree by traversing through a list of attack templates to create a logical tree with tree branches representing different execution paths through which attacks may be executed against the targets. During attack simulations and/or testing, single and/or multi-stage attacks are executed against targets, wherein attack sequences are dynamically determined using the execution paths in the decision tree in view of real-time results. The attacks may be executed against various types of targets, including target in existing security infrastructures and simulated targets. Moreover, the attacks may originate from computer systems within security infrastructures or remotely using computer systems external to the security infrastructures.

Abstract: Nutritive polypeptides are provided herein. Also provided are various other embodiments including nucleic acids encoding the polypeptides, recombinant microorganisms that make the polypeptides, vectors for expressing the polypeptides, methods of making the polypeptides using recombinant microorganisms, compositions and formulations that comprise the polypeptides, and methods of using the polypeptides, compositions and formulations.

Abstract: Nutritive polypeptides are provided herein. Also provided are various other embodiments including nucleic acids encoding the polypeptides, recombinant microorganisms that make the polypeptides, vectors for expressing the polypeptides, methods of making the polypeptides using recombinant microorganisms, compositions and formulations that comprise the polypeptides, and methods of using the polypeptides, compositions and formulations.

Abstract: Nutritive polypeptides are provided herein. Also provided are various other embodiments including nucleic acids encoding the polypeptides, recombinant microorganisms that make the polypeptides, vectors for expressing the polypeptides, methods of making the polypeptides using recombinant microorganisms, compositions and formulations that comprise the polypeptides, and methods of using the polypeptides, compositions and formulations.

Abstract: Methods and systems for generating stateful attacks for simulating and testing security infrastructure readiness. Attack templates descriptive of a plurality of attacks to be executed against one or more targets are defined. The attack templates are processed to compile a decision tree by traversing through a list of attack templates to create a logical tree with tree branches representing different execution paths through which attacks may be executed against the targets. During attack simulations and/or testing, single and/or multi-stage attacks are executed against targets, wherein attack sequences are dynamically determined using the execution paths in the decision tree in view of real-time results. The attacks may be executed against various types of targets, including target in existing security infrastructures and simulated targets. Moreover, the attacks may originate from computer systems within security infrastructures or remotely using computer systems external to the security infrastructures.

Abstract: Methods, apparatus, and software are provided for utilizing result data generated by various security evaluation and testing methods in measuring and quantifying responsiveness of IT security in fixing issues found by such evaluation and testing. Security evaluation results for two successive evaluation periods are obtained including a current data set and a last data set, wherein each of data set including entries designating respective attacks or tests and a breached or blocked result for that attack or test. The entries are normalized such that each entry in the current and last data set has a unique identifier. The entries in the current and last data sets are then compared based on the respective attack or test designated for associated entries in the current last data sets to determine differences in breached and blocked results for the two successive evaluation periods. An IT responsiveness score in then calculated as a function of the differences that are determined.

Abstract: Nutritive polypeptides are provided herein. Also provided are various other embodiments including nucleic acids encoding the polypeptides, recombinant microorganisms that make the polypeptides, vectors for expressing the polypeptides, methods of making the polypeptides using recombinant microorganisms, compositions and formulations that comprise the polypeptides, and methods of using the polypeptides, compositions and formulations.

Abstract: A method and apparatus for providing portable end-point security are provided. In one embodiment, a PEPS system may include a PEPS processor having a memory operatively coupled thereto, the memory having stored therein instructions which when executed by the PEPS processor causes: an automatic loader to automatically trigger loading of the PEPS system; the PEPS system including a malicious software detector to scan a main memory of the computing system for malicious software; and wherein the malicious software detector performs a scan of the main memory of the computing system following triggering of the PEPS system by the automatic loader by comparing existing data in main memory of the computing system with indicia of malicious software.

Abstract: A surround security system which screens packets transitioning a TCP/IP stack of a computer system from being broadcast over a network or being communicated to applications installed on the computer system. The surround security system may further include protections for the operating system, applications and security configurations.

Abstract: A method and apparatus for a surround security system is provided. The surround security system is embodied on a computer readable medium and includes a packet enforcement engine to screen packets to and from the network and a TCP/IP stack, an application enforcement engine to screen packets to and from the TCP/IP stack and applications on the computer system, a file monitor to verify integrity of files on the computer system and a vulnerability scanner to ensure that the computer system complies with a set level of security. The surround security system provides security which protects accesses through the TCP/IP stack for applications, and an operating system of the computer system.

Abstract: A system, method and computer program product for administering trust dependent functional control over a portable endpoint security device (PEPS). A reconnoitering application in conjunction with a trust enforcement policy determines a relative trusted state of the host processing unit and administers trust dependent functional control over the PEPS in dependence on one or more trust dependent characteristics reconnoitered from the host processing unit. The trust dependent characteristics reconnoitered from the host processing unit may be location dependent, context dependent, hardware configuration dependent and logical state dependent.

Abstract: A system, method and computer program product for centrally managing policies prescriptively assignable to a plurality of portable end-point security devices over a network is provided. Various embodiments incorporate an central management console configured to define a plurality of group folders on at least one administration server accessible by the plurality of portable end-point security devices, define separate policies for each of the plurality of group folders, assign the plurality of portable end-point security devices to one or more of the plurality of group folders in a many to many relationship such that the separate policies of the plurality of group folders are inherited by the portable end-point security devices when operatively coupled thereto. In an embodiment, the portable end-point security devices are disposed as a handheld computer peripheral device connectable to a computer system using a communications port.

Abstract: Enforcing a plurality of different policies on a stream of packets is disclosed. In lieu of running separate algorithms for each policy, the system exploits the commonalities of all of the policies. The conditions corresponding to the compiled rules are arranged in a condition tree and processed in a pipelined architecture that allows the results of the various stages to be carried forward into subsequent stages of processing. The rules for which all conditions have been satisfied can be identified by one stage of processing in one pass of condition tree traversal and are passed to subsequent stages. A rule table corresponding to an individual policy type can then be readily examined to determine partial or complete satisfaction of the rule of that policy type, without requiring a re-examination of the conditions underlying the rule. Additionally, corresponding actions can be taken where rule satisfaction is determined. This approach allows extremely high-speed policy enforcement performance.

Abstract: A signature based dynamic network intrusion detection system (IDS) includes attack signature profiles which are descriptive of characteristics of known network security violations. The attack signature profiles are organized into sets of attack signature profiles according to security requirements of network objects on a network. Each network object is assigned a set of attack signature profiles which is stored in a signature profile memory together with association data indicative of which sets of attack signature profiles correspond to which network objects. A monitoring device monitors network traffic for data addressed to the network objects. Upon detecting a data packet addressed to one of the network objects, packet information is extracted from the data packet. The extracted information is utilized to obtain a set of attack signature profiles corresponding to the network object based on the association data.