Abstract: A composition including an organic silane compound (A), where the organic silane compound (A) includes a reaction product (A3) between a silane compound (A1) having a fluoropolyether group and a hydrolyzable silyl group and a silicone compound (A2) having an epoxy ring and a hydrolyzable silyl group, and where the silane compound (A1) having a fluoropolyether group and a hydrolyzable silyl group differs from the silicone compound (A2) having an epoxy group and a hydrolyzable silyl group.

Abstract: A security platform may determine mapped attribute information associated with a plurality of host identifiers. The mapped attribute information may include information that identifies a set of related attributes. The security platform may determine, based on the mapped attribute information, that a host device is associated with at least two host identifiers of the plurality of host identifiers. The security platform may aggregate, based on the at two least host identifiers, threat information as aggregated threat information associated with the host device. The security platform may classify the host device as an infected device or a suspicious device based on the aggregated threat information.

Abstract: A security platform may determine, during receipt of a file, metadata associated with the file. The file may be intended for a client device. The security platform may compute, based on the metadata and during the receipt of the file, a hash associated with the file. The security platform may identify, during the receipt of the file, a stored hash that matches the hash associated with the file. The security platform may determine a security classification of the file based on information associated with a security classification corresponding to the stored hash. The security classification of the file may be determined before the receipt of the file is complete. The security platform may selectively permit, based on the security classification of the file, the client device to complete a receipt of the file.

Abstract: A security platform may determine, during receipt of a file, metadata associated with the file. The file may be intended for a client device. The security platform may compute, based on the metadata and during the receipt of the file, a hash associated with the file. The security platform may identify, during the receipt of the file, a stored hash that matches the hash associated with the file. The security platform may determine a security classification of the file based on information associated with a security classification corresponding to the stored hash. The security classification of the file may be determined before the receipt of the file is complete. The security platform may selectively permit, based on the security classification of the file, the client device to complete a receipt of the file.

Abstract: A security platform may determine mapped attribute information associated with a plurality of host identifiers. The mapped attribute information may include information that identifies a set of related attributes. The security platform may determine, based on the mapped attribute information, that a host device is associated with at least two host identifiers of the plurality of host identifiers. The security platform may aggregate, based on the at two least host identifiers, threat information as aggregated threat information associated with the host device. The security platform may classify the host device as an infected device or a suspicious device based on the aggregated threat information.

Abstract: A determination is made regarding whether to merge two symbolic analysis states. A first state corresponds to a first path through a program to a program location and a second state corresponds to a second path through the program to the program location. A set of variables of the program at the program location is determined. For each variable in the set: a) a first value of the variable in the first state is determined; b) a second value of the variable in the second state is determined; and c) a determination is made, based on the first and second values, regarding whether merging the first and second states would be advantageous. A determination is made, responsive to determining that merging the first state and the second state would not be advantageous for at least one variable in the set, not to merge the first state and the second state.

Abstract: A system and method for in-vivo multi-path analysis and testing of binary software including binary device drivers is disclosed. The system and method may be used to test a binary software system and may comprise a virtual machine, a symbolic execution engine and a modular plugin architecture. In addition, a device driver testing system is also disclosed wherein symbolic execution may be used to explore the device driver's execution paths and check for device driver behavior.

Abstract: A determination is made regarding whether to merge two symbolic analysis states. A first state corresponds to a first path through a program to a program location and a second state corresponds to a second path through the program to the program location. A set of variables of the program at the program location is determined. For each variable in the set: a) a first value of the variable in the first state is determined; b) a second value of the variable in the second state is determined; and c) a determination is made, based on the first and second values, regarding whether merging the first and second states would be advantageous. A determination is made, responsive to determining that merging the first state and the second state would not be advantageous for at least one variable in the set, not to merge the first state and the second state.

Abstract: A system and method for in-vivo multi-path analysis and testing of binary software including binary device drivers is disclosed. The system and method may be used to test a binary software system and may comprise a virtual machine, a symbolic execution engine and a modular plugin architecture. In addition, a device driver testing system is also disclosed wherein symbolic execution may be used to explore the device driver's execution paths and check for device driver behavior.