Abstract: A system and method for application software security and auditing are disclosed. A particular embodiment includes an application security management system configured to: instrument one or more data input and output points of an application for one or more instances of data identified as sensitive data, access one or more policies corresponding to the one or more instances of the sensitive data, trace the one or more instances of the sensitive data through the application in association with the one or more policies, and generate an audit of each instance of the sensitive data indicating a route from which the sensitive data is accessed, to where the sensitive data is written, and where the sensitive data surfaces in the application.

Abstract: A method for determining one or more anomalies associated with a first set of data, said method comprising: processing said first set of data to provide frequency information for a plurality of combinations of data in said first set of data; comparing said frequency information for the first set of data with frequency information for said combinations of data in a reference set of data; and in dependence on said comparison determining one or more anomalies.

Abstract: A system and method for application software security and auditing are disclosed. A particular embodiment includes an application security management system configured to: cause installation of a client application (app) agent in a client app on a client app server; communicate with the client app agent via a data network to collect trace data corresponding to data elements accessed in the client app and previously identified as sensitive data; cause transfer of information indicative of the trace data to a host site via the data network; identify a policy corresponding to the trace data; and apply the identified policy to the sensitive data elements in the client app.

Abstract: A system and method for application software security and auditing are disclosed. A particular embodiment includes an application security management system configured to: instrument one or more data input and output points of an application for one or more instances of data identified as sensitive data, access one or more policies corresponding to the one or more instances of the sensitive data, trace the one or more instances of the sensitive data through the application in association with the one or more policies, and generate an audit of each instance of the sensitive data indicating a route from which the sensitive data is accessed, to where the sensitive data is written, and where the sensitive data surfaces in the application.

Abstract: A method for determining one or more anomalies associated with a first set of data, said method comprising: processing said first set of data to provide frequency information for a plurality of combinations of data in said first set of data; comparing said frequency information for the first set of data with frequency information for said combinations of data in a reference set of data; and in dependence on said comparison determining one or more anomalies.

Abstract: A method for determining one or more anomalies associated with a first set of data, said method comprising: processing said first set of data to provide frequency information for a plurality of combinations of data in said first set of data; comparing said frequency information for the first set of data with frequency information for said combinations of data in a reference set of data; and in dependence on said comparison determining one or more anomalies.

Abstract: A system and method for application software security and auditing are disclosed. A particular embodiment includes an application security management system configured to: cause installation of a client application (app) agent in a client app on a client app server; communicate with the client app agent via a data network to collect trace data corresponding to data elements accessed in the client app and previously identified as sensitive data; cause transfer of information indicative of the trace data to a host site via the data network; identify a policy corresponding to the trace data; and apply the identified policy to the sensitive data elements in the client app.

Abstract: A method for determining one or more anomalies associated with a first set of data, said method comprising: processing said first set of data to provide frequency information for a plurality of combinations of data in said first set of data; comparing said frequency information for the first set of data with frequency information for said combinations of data in a reference set of data; and in dependence on said comparison determining one or more anomalies.