In general, embodiments relate to a method for detecting vulnerabilities of an installed application, comprising: obtaining information related to an application installed to a client device; sending, by an application monitoring agent, the information related to the application installed to the client device to a vulnerability validator; determining by the vulnerability validator, based on impact score information, whether a specific version of the application installed to the client device has vulnerabilities; sending the impact score information to a client device upgrade manager; and notifying, based on the impact score information, the client device when the application installed to the client device has vulnerabilities.

In general, embodiments relate to a method for proactively detecting and filtering vulnerabilities of an application upgrade, comprising: receiving an application upgrade request to upgrade an application to a version from a client device; sending information related to the application upgrade to a vulnerability validator; determining, based on the impact score information, that the version of the application has vulnerabilities and that a second version of the application does not have vulnerabilities; filtering, based on the determining, the version of the application that has vulnerabilities; generating an application upgrade strategy by only considering the second version of the application; and sending information related to the version of the application to a vendor to fix the vulnerabilities.

A login macro to automatically log into a web application running on a server computing device is generated from a provided username, a provided password, and a provided network address of the web application. The login macro can be generated regardless of whether the web application is logged into at a starting web page at the provided network address or at a sign-in web page navigable from the starting web page. After the login macro has been generated, that usage the login macro successfully results in logging into the web application running on the server computing device can be verified.

An apparatus to facilitate descriptor resiliency in a computer system platform is disclosed. The apparatus comprises a non-volatile memory to store firmware for a computer system platform, wherein the firmware comprises a primary descriptor including access permission details for platform components and a secondary descriptor including a backup copy of the access permission details and a controller, coupled to the first non-volatile memory, including recovery hardware to detect a problem during a platform reset with the primary descriptor, recover the contents of the primary descriptor from the backup copy included in the secondary descriptor and store the contents of the backup copy to primary descriptor.

Embodiments seek to prevent detection of a sandbox environment by a potential malware application. To this end, execution of the application is monitored, and provide information about the execution to a reinforcement learning machine learning model. The model generates a suggested modification to make to the executing application. The model is provided with information indicating whether the application executed successfully or not, and this information is used to train the model for additional modifications. By modifying the potential malware execution during its execution, detection of a sandbox environment is prevented, and analysis of the potential malware applications features are better understood.

According to embodiments of the present disclosure, there is provided a system, method, electronic device, storage medium and program product of security protection. The system comprises: a security computing sub-system, configured to manage security of developed code to compile the developed code into an installation file corresponding to a target application and a service program for supporting the target application; a data exchange sub-system, configured to manage data communication of the target application or service program with RoW (rest of World); and a security sandbox sub-system, configured to manage traffic data associated with the target application. In this way, the embodiments of the present disclosure can guarantee the security and compliance of data related to the target application.

A method in a communication device, and a communication device, for executing a software updating process at the communication device is suggested, where the method is executed by acquiring data captured by at least one sensor which is accessible to the communication device, by comparing the acquired data to predefined conditions for initiating a software updating process, and by initiating the software updating process at the communication device in response to determining that the acquired data meet with predefined conditions for updating software at the communication device.

A computer implemented method of detecting malware in a received software component includes generating a profile for the malware by accessing machine code for the malware, identifying a subset of the machine code for the malware as a logical subroutine of the malware, and extracting one or more features of the logical subroutine of the malware as the profile. The method further includes accessing machine code for the received software component to identify a plurality of logical subroutines thereof and extracting one or more features of each logical subroutine of the received software component for comparison with the profile to detect the malware in the received software component.

A method for operating a computing device for a control unit of a motor vehicle. The computing device including a processor core, and is configured to control an exchange of data between a connectivity zone and a security zone. The security zone includes at least one component which is necessary to drive the vehicle and has an elevated relevance with regard to safety. The connectivity zone including at least one component whose operation requires communication outside of the vehicle but is not required to drive the vehicle and does not have an elevated relevance with regard to safety. At least one first program executable by the computing device is assigned to a non-trustworthy zone, and at least one further program is assigned to a trustworthy zone. The component of the connectivity zone is assigned to the non-trustworthy zone, and the component of the security zone being assigned to the trustworthy zone.

Disclosed are various approaches for secure inter-application communication with unmanaged applications using certificate enrollment. A certificate signing request can be received from an unmanaged application via an inter-application communication method supported by an operating system of a computing device, and an identity of the unmanaged application can be verified. The certificate signing request can be provided to a certifying authority, and a certificate can be received from the certifying authority. The certificate can be provided to the unmanaged application.