Methods and apparatus are described for automatically modifying web page source code to address a variety of security vulnerabilities such as, for example, vulnerabilities that are exploited by mixed content attacks.

A cryptographic method includes providing memory locations for storing encrypted data. The memory locations have respective addresses and are accessible via a communication bus. The method includes receiving over the communication bus access requests to the memory locations, wherein the access requests include burst requests for access to respective sets of the memory locations starting from respective start addresses, and calculating as a function of the start addresses encryption/decryption cryptographic masks based on cryptographic keys. Plain text data is received for encryption and the method includes applying the cryptographic masks to the plain text data to obtain therefrom encrypted data, and including the encrypted data into output data for transmission over the communication bus.

Disclosed are methods and systems for securely deploying obfuscated modules in an external system. For instance, a method may include selecting one or more modules from a module repository, the one or more modules associated with completing a task, receiving a custom base image, the custom base image including one or more environment modules configured to provide a specific execution environment for the one or more modules, transforming based on the custom base image, the one or more modules into a container image, the transforming including performing at least one obfuscation action on the one or more modules, and publishing the container image and a container image identifier to the external system, the external system configured to execute a cluster instance corresponding to the task, the cluster instance comprising at least one of: the container image identifier, one or more environmental parameters, and one or more entry point parameters.

In some examples, scalable source code vulnerability remediation may include receiving source code that includes at least one vulnerability, and receiving remediated code that remediates the at least one vulnerability associated with the source code. At least one machine learning model may be trained to analyze a vulnerable code snippet of the source code. The vulnerable code snippet may correspond to the at least one vulnerability associated with the source code. The machine learning model may be trained to generate, for the vulnerable code snippet, a remediated code snippet to remediate the at least one vulnerability associated with the source code. The remediated code snippet may be validated based on an analysis of whether the remediated code snippet remediates the at least one vulnerability associated with the source code.

A computing device includes a secure storage hardware to store a secret value and processing hardware comprising at least one of a cache or a memory. During a secure boot process the processing hardware loads untrusted data into at least one of the cache or the memory of the processing hardware, the untrusted data comprising an encrypted data segment and a validator, retrieves the secret value from the secure storage hardware, derives an initial key based at least in part on an identifier associated with the encrypted data segment and the secret value, verifies, using the validator, whether the encrypted data segment has been modified, and decrypts the encrypted data segment using a first decryption key derived from the initial key to produce a decrypted data segment responsive to verifying that the encrypted data segment has not been modified.

Data Privacy Manager (DPM) solution includes a number of different components performing data security procedures (encryption, masking, tokenization, Anonymization, etc.) at the folder, file, email, application, database and column levels. These include components such as Key Manager, File Manager, File Agent, Email Agent, Database Manager, Database Connector, the Token Manager, Security Risk Controller and Fraud Predictor. All these components can be managed through a management console.

Some embodiments of the present invention include an apparatus for securing data and include a processor, and one or more stored sequences of instructions which, when executed by the processor, cause the processor to set a data download threshold, encrypt data to be downloaded by a user based on detecting size of the data violating the download threshold such that the user receives encrypted downloaded data, and manage a decryption key used to decrypt the encrypted downloaded data. The decryption key may be deconstructed into N key fragments and may be reconstructed using K key fragments where N is equal to 2K1.

Virtual field programmable gate array (VFPGA) duplicates and/or emulates a field programmable gate array through the use of base hardware and firmware that uses RAM as ROM or EPROM and provides control and monitoring and manipulation through the use of elementary and basic device functionality commands (machine code primitives) to accommodate the needs of polymorphic cipher engine software so that the software achieves the same results as thou it had access to programmable logic arrays, gate and logic blocks found in field programmable gate array chips.

Methods and apparatus are described for automatically modifying web page source code to address a variety of security vulnerabilities such as, for example, vulnerabilities that are exploited by mixed content attacks.

Embodiments of the present invention provide a system for dynamic masking of data in a network. The system is configured for receiving, via a graphical user interface, a data access request for accessing data from a user associated with an entity, determining that the data comprises sensitive information, determining that the user is not authorized to access the data, dynamically performing non-scramble masking of the data based on determining that the data comprises sensitive information and that the user is not authorized to access the data, and displaying masked data to the user, via the graphical user interface.