A method for operating a web server implemented on a computer, wherein in a launch phase, a web server process ignores requests from clients and a further process having elevated permissions of the web server process is started by the web server process, where the further process serves to execute actions with access to a predefined operating system area, following the launch phase, the web server process transitions to normal operation such that when the web server process then receives a request requiring an action with access to the predefined operating system area, the permissibility of the received request is checked by the web server process and in the event of a permissible request, the web server process and the further process communicate, which prompts the further process to execute the action with the required access to the predefined operating system area.

Systems and methods for deploying countermeasures against unauthorized scripts interfering with the rendering of content elements on information resources are provided herein. A computing device can receive an information resource including a content rendering verification script and a first content element. The computing device can execute the script. The computing device can render the first content element for display on the information resource in a first format. The computing device can determine that the first content element is not successfully displayed in the first format. The computing device can render the first content element for display on the information resource in a second format, responsive to the determination. The computing device can determine that the first content element is successfully displayed in the second format. The computing device can display a second content element of the information resource responsive to the determination.

Embodiments of the present disclosure provide methods, apparatus, systems, computer program products for supporting communication functionality in an interactive electronic technical manual system (IETM) configured to provide electronic and credentialed access via an IETM viewer to technical documentation for an item. In one embodiment, a method is provided comprising: providing a window comprising a communication session option; receiving input of a selection of the communication session option; responsive to receiving the input: identifying active users who are signed into the IETM for a particular object of the item based on credentials for the user and the user being signed into the IETM for the particular object; and causing display of an identifier for each active user on the window as selectable; receiving input of a selection of an indicator for an active user; and responsive to receiving the input, initiating a communication session with the active user within the IETM.

A method and a system for detecting an unauthorized activity at a user device are provided. The method comprises: analyzing a first request from the user device, the first request including original client cookie; in response to the original client cookie meeting a predetermined threshold: causing the user device to receive a Java Script Module, thereby enabling the user device to generate a second request, by: receiving server cookie indicative of a given activity associated with the user device being one of: a user activity and a bot activity; generating the second request including first client cookie and the server cookie; determining if the second request is to be transmitted to a web content server associated with the first web page; in response to the server cookie data being indicative of the bot activity: the second request is blocked.

Embodiments of the present invention are directed to identifying phishing websites by rendering and analyzing document object model (DOM) objects associated with a website for features that indicate phishing behavior. Embodiments analyze the full scope and functionality associated with a website by executing functions embedded in a DOM object before analyzing the website for phishing activity. Accordingly, embodiments render and analyze a fully executed DOM object for phishing behavior. Embodiments may then perform steps to mediate a website that is classified as performing phishing. Thus, embodiments are configured to (1) collect website information from a variety of websites and web servers connected to the internet, (2) analyze the collected data to determine whether the website information is performing phishing, and (3) mediate websites and other actors that are determined to be performing phishing based on the results of the phishing analysis.

A method for enforcing entitlements includes configuring a wide variety of entitlements at a server; determining applicable combination of entitlements for a given client request; sending entitlements to the requesting client securely; handling entitlement information securely on a plurality of client devices at run time; storing entitlement information securely on a plurality of client devices for offline use; and enforcing entitlements on a plurality of client devices. The method employs manipulation of manifest files by a proxy that may be included in the client device or located in the network.

In a method for securing a web browser, display instructions for displaying web content are received from a content server by a web browser operating on a client computing device. The web browser creates a document object using the display instructions and determines from the document object whether one or more of the display instructions meet font profiling criteria selected to identify attempts to profile font display characteristics of the web browser. Responsive to a determination that font profiling criteria are met, the web browser alters a character display of the document object and implements the document object for displaying the web content on the client computing device.

Embodiments are directed to managing sandboxed application extensions. A first request that include includes information that identifies an extension may be provided to an extension server. Information included in a first response may be employed to instantiate an extension shell that corresponds to the extension and embed it in the hosting application such that the extension shell is associated with a first security policy included in the first response. A second request may be provided to the extension server based on information included in the extension shell such that the second request includes an identifier associated with an extension body that corresponds to the extension shell. The first security policy or the second security policy may be employed to enable one or more of the extension shell or the extension body to just access the hosting application or just access the extension server.

Systems, methods, and computer-readable media for cybersecurity are disclosed. The systems and methods may involve receiving, by an application capable of JavaScript execution, code for execution; executing, before execution of the received code, an intercepting code, wherein the intercepting code is configured to intercept at least one application programming interface (API) invocation by the received code; intercepting, by the intercepting code, an API invocation by the received code; determining that the intercepted API invocation results in a manipulation of a backing store object; and modifying an execution of the intercepted API invocation, wherein the modified execution results in a nonpredictable environment state.

In an approach to enforcing EULA version aware application response, responsive to receiving a request from a user to access an application, details of an End User License Agreement (EULA) are sent to the application. A response is received from the application based on the details of the EULA. A message is sent to the user, where the message contains the response from the application.