William E. Sobel

Controllable deployment of software updates

Detecting man-in-the-middle attacks via security transitions

Preventing malware from abusing application data

Uninstall and system performance based software application reputation

Enabling efficient use of an endpoint

Enforcing digital rights management in a heterogeneous environment

Cooperative identification of malicious remote objects

Detecting mutating malware using fingerprints

Use of geo-location data for spam detection

Determining firewall rules for an application on a client based on firewall rules and reputations of other clients

Security threat reporting in light of local security tools

Anti-malware scanning in a portable application virtualized environment

Applying differing security policies for users who contribute differently to machine hygiene

Software signing certificate reputation model

Confidential data protection through usage scoping

Safely Updating Latent Applications to Reduce Attack Surface

System state rollback after modification failure

Automatic local deployment of site associated cues for antiphishing purposes

Anti-malware scanning in a virtualized file system environment

Use of geo-location data for spam detection

Temporal access control for computer virus prevention

File system based risk profile transfer

System and method of logical prefetching for optimizing file scanning operations

Confidential data protection through usage scoping

Restoration of backed up data by restoring incremental backup(s) in reverse chronological order

System utilizing updated spam signatures for performing secondary signature-based analysis of a held e-mail to improve spam email detection

Enabling clean file cache persistence using dual-boot detection

SSL validation and stripping using trustworthiness factors

Source independent file attribute tracking

Cache hint correction for security scanning

Detecting entry-portal-only network connections

Using inserted e-mail headers to enforce a security policy

Detecting spam e-mail with backup e-mail server traps

Dynamic security policy through use of empirical security events

Presentation of network source and executable characteristics

Instant messaging (IM) comforting in antivirus filtering system and method

Preventing network discovery of a system services configuration

Detecting local graphic password deciphering attacks

Use of database schema for fraud prevention and policy compliance

Preventing unauthorized loading of late binding code into a process

Safely rolling back a computer image

Automatic controllable deployment of software updates

Alternated update system and method

Structures and methods for using geo-location in security detectors

Risk profiling for optimizing deployment of security measures

Efficient backups using dynamically shared storage pools in peer-to-peer networks

Update protection system and method

Blocking e-mail propagation of suspected malicious computer code

Temporal access control for computer virus prevention

Detection and blocking of malicious code

System state rollback after modification failure

Vulnerability assessment of disk images

Verification of desired end-state using a virtual machine environment

Use of geo-location data for spam detection

Refining behavioral detections for early blocking of malicious code

Method and system to detect dangerous file name extensions

Refining behavioral detections for early blocking of malicious code

System utilizing updated spam signatures for performing secondary signature-based analysis of a held e-mail to improve spam email detection

Enforcement of compliance with network security policies

Systems and methods for centralized subscription and license management in a small networking environment

Alteration of module load locations

Controllable deployment of software updates

Client compliancy with self-policing clients

Client compliancy in a NAT environment

Enhanced client compliancy using database of security sensor data