| CPC G06F 21/54 (2013.01) [G06F 21/554 (2013.01); G06F 21/565 (2013.01)] | 20 Claims |
|
1. A method for processing computer system events for software security operations, comprising:
loading, by a computer process based on a first event occurring during a process initiation operation, at least one file in a computer memory;
generating at least one thread of the computer process;
blocking, based on a second event occurring after the first event, the at least one thread of the computer process from performing a write operation during the loading of the at least one file in the computer memory;
performing a security operation on the process contemporaneously with the loading of the at least one file in the computer memory and the blocking of the at least one thread of the computer process from performing the write operation; and
unblocking the at least one thread after performing the security operation.
|