A Secure Web Gateway (SWG) provides authenticated Internet access to users of an organization allowing various security and access policies to be enforced based on administrator preferences and policies. Gartner defines a SWG as protecting Web-surfing devices from infection and enforcing company policies. A SWG is a solution that filters unwanted software/malware from user-initiated Web/Internet traffic and enforces corporate and regulatory policy compliance. These gateways must, at a minimum, include Uniform Resource Locator (URL) filtering, malicious-code detection and filtering, and application controls for popular Web-based applications, such as instant messaging (IM) and Skype. Native or integrated data leak prevention is also increasingly included. Since most Internet traffic is typically generated by browsers and uses Hypertext Transfer Protocol (HTTP), a SWG is typically an HTTP proxy using various mechanisms such as cookies or HTTP authentication to authenticate users and associate transactions to them. Over the years, end-to-end encryption using Secure Sockets Layer (SSL) has become common across the Internet. Intermediate proxies have to perform essentially man-in-the-middle attacks to break SSL tunnels before policies can be enforced. The emergence of mobile devices and apps has created newer challenges. In the past, web traffic came predominantly from browsers that behaved in a standards compliant fashion when it came to HTTP protocol. Apps on mobile devices are purpose-built to talk to dedicated servers that are maintained by the app owners. While HTTP is the predominant protocol used, apps may use encryption techniques that are not proxy friendly, ignore cookies and HTTP redirection, etc.