Abstract: Systems and methods are provided for monitoring access of computing resources. Usage rules may be created and stored that define a usage constraint based on actions available to be performed at the computing resources. An authenticator may verify login credentials received from a user and authorize the user to access a computing resource. A request to perform an action at the computing resource may be received, and a usage monitor may apply a usage rule to the requested action. If the requested action violates the usage constraint of the usage rule, the usage monitor may halt performance of the requested action and notify another user of the usage constraint violation. The authenticator may receive and verify another set of login credentials from that other user. In response to successful verification of the additional set of login credentials, the usage monitor may resume performance of the requested action.

Abstract: Systems and methods of managing computing resources of a computing system are described. A computing resource list and computing resource information may be stored at a data store. The computing resource list may identify a set of computing resources of a computing system, and the computing resource information may respectively describe the computing resources. The computing resource list may be updated in response to a new computing resource being added to the computing system or in response to an existing computing resource being removed from the computing system. Evaluation tasks for the computing resources may be performed, and a resource evaluation report may be generated during performance of at least one of the evaluation reports.

Abstract: Systems and methods are provided for monitoring access of computing resources. Usage rules may be created and stored that define a usage constraint based on actions available to be performed at the computing resources. An authenticator may verify login credentials received from a user and authorize the user to access a computing resource. A request to perform an action at the computing resource may be received, and a usage monitor may apply a usage rule to the requested action. If the requested action violates the usage constraint of the usage rule, the usage monitor may halt performance of the requested action and notify another user of the usage constraint violation. The authenticator may receive and verify another set of login credentials from that other user. In response to successful verification of the additional set of login credentials, the usage monitor may resume performance of the requested action.

Abstract: Systems and methods are provided for monitoring access of computing resources. Usage rules may be created and stored that define a usage constraint based on actions available to be performed at the computing resources. An authenticator may verify login credentials received from a user and authorize the user to access a computing resource. A request to perform an action at the computing resource may be received, and a usage monitor may apply a usage rule to the requested action. If the requested action violates the usage constraint of the usage rule, the usage monitor may halt performance of the requested action and notify another user of the usage constraint violation. The authenticator may receive and verify another set of login credentials from that other user. In response to successful verification of the additional set of login credentials, the usage monitor may resume performance of the requested action.

Abstract: Systems and methods for managing risk management rules are provided. A risk management rule may be configured at a rule configuration interface are described. The rule configuration interface may include a list of access rights available for selection. Based on input received, one of the access rights may be identified as a base access right and one of the access rights may be identified as a conflicting access right for the risk management rule. The access rights provisioned at the computing system may be monitored to determine whether a user is provisioned with both the base access right and the conflicting access right. If so, a violation review may be created and presented at a violation review interface at which a decision for the violation review is receivable. An exception to the risk management rule may also be configured at an exception configuration interface.

Abstract: Systems and methods for ensuring the quality of identity and access management information at a computing system are described. Access right information that respectively corresponds to one or more access rights may be stored at a data store. The access right information may be stored in accordance with a data model that defines respective relationships between the access rights and both the users having access to the computing system and the computing resources of the computing system. At least a portion of the access right information may be retrieved, and quality assurance tasks may be performed using the portion of the access right information retrieved.

Abstract: Systems, computer program products, and methods are described herein for a model framework and system for cyber security services. The present invention is configured to determine one or more access paths to the internal computing device from an external computing device; determine one or more controls associated with each access path; determine one or more types of access that may be made via one or more of the access paths by the external computing device to access the internal computing device; determine whether the one or more controls associated with the at least one of the one or more access paths is capable of detecting the access; determine one or more tools configured to regulate the one or more controls; and incorporate the one or more tools within the network to regulate the one or more controls to detect and monitor the access.

Abstract: A computing platform may receive, from a plurality of computing systems, data identifying permissions of a plurality of users to access one or more resources of the plurality of computing systems. The computing platform may identify, from amongst the plurality of users, a plurality of groups of users. The computing platform may identify, from amongst the permissions, a plurality of sets of permissions. Each set of permissions may include permissions shared by each user of a group of users of the plurality of groups of users. The computing platform may generate a graphical depiction of the plurality of groups of users and the plurality of sets of permissions. The graphical depiction may graphically depict, for each group of the plurality of groups, one or more sets of permissions, of the plurality of sets of permissions, shared by each user of the group.

Abstract: Systems and methods are provided for monitoring access of computing resources. Usage rules may be created and stored that define a usage constraint based on actions available to be performed at the computing resources. An authenticator may verify login credentials received from a user and authorize the user to access a computing resource. A request to perform an action at the computing resource may be received, and a usage monitor may apply a usage rule to the requested action. If the requested action violates the usage constraint of the usage rule, the usage monitor may halt performance of the requested action and notify another user of the usage constraint violation. The authenticator may receive and verify another set of login credentials from that other user. In response to successful verification of the additional set of login credentials, the usage monitor may resume performance of the requested action.

Abstract: Systems and methods are provide for reconciling access rights of a computing system are described. Access right information that respectively corresponds to access rights of a computing system may be obtained and evaluated. Reconciliation tasks may be performed using the access right information, and a reconciliation report may be generated during performance of at least one of the reconciliation tasks. The reconciliation report may indicate that one or more of the access rights should either be provisioned or revoked at the computing system.

Abstract: Systems and methods are provided for monitoring access of computing resources. Usage rules may be created and stored that define a usage constraint based on actions available to be performed at the computing resources. An authenticator may verify login credentials received from a user and authorize the user to access a computing resource. A request to perform an action at the computing resource may be received, and a usage monitor may apply a usage rule to the requested action. If the requested action violates the usage constraint of the usage rule, the usage monitor may halt performance of the requested action and notify another user of the usage constraint violation. The authenticator may receive and verify another set of login credentials from that other user. In response to successful verification of the additional set of login credentials, the usage monitor may resume performance of the requested action.

Abstract: Systems and methods of managing computing resources of a computing system are described. A computing resource list and computing resource information may be stored at a data store. The computing resource list may identify a set of computing resources of a computing system, and the computing resource information may respectively describe the computing resources. The computing resource list may be updated in response to a new computing resource being added to the computing system or in response to an existing computing resource being removed from the computing system. Evaluation tasks for the computing resources may be performed, and a resource evaluation report may be generated during performance of at least one of the evaluation reports.

Abstract: Systems and methods are provide for reconciling access rights of a computing system are described. Access right information that respectively corresponds to access rights of a computing system may be obtained and evaluated. Reconciliation tasks may be performed using the access right information, and a reconciliation report may be generated during performance of at least one of the reconciliation tasks. The reconciliation report may indicate that one or more of the access rights should either be provisioned or revoked at the computing system.

Abstract: Systems and methods are provided for monitoring access of computing resources. Usage rules may be created and stored that define a usage constraint based on actions available to be performed at the computing resources. An authenticator may verify login credentials received from a user and authorize the user to access a computing resource. A request to perform an action at the computing resource may be received, and a usage monitor may apply a usage rule to the requested action. If the requested action violates the usage constraint of the usage rule, the usage monitor may halt performance of the requested action and notify another user of the usage constraint violation. The authenticator may receive and verify another set of login credentials from that other user. In response to successful verification of the additional set of login credentials, the usage monitor may resume performance of the requested action.

Abstract: Systems, computer program products, and methods are described herein for a model framework and system for cyber security services. The present invention is configured to determine one or more access paths to the internal computing device from an external computing device; determine one or more controls associated with each access path; determine one or more types of access that may be made via one or more of the access paths by the external computing device to access the internal computing device; determine whether the one or more controls associated with the at least one of the one or more access paths is capable of detecting the access; determine one or more tools configured to regulate the one or more controls; and incorporate the one or more tools within the network to regulate the one or more controls to detect and monitor the access.

Abstract: Systems and methods of managing computing resources of a computing system are described. A computing resource list and computing resource information may be stored at a data store. The computing resource list may identify a set of computing resources of a computing system, and the computing resource information may respectively describe the computing resources. The computing resource list may be updated in response to a new computing resource being added to the computing system or in response to an existing computing resource being removed from the computing system. Evaluation tasks for the computing resources may be performed, and a resource evaluation report may be generated during performance of at least one of the evaluation task.

Abstract: Systems and methods for ensuring the quality of identity and access management information at a computing system are described. Access right information that respectively corresponds to one or more access rights may be stored at a data store. The access right information may be stored in accordance with a data model that defines respective relationships between the access rights and both the users having access to the computing system and the computing resources of the computing system. At least a portion of the access right information may be retrieved, and quality assurance tasks may be performed using the portion of the access right information retrieved.

Abstract: Systems and methods for ensuring the quality of identity and access management information at a computing system are described. Access right information that respectively corresponds to one or more access rights may be stored at a data store. The access right information may be stored in accordance with a data model that defines respective relationships between the access rights and both the users having access to the computing system and the computing resources of the computing system. At least a portion of the access right information may be retrieved, and quality assurance tasks may be performed using the portion of the access right information retrieved.

Abstract: Systems and methods for managing risk management rules are provided. A risk management rule may be configured at a rule configuration interface are described. The rule configuration interface may include a list of access rights available for selection. Based on input received, one of the access rights may be identified as a base access right and one of the access rights may be identified as a conflicting access right for the risk management rule. The access rights provisioned at the computing system may be monitored to determine whether a user is provisioned with both the base access right and the conflicting access right. If so, a violation review may be created and presented at a violation review interface at which a decision for the violation review is receivable. An exception to the risk management rule may also be configured at an exception configuration interface.

Abstract: Systems and methods of managing computing resources of a computing system are described. A computing resource list and computing resource information may be stored at a data store. The computing resource list may identify a set of computing resources of a computing system, and the computing resource information may respectively describe the computing resources. The computing resource list may be updated in response to a new computing resource being added to the computing system or in response to an existing computing resource being removed from the computing system. Evaluation tasks for the computing resources may be performed, and a resource evaluation report may be generated during performance of at least one of the evaluation reports.