Abstract: This disclosure describes techniques for defining security measures of a secure data corridor that enables data feeds to transmit from an ingress point to an egress point, while maintaining a desired security protection. This disclosure further describes techniques to quantify the desired security protection by determining and further associating a data sensitivity rating with individual data feeds in transmit through the secure data corridor. In some examples, the data sensitivity rating of the secure data corridor may be locked at a default rating that is commensurate with access permissions of a subject or a data sensitivity rating of an adjoining secure data container. Alternatively, the data sensitivity rating may be dynamically set based on data feeds transmitting through the secure data corridor or set based on the data sensitivity rating of data feeds at an ingress point or egress point of the secure data corridor.

Abstract: A similarity search may be performed on a digraph to identify additional attack vectors that are potentially under attack in response to an initial attack vector being under attack. Security event data that includes attack histories of assets and threat actor data on threat actors are received. A digraph that maps threat actors to attack vectors of the assets is generated based on the attack histories. A risk probability of attack may be calculated for an attack vector of an asset based on the digraph, such that the attack vector may be determined to be under attack in response to the risk probability exceeding a predetermined probability threshold. Subsequently, a similarity search on the digraph may be performed in view of the attack vector that is determined to be under attack to identify additional attack vectors of the asset or another other asset that are potentially under attack.

Abstract: A similarity search may be performed on a digraph to identify additional attack vectors that are potentially under attack in response to an initial attack vector being under attack. Security event data that includes attack histories of assets and threat actor data on threat actors are received. A digraph that maps threat actors to attack vectors of the assets is generated based on the attack histories. A risk probability of attack may be calculated for an attack vector of an asset based on the digraph, such that the attack vector may be determined to be under attack in response to the risk probability exceeding a predetermined probability threshold. Subsequently, a similarity search on the digraph may be performed in view of the attack vector that is determined to be under attack to identify additional attack vectors of the asset or another other asset that are potentially under attack.