Abstract: The subject disclosure relates to a knowledge-driven data quality solution that is based on a rich knowledge base. The data quality solution can provide continuous improvement and can be based on continuous (or on-going) knowledge acquisition. The data quality solution can be built once and can be reused for multiple data quality improvements, which can be for the same data or for similar data. The disclosed aspects are easy to use and focus on productivity and user experience. Further, the disclosed aspects are open and extendible and can be applied to cloud-based reference data (e.g., a third party data source) and/or user generated knowledge. According to some aspects, the disclosed aspects can be integrated with data integration services.

Abstract: An enterprise-wide sharing arrangement uses a semantic abstraction, called a security assessment, to share security-related information between different security products, called endpoints. A security assessment is defined as a tentative assignment by an endpoint of broader contextual meaning to information that is collected about an object of interest. Its tentative nature is reflected in two of its components: a fidelity field used to express the level of confidence in the assessment, and a time-to-live field for an estimated time period for which the assessment is valid. Endpoints may publish security assessments onto a security assessment channel, as well as subscribe to a subset of security assessments published by other endpoints. A specialized endpoint is coupled to the channel that performs as a centralized audit point by subscribing to all security assessments, logging the security assessments, and also logging the local actions taken by endpoints in response to security threats.

Abstract: An enterprise-wide sharing arrangement uses a semantic abstraction, called a security assessment, to share security-related information between security products, called endpoints. A security assessment is defined as a tentative assignment by an endpoint of broader contextual meaning to information that is collected about an object of interest. Endpoints utilize an architecture that comprises a common assessment sharing agent and a common assessment generating agent. The common assessment sharing agent is arranged for subscribing to security assessments, publishing security assessments onto a channel, maintaining an awareness of configuration changes on the channel (e.g., when a new endpoint is added or removed), and implementing security features like authorization, authentication and encryption.

Abstract: The subject disclosure relates to a knowledge-driven data quality solution that is based on a rich knowledge base. The data quality solution can provide continuous improvement and can be based on continuous (or on-going) knowledge acquisition. The data quality solution can be built once and can be reused for multiple data quality improvements, which can be for the same data or for similar data. The disclosed aspects are easy to use and focus on productivity and user experience. Further, the disclosed aspects are open and extendible and can be applied to cloud-based reference data (e.g., a third party data source) and/or user generated knowledge. According to some aspects, the disclosed aspects can be integrated with data integration services.

Abstract: The subject disclosure relates to a knowledge-driven data quality solution that is based on a rich knowledge base. The data quality solution can provide continuous improvement and can be based on continuous (or on-going) knowledge acquisition. The data quality solution can be built once and can be reused for multiple data quality improvements, which can be for the same data or for similar data. The disclosed aspects are easy to use and focus on productivity and user experience. Further, the disclosed aspects are open and extendible and can be applied to cloud-based reference data (e.g., a third party data source) and/or user generated knowledge. According to some aspects, the disclosed aspects can be integrated with data integration services.

Abstract: The subject disclosure relates to a knowledge-driven data quality solution that is based on a rich knowledge base. The data quality solution can provide continuous improvement and can be based on continuous (or on-going) knowledge acquisition. The data quality solution can be built once and can be reused for multiple data quality improvements, which can be for the same data or for similar data. The disclosed aspects are easy to use and focus on productivity and user experience. Further, the disclosed aspects are open and extendible and can be applied to cloud-based reference data (e.g., a third party data source) and/or user generated knowledge. According to some aspects, the disclosed aspects can be integrated with data integration services.

Abstract: The subject disclosure relates to a knowledge-driven data quality solution that is based on a rich knowledge base. The data quality solution can provide continuous improvement and can be based on continuous (or on-going) knowledge acquisition. The data quality solution can be built once and can be reused for multiple data quality improvements, which can be for the same data or for similar data. The disclosed aspects are easy to use and focus on productivity and user experience. Further, the disclosed aspects are open and extendible and can be applied to cloud-based reference data (e.g., a third party data source) and/or user generated knowledge. According to some aspects, the disclosed aspects can be integrated with data integration services.

Abstract: The subject disclosure relates to a knowledge-driven data quality solution that is based on a rich knowledge base. The data quality solution can provide continuous improvement and can be based on continuous (or on-going) knowledge acquisition. The data quality solution can be built once and can be reused for multiple data quality improvements, which can be for the same data or for similar data. The disclosed aspects are easy to use and focus on productivity and user experience. Further, the disclosed aspects are open and extendible and can be applied to cloud-based reference data (e.g., a third party data source) and/or user generated knowledge. According to some aspects, the disclosed aspects can be integrated with data integration services.

Abstract: Endpoints in an enterprise security environment are configured to adaptively switch from their normal data collection mode to a long-term, detailed data collection mode where advanced analyses are applied to the collected detailed data. Such adaptive data collection and analysis is triggered upon the receipt of a security assessment of a particular type, where a security assessment is defined as a tentative assignment by an endpoint of broader contextual meaning to information (i.e., data in some context) that is collected about an object of interest. A specialized endpoint is coupled to the security assessment channel and performs as a centralized audit point by subscribing to all security assessments, logging the security assessments, and also logging the local actions taken by endpoints in response to detected security incidents in the environment. The specialized endpoint is arranged to perform various analyses and processes on historical security assessments.

Abstract: An enterprise-wide sharing arrangement uses a semantic abstraction, called a security assessment, to share security-related information between security products, called endpoints. A security assessment is defined as a tentative assignment by an endpoint of broader contextual meaning to information that is collected about an object of interest. Endpoints utilize an architecture that comprises a common assessment sharing agent and a common assessment generating agent. The common assessment sharing agent is arranged for subscribing to security assessments, publishing security assessments onto a channel, maintaining an awareness of configuration changes on the channel (e.g., when a new endpoint is added or removed), and implementing security features like authorization, authentication and encryption.

Abstract: Endpoints in an enterprise security environment are configured to adaptively switch from their normal data collection mode to a long-term, detailed data collection mode where advanced analyses are applied to the collected detailed data. Such adaptive data collection and analysis is triggered upon the receipt of a security assessment of a particular type, where a security assessment is defined as a tentative assignment by an endpoint of broader contextual meaning to information (i.e., data in some context) that is collected about an object of interest. A specialized endpoint is coupled to the security assessment channel and performs as a centralized audit point by subscribing to all security assessments, logging the security assessments, and also logging the local actions taken by endpoints in response to detected security incidents in the environment. The specialized endpoint is arranged to perform various analyses and processes on historical security assessments.

Abstract: An enterprise-wide sharing arrangement uses a semantic abstraction, called a security assessment, to share security-related information between different security products, called endpoints. A security assessment is defined as a tentative assignment by an endpoint of broader contextual meaning to information that is collected about an object of interest. Its tentative nature is reflected in two of its components: a fidelity field used to express the level of confidence in the assessment, and a time-to-live field for an estimated time period for which the assessment is valid. Endpoints may publish security assessments onto a security assessment channel, as well as subscribe to a subset of security assessments published by other endpoints. A specialized endpoint is coupled to the channel that performs as a centralized audit point by subscribing to all security assessments, logging the security assessments, and also logging the local actions taken by endpoints in response to security threats.