Abstract: A plurality of communicatively coupled, networked assets may be threatened or attacked by a cybersecurity attack. The operational resiliency of the computer network determines whether the cybersecurity attack leads to a shutdown of one or more assets, or even the entire computer network. Machines and processes are disclosed to improve operational cybersecurity resiliency of software on the computer network. Machine learning is used to identify potential vulnerabilities from a vulnerability database. Chaos stress testing using a machine learning algorithm can be performed on software to exploit the vulnerabilities. A blast radius can be set to minimize any potential negative side effects of the testing. Software can be remediated to account for responses to the testing by reconfiguring to prevent exploitation of the vulnerabilities. A financial impact of the exploited vulnerabilities can be calculated and reports can be generated.

Abstract: An information security system that includes an information security engine configured to detect an attack by a malicious software element in a network. The information security engine is further configured to transfer the malicious software element from the network to the emulated network in response to detecting an attack. The information security engine is further configured to select defense strategies for restricting communications using different port configurations and to implement each defense strategy within the emulated network. The information security engine is further configured to execute a duplicate of the malicious software element in the emulated network and to determine a performance level for each of the defense strategies against the duplicate of the malicious software element. The information security engine is further configured to select a defense strategy with a highest performance level and to implement the selected defense strategy within the network.

Abstract: A device is configured to establish a network connection with a virtual reality device and to identify a user account that is associated with the virtual reality device. The device is further configured to send a virtual simulation survey to the virtual reality device. The virtual simulation survey includes a list of virtual simulations that can be rendered by the virtual reality device. The device is further configured to receive a survey response from the virtual reality device. The survey response identifies one or more virtual simulations from the list of virtual simulations. The device is further configured to determine a cumulative user preference settings value based on the virtual simulations identified in the survey response and to modify user preference settings within the user account based on the cumulative user preference settings value.

Abstract: A plurality of communicatively coupled, networked assets may be threatened or attacked by a cybersecurity attack. The operational resiliency of the computer network determines whether the cybersecurity attack leads to a shutdown of one or more assets, or even the entire computer network. A cybersecurity server selectively restricts and controls the data flow over the network and transforms a configurable, networked asset from a low, medium, and high cybersecurity mode. The cybersecurity server may reside on a firewall device or other networked device, and adjusts the cybersecurity mode based on a criticality score that measures the operational resiliency of the computer network. The criticality score changes as cybersecurity threats or attacks are identified and as mitigation strategies are implemented on the networked assets.

Abstract: A plurality of communicatively coupled, networked assets of an organization may be threatened or attacked by a cybersecurity attack or other form of attack. Control mechanisms may be installed and established to protect against specific cybersecurity attacks and other infiltrations. Machine learning and predictive analytics are used to more appropriately match specific attacks and threats against specific control mechanisms, accounting for dimensionality of control mechanisms. The matching of attack patterns and control mechanisms may use test scripts that operate on data pulled from the organization's systems of record. A factor analysis of information risk (FAIR) may be performed and visual threat models may be automatically generated that show the mapping between a threat actor, attack type, control environment including dimensionality, the targeted system, and the impact on the organization.

Abstract: An information security system that includes an information security engine configured to monitor data transmissions within a network and to detect a first attack by a malicious software element. The information security engine is further configured to detect a second attack by the malicious software element within a predetermined time interval from the first attack and to transfer the malicious software element from the network to an emulated network in response to detecting the second attack. The information security engine is further configured to generate an attack log comprising behavior characteristics for attacks performed by the malicious software element in the emulated network and to train a machine learning model based on behavior characteristics from the attack log.

Abstract: A device is configured to establish a network connection with a virtual reality device and to identify a user account that is associated with the virtual reality device. The device is further configured to send a virtual simulation survey to the virtual reality device. The virtual simulation survey includes a list of virtual simulations that can be rendered by the virtual reality device. The device is further configured to receive a survey response from the virtual reality device. The survey response identifies one or more virtual simulations from the list of virtual simulations. The device is further configured to determine a cumulative user preference settings value based on the virtual simulations identified in the survey response and to modify user preference settings within the user account based on the cumulative user preference settings value.

Abstract: Aspects of the disclosure relate to multi-factor authentication based on biological signals. A computing platform may detect an indication to authenticate a user of the user device. Subsequently, the computing platform may trigger, based on the detecting, the at least one physical sensor to capture one or more biological signals emitted by the user. Then, the computing platform may transform each of the one or more captured biological signals to binary valued data. Then, the computing platform may generate, based on the binary valued data, a security credential associated with the user. Subsequently, the computing platform may retrieve, from a database, a stored security credential. Then, the computing platform may compare the generated security credential with the stored security credential. Subsequently, the computing platform may, based on a determination that the generated security credential is within a threshold of the stored security credential, authenticate the user of the user device.

Abstract: An information security system that includes an information security engine configured to detect an attack by a malicious software element in a network. The information security engine is further configured to transfer the malicious software element from the network to the emulated network in response to detecting an attack. The information security engine is further configured to select defense strategies for restricting communications using different port configurations and to implement each defense strategy within the emulated network. The information security engine is further configured to execute a duplicate of the malicious software element in the emulated network and to determine a performance level for each of the defense strategies against the duplicate of the malicious software element. The information security engine is further configured to select a defense strategy with a highest performance level and to implement the selected defense strategy within the network.

Abstract: A plurality of communicatively coupled, networked assets may be threatened or attacked by a cybersecurity attack. The operational resiliency of the computer network determines whether the cybersecurity attack leads to a shutdown of one or more assets, or even the entire computer network. Machines and processes are disclosed to improve operational cybersecurity resiliency of software on the computer network. Machine learning is used to identify potential vulnerabilities from a vulnerability database. Chaos stress testing using a machine learning algorithm can be performed on software to exploit the vulnerabilities. A blast radius can be set to minimize any potential negative side effects of the testing. Software can be remediated to account for responses to the testing by reconfiguring to prevent exploitation of the vulnerabilities. A financial impact of the exploited vulnerabilities can be calculated and reports can be generated.

Abstract: An information security system that includes an information security engine configured to monitor data transmissions within a network and to detect a first attack by a malicious software element. The information security engine is further configured to detect a second attack by the malicious software element within a predetermined time interval from the first attack and to transfer the malicious software element from the network to an emulated network in response to detecting the second attack. The information security engine is further configured to generate an attack log comprising behavior characteristics for attacks performed by the malicious software element in the emulated network and to train a machine learning model based on behavior characteristics from the attack log.

Abstract: A plurality of communicatively coupled, networked assets of an organization may be threatened or attacked by a cybersecurity attack or other form of attack. Control mechanisms may be installed and established to protect against specific cybersecurity attacks and other infiltrations. Machine learning and predictive analytics are used to more appropriately match specific attacks and threats against specific control mechanisms, accounting for dimensionality of control mechanisms. The matching of attack patterns and control mechanisms may use test scripts that operate on data pulled from the organization's systems of record. A factor analysis of information risk (FAIR) may be performed and visual threat models may be automatically generated that show the mapping between a threat actor, attack type, control environment including dimensionality, the targeted system, and the impact on the organization.

Abstract: A plurality of communicatively coupled, networked assets may be threatened or attacked by a cybersecurity attack. The operational resiliency of the computer network determines whether the cybersecurity attack leads to a shutdown of one or more assets, or even the entire computer network. A cybersecurity server selectively restricts and controls the data flow over the network and transforms a configurable, networked asset from a low, medium, and high cybersecurity mode. The cybersecurity server may reside on a firewall device or other networked device, and adjusts the cybersecurity mode based on a criticality score that measures the operational resiliency of the computer network. The criticality score changes as cybersecurity threats or attacks are identified and as mitigation strategies are implemented on the networked assets.

Abstract: Methods, systems, and computing platforms for data communication are disclosed. Computing platforms may be configured to electronically process with a machine learning controller, a set of network system diagrams to create a set of virtual node system data. The computing platform(s) may be configured to electronically create a computer readable database including a plurality of network record connections based on the set of virtual node system data. The computing platform(s) may be configured to electronically process the computer readable database to output a set of cyber-vector entryways. The computing platform(s) may be configured to electronically process the set of cyber-vector entryways with the machine learning controller based on a machine learning training data set of centrality of nodes to output a set of most probable cyber-vector routing conduits.