Abstract: Methods and systems to normalize an input table having a plurality of input table columns with a normalized table having a plurality of normalized table columns are disclosed. For each normalized column identifier associated with a normalized column of the normalized table, a compatibility score is computed for the normalized column identifier and each input column identifier associated with an input column of the input column table to provide set of compatibility scores associated with each normalized column identifier and input column identifier pair. A combinatorial optimization is applied to determine a match for each normalized column identifier with an input column identifier. Data associated with an input column of the input column identifier is mapped to the normalized column of the normalized column identifier matched with the input column identifier.

Abstract: In one implementation, a service interface analysis system defines a plurality of service templates based on a plurality of Uniform Resource Identifiers associated with a network service, and generates at least one utility measure of each service template from the plurality of service templates.

Abstract: Conjoint vulnerability identifiers are determined for a vulnerability, and priorities are determined for the conjoint vulnerability identifiers. A highest priority conjoint vulnerability identifier is selected. An entry in a vulnerability cross reference table is created that associates the highest priority conjoint vulnerability identifier with a lower priority conjoint vulnerability identifier.

Abstract: Analyzing vulnerability vector information includes collecting information for a test performed by a vulnerability assessment tool to detect a vulnerability. Attributes of the test are determined from the collected information and are used to determine if there any matches with information in a security vulnerabilities information source.

Abstract: In one implementation, a service interface analysis system defines a plurality of service templates based on a plurality of Uniform Resource Identifiers associated with a network service, and generates at least one utility measure of each service template from the plurality of service templates.

Abstract: A system and method for protection of Web based applications are described. Anomalous traffic can be identified by comparing the traffic to a profile of acceptable user traffic when interacting with the application. Excessive access rates are one type of anomalous traffic that is detected by monitoring a source and determining whether the number of requests that the source generates within a specific time frame is above a threshold. The anomalous traffic, or security events, identified at the individual computer networks are communicated to a central security manager. The central security manager correlates the security events at the individual computer networks to determine if there is an enterprise wide security threat. The central security manager can then communicate instructions to the individual computer networks so as to provide an enterprise wide solution to the threat. Various responsive actions may be taken in response to detection of an excessive access rate.