Abstract: Systems, computer program products, and methods are described herein for generating information security management packages through malware tracing, logging, and analysis. A system in accordance with embodiments of the present invention may be configured for receiving one or more trace log files from one or more artifact data collection computing systems; parsing the artifact data and metadata to identify one or more relationships between the target malware and one or more malware artifacts; based on parsing the artifact data and metadata, generating one or more nodes within a malware graph database; and executing a coverage analysis of an information security management package configured to detect a presence of the target malware.

Abstract: Systems, computer program products, and methods are described herein for generating information security management packages through malware tracing, logging, and analysis. A system in accordance with embodiments of the present invention may be configured for receiving one or more trace log files from one or more artifact data collection computing systems; parsing the artifact data and metadata to identify one or more relationships between the target malware and one or more malware artifacts; based on parsing the artifact data and metadata, generating one or more nodes within a malware graph database; and executing a coverage analysis of an information security management package configured to detect a presence of the target malware.

Abstract: Systems, computer program products, and methods are described herein for mapping information security configurations across technology platforms. The present invention is configured to electronically receive, from a computing device associated with a technology infrastructure, one or more responses to one or more queries; extract one or more security information and event management (SIEM) fields from the one or more responses; map the one or more SIEM fields to a generic content schema of a common information security model; generate a unique SIEM map for the technology infrastructure based on at least mapping the one or more SIEM fields to the generic content schema of the common information security model; generate a use case for the technology infrastructure using the common information security model; and transform the use case generated using the common information security model using the unique SIEM map.

Abstract: Systems, computer program products, and methods are described herein for mapping information security configurations across technology platforms. The present invention is configured to electronically receive, from a computing device associated with a technology infrastructure, one or more responses to one or more queries; extract one or more security information and event management (SIEM) fields from the one or more responses; map the one or more SIEM fields to a generic content schema of a common information security model; generate a unique SIEM map for the technology infrastructure based on at least mapping the one or more SIEM fields to the generic content schema of the common information security model; generate a use case for the technology infrastructure using the common information security model; and transform the use case generated using the common information security model using the unique SIEM map.