Abstract: A method for protecting an enterprise network includes, at a system that is remote from the enterprise network: controlling communications to and from the enterprise network according to a set of security policies; controlling endpoint to endpoint connections within the enterprise network according to the set of security policies; receiving a request for modifications to the set of policies; automatically generating a policy digest formatted according to a predefined format, the policy digest comprising the modifications, and storing the policy digest in the memory; retrieving the policy digest from the memory; generating one or more calls to one or more system components that control the communications to and from the enterprise network and the endpoint to endpoint connections based on the policy digest; and modifying control of the communications and the endpoint to endpoint connections based on the one or more calls.

Abstract: A computer network security system includes a central controller in communication with software-based endpoint agents operating on individual host computers. The endpoint agents monitor new connection requests to and from their respective hosts, comparing the connections to cached rules obtained from the controller, and holding new connections while escalating requests for applicable rules and/or directives to the controller in real-time when no applicable rules are available in their caches. The endpoint agents can be configured to present a pop-up dialog requesting enhanced authentication credentials from a user on a host in response to a connection request from a restricted network-based application. The pop-up dialog enables enhanced or two-factor authentication functionality to be overlaid on any networked application regardless of the application's inherent authentication capability.

Abstract: A method for assessing a cyber security risk, the method comprising the steps of: obtaining cyber security precursor information from a plurality of sources, wherein the cyber security precursor information can be obtained from one or more online or offline sources; normalizing the obtained cyber security precursor information to a common information model; generating, from the normalized cyber security precursor information, one or more events; producing, from the one or more generated events, one or more facts; calculating a plurality of risk indicators from the one or more facts; normalizing the plurality of risk indicators to a common model; calculating, using the normalized plurality of risk indicators, one or more cyber risk index component scores; and calculating, using the one or more cyber risk index component scores, a cyber risk indicator index.

Abstract: A method for assessing a cyber security risk, the method comprising the steps of: obtaining cyber security precursor information from a plurality of sources, wherein the cyber security precursor information can be obtained from one or more online or offline sources; normalizing the obtained cyber security precursor information to a common information model; generating, from the normalized cyber security precursor information, one or more events; producing, from the one or more generated events, one or more facts; calculating a plurality of risk indicators from the one or more facts; normalizing the plurality of risk indicators to a common model; calculating, using the normalized plurality of risk indicators, one or more cyber risk index component scores; and calculating, using the one or more cyber risk index component scores, a cyber risk indicator index.

Abstract: Method and system embodiments for assessing control maturity in security operations environments are described. According to some embodiments, the method facilitates a nonintrusive, automated means to configure and detect security controls installed in an Information Technology (IT) environment. The system verifies that these controls function as expected over a specified period of time and then maps each security control to a cell in a matrix of operational functions crossed with asset classes. The system captures metrics for security control activity that are displayed in the matrix to facilitate an assessment of security control architectural maturity. The system automatically generates visual and textual reports that provide recommendations to improve cybersecurity by enhancing existing and adding new controls, specify a suggested timeline for introducing those controls, and document gaps in compliance.

Abstract: A method for assessing a cyber security risk, the method comprising the steps of: obtaining cyber security precursor information from a plurality of sources, wherein the cyber security precursor information can be obtained from one or more online or offline sources; normalizing the obtained cyber security precursor information to a common information model; generating, from the normalized cyber security precursor information, one or more events; producing, from the one or more generated events, one or more facts; calculating a plurality of risk indicators from the one or more facts; normalizing the plurality of risk indicators to a common model; calculating, using the normalized plurality of risk indicators, one or more cyber risk index component scores; and calculating, using the one or more cyber risk index component scores, a cyber risk indicator index.