Abstract: A system and method to identify and prevent cybersecurity attacks on modern, highly-interconnected networks, to identify attacks before data loss occurs, using a combination of human level, device level, system level, and organizational level monitoring.

Abstract: A system and method for cybersecurity reconnaissance, analysis, and scoring that uses distributed, cloud-based computing services to provide sufficient scalability for analysis of enterprise IT networks using only publicly available characterizations. The system and method comprise an in-memory associative array which manages a queue of vulnerability search tasks through a public-facing proxy network. The public-facing proxy network has search nodes configurable to present the network to search tools in a desired manner to control certain aspects of the search to obtain the desired results. A distributed data processing engine and cloud-based storage are used to provide scalable computing power and storage. Each of the cloud-based computing services is containerized and orchestrated for management and efficient scaling purposes.

Abstract: A system and method for network cybersecurity analysis that uses user and entity behavioral analysis combined with network topology information to provide improved cybersecurity. The system and method involve gathering network entity information, establishing baseline behaviors for each entity, and monitoring each entity for behavioral anomalies that might indicate cybersecurity concerns. Further, the system and method involve incorporating network topology information into the analysis by generating a model of the network, annotating the model with risk and criticality information for each entity in the model and with a vulnerability level between entities, and using the model to evaluate cybersecurity risks to the network. Risks and vulnerabilities associated with user entities may be represented, in part or in whole, by the behavioral analyses and monitoring of those user entities.

Abstract: A system and method for network cybersecurity analysis that uses user and entity behavioral analysis combined with network topology information to provide improved cybersecurity. The system and method involve gathering network entity information, establishing baseline behaviors for each entity, and monitoring each entity for behavioral anomalies that might indicate cybersecurity concerns. Further, the system and method involve incorporating network topology information into the analysis by generating a model of the network, annotating the model with risk and criticality information for each entity in the model and with a vulnerability level between entities, and using the model to evaluate cybersecurity risks to the network. Risks and vulnerabilities associated with user entities may be represented, in part or in whole, by the behavioral analyses and monitoring of those user entities.

Abstract: A system for customized crowd-sourced data gathering and extraction wherein a client may request that certain data be gathered, and the system will optimally provide the data through a combination of stored data, one or more remote devices with sensing capabilities, and human operators. The system has predictive capability to optimize notifications to human operators likely to be in the area of a data gathering request at the necessary time and likely to be available to gather the requested data. Human operators may be compensated for their data gathering, and may gather data, or parts thereof, as an adjunct to other activities.

Abstract: A system for contextual data collection and extraction is provided, comprising an extraction engine configured to receive context from a user for desired information to extract, connect to a data source providing a richly formatted dataset, retrieve the richly formatted dataset, process the richly formatted dataset and extract information from a plurality of linguistic modalities within the richly formatted, and transform the extracted data into a extracted dataset; and a knowledge base construction service configured to retrieve the extracted dataset, create a knowledge base for storing the extracted dataset, and store the knowledge base in a data store.

Abstract: A system and method for comprehensive cybersecurity threat assessment of software applications based on the totality of vulnerabilities from all levels of the software supply chain. The system and method comprising analyzing the code and/or operation of a software application to determine components comprising the software, identifying the source of such components, determining vulnerabilities associated with those components, compiling a list of such components, creating a directed graph of relationships between the components and their sources, and evaluating the overall threat associated with the software application based its software supply chain vulnerabilities.

Abstract: A system for contextual and risk-based multi-factor authentication having a multi-dimensional time series data server configured to monitor and record a network's traffic data and to serve the traffic data to other modules and a directed computation graph module configured to receive network traffic data from the multi-dimensional time series data server, determine a network traffic baseline from the network traffic data, and determine a verification score needed before granting access based at least in part by the network traffic baseline. A plurality of verification methods build up a user's verification score to required level to gain access.

Abstract: A highly scalable distributed connection interface for data capture from multiple network service sources, comprising a connector module wherein, the connector module retrieves a plurality of operational data from a plurality of network data sources; employs a plurality of application programming interface routines to communicate with the plurality of operational data sources; accepts a plurality of analysis parameters and control commands directly from human interface devices or from one or more command and control storage devices; and specifies the action or actions to be taken on the retrieved operational data.

Abstract: A system and method for automated cybersecurity defensive strategy analysis that predicts the evolution of new cybersecurity attack strategies and makes recommendations for cybersecurity improvements to networked systems based on a cost/benefit analysis. The system and method use machine learning algorithms to run simulated attack and defense strategies against a model of the networked system created using a directed graph. Recommendations are generated based on an analysis of the simulation results against a variety of cost/benefit indicators.

Abstract: A highly scalable distributed connection interface for data capture from multiple network service sources, comprising a connector module wherein, the connector module retrieves a plurality of data from a plurality of network data sources; employs a plurality of application programming interface routines to communicate with the plurality of data sources; accepts a plurality of analysis parameters and control commands directly from human interface devices or from one or more command and control storage devices; and specifies the action or actions to be taken on the retrieved data.

Abstract: A system for insurance process management employing an advanced decision platform has been developed. A high speed data retrieval and storage module retrieves insurance related data from a plurality of sources. A predictive analytics module performs predictive analytics functions on normalized insurance related data. A predictive simulation module performs predictive simulation functions on normalized insurance related data. An interactive display module displays results of activity of the predictive analytics module and the predictive simulation module as pre-programmed by analysts of an investigation, and re-display results in ways differing by additional representation programming instructions over the course of a viewing session.

Abstract: A system and method for network cybersecurity analysis that uses user and entity behavioral analysis combined with network topology information to provide improved cybersecurity. The system and method involve gathering network entity information, establishing baseline behaviors for each entity, and monitoring each entity for behavioral anomalies that might indicate cybersecurity concerns. Further, the system and method involve incorporating network topology information into the analysis by generating a model of the network, annotating the model with risk and criticality information for each entity in the model and with a vulnerability level between entities, and using the model to evaluate cybersecurity risks to the network. Risks and vulnerabilities associated with user entities may be represented, in part or in whole, by the behavioral analyses and monitoring of those user entities.

Abstract: A system and method for crowd-sourced refinement of natural phenomenon for risk management and contract validation, comprising at least a heterogeneous mixture of sensors and data-gathering techniques, a sensor fusion suite, and a business operating system, which ingests, transforms if necessary, and analyzes received data and develops and applies models of prediction of consequences of the sensor data and future events based on such data for purposes such as insurance liability and risk assessment, emergency services planning, and financial market predictions, and comparing historical models and data with current data and models to attempt to refine and utilize a more precise predictive model for these purposes.

Abstract: A system and method for self-adjusting cybersecurity analysis and score generation, wherein a reconnaissance engine gathers data about a client's computer network from the client, from devices and systems on the client's network, and from the Internet regarding various aspects of cybersecurity. Each of these aspects is evaluated independently, weighted, and cross-referenced to generate a cybersecurity score by aggregating individual vulnerability and risk factors together to provide a comprehensive characterization of cybersecurity risk using a transparent and traceable methodology. The scoring system itself can be used as a state machine with the cybersecurity score acting as a feedback mechanism, in which a cybersecurity score can be set at a level appropriate for a given organization, and data from clients or groups of clients with more extensive reporting can be used to supplement data for clients or groups of clients with less extensive reporting to enhance cybersecurity analysis and scoring.

Abstract: A system for multitemporal data analysis is provided, comprising a directed computation graph service module configured to receive input data from a plurality of sources, analyze the input data to determine a best course of action for analyzing the input data, and split the input data for queueing to a general transformer service module or a decomposable service module based at least in part by analysis of the input data; a general transformer service module configured to receive data from the directed computation graph service module, and perform analysis on the received data; and a general transformer service module configured to receive data from directed computational graph module, and perform analysis on the received data.

Abstract: A system and method for creating a meta-model simulation of a domain-specific simulation model wherein one or more domain-specific simulation models are abstracted into a meta-model by creating behavior tree models of the objects, actors, and events contained in each domain-specific simulation model. The meta-model simulation may represent combined or merged functionality of domain-specific simulation models from different domains and may be dynamically adjusted during execution by altering one or more parameters of objects, actors, or events in the meta-model simulation.

Abstract: A system for hierarchical cooperative computing is provided, comprising a vector definition service configured to receive a user-submitted request, and compile the request into a vector; a rules engine configured to retrieve the vector from the vector definition service, and evaluate the vector for appropriateness; a parametric evaluator configured to parameterize the vector, and generate at least a run from the parameterized vector; and an optimizer configured to retrieve the run from the parametric evaluator, and determine an optimal plan for executing the user-submitted request.

Abstract: A system and methods for generating and applying learning agents in simulated environments, in which an agent simulation is selected, one or more agent goals are received, and agents are created which are individual instances of the agent simulation with each agent having at least one of the agent goals, wherein the agents are used in the execution of an environment simulation which dynamically changes based on the collective behavior of the agents.

Abstract: A system and method for analyzing integrated operational technology and information technology systems with sufficient granularity to predict their behavior with a high degree of accuracy. The system and method involve creating high-fidelity models of the operational technology and information technology systems using one or more cyber-physical graphs, performing parametric analyses of the models to identify key components, scaling the parametric analyses of the models to analyze the key components at a greater level of granularity, and iteratively improving the models testing them against in-situ data from the real-world systems represented by the high-fidelity models.