Abstract: Systems and methods for an identity management router to allow application clients/servers to communicate via an identity management protocol to facilitate communication of identity management artifacts with a simplified topology. Specifically, embodiments of an IM router may adhere to various data protection requirements, including, but not limited to, local data protection regulations, when routing identity management information. The identity management router is location aware and applies data compliance policies for areas of data compliance to selectively route or not route identity management data based on location.

Abstract: Systems and methods for embodiments of artificial intelligence systems for identity management are disclosed. Embodiments of the identity management systems disclosed herein may support the correlation of identities from authoritative source systems and accounts from non-authoritative source systems using artificial intelligence techniques.

Abstract: Systems and methods for network security are provided. Various embodiments issue single use certificates for validating remote endpoints access to the private network. Some embodiments use a triage zone (or triage gateway) to which remote device can calls into using a static issued certificate. However, instead of granting complete access to the virtual private network, the use of this static certificate only grants access to the triage zone where further validation of the endpoint without any access to sensitive content on the private network. The endpoint can be connected to an ID manager within the triage zone. The endpoint can then send the username and password to the ID manager that can create a single use certificate (e.g., valid for a limited period of time). While valid, the single use certificate can be used by the remote device to gain access to the production zone using a VPN tunnel.

Abstract: Systems and methods for embodiments of incremental training of machine learning model in artificial intelligence systems are disclosed. Specifically, embodiments of incremental training of machine learning models using drift detection models are disclosed, including embodiments that utilize drift detection models to determine drift based on identity graphs in artificial intelligence identity management systems.

Abstract: Systems and methods for network security are provided. Various embodiments of the present technology provide an integrated security platform that combines PAM, CASB, identity access management, and multi-factor authentication onto one platform. This integration allows for a frictionless deployment that can be utilized by companies that may not have large teams of system administrators. As such, some embodiments provide a gateway solution and a proxy solution that is easy to deploy. The user equipment (e.g., computer, phone, point of sale terminal, etc.) can be used as a gateway. An agent can be included on each endpoint that combines gateway functionality of PAM and web rewrite and proxy functionality of a CASB deployment into an endpoint solution.

Abstract: Systems and methods for embodiments of artificial intelligence systems for identity management are disclosed. Specifically, embodiments of an identity management system may provide identity management in association with cloud services used by an enterprise and, in particular, may provide identity management in association with cloud based services that may be accessed through federated access providers.

Abstract: Systems and methods for embodiments of a graph based artificial intelligence systems for identity management are disclosed. Embodiments of the identity management systems disclosed herein may utilize a network graph approach to analyzing identities or entitlements of a distributed networked enterprise computing environment. Specifically, in certain embodiments, an artificial intelligence based identity management systems may utilize the peer grouping of an identity graph (or peer grouping of portions or subgraphs thereof) to identify roles from peer groups or the like.

Abstract: Systems and methods for embodiments of artificial intelligence systems for identity management are disclosed. Embodiments of the identity management systems disclosed herein may support the correlation of identities determined authoritative source systems with uncorrelated accounts within an enterprise using artificial intelligence techniques.

Abstract: Systems and methods for embodiments of artificial intelligence systems for identity management are disclosed. Embodiments of the identity management systems disclosed herein may support the creation, association, searching, or visualization of any relevant context to identity management assets for a variety of purposes, including for informing the identity management systems' manual or automated decisions, processes or workflows.

Abstract: Responsive to a user instruction or a security breach occurring in an enterprise computing environment, an emergency shutdown and restore module is adapted to obtain and evaluate an identity population definition to determine a population of identities (e.g., a forensic team) associated with accounts distributed across applications in the enterprise computing environment. The emergency shutdown and restore module is further adapted to determine source systems of such accounts and communicate with those source systems via source-specific connectors. The emergency shutdown and restore module can respectively request the source systems to shut down access to the applications by the accounts associated with the population of identities, or to exclude the accounts associated with the population of identities in shutting down access to the applications. After performing a security breach analysis, the emergency shutdown and restore module can request the source systems to restore access respectively.

Abstract: Systems and methods for embodiments of artificial intelligence systems for identity management are disclosed. Embodiments of the identity management systems disclosed herein may support the correlation of identities from authoritative source systems and accounts from non-authoritative source systems using artificial intelligence techniques.

Abstract: Systems and methods for artificial intelligence systems for identity management systems are disclosed. Embodiments may perform outlier detection and risk assessment based on identity management data, including one or more property graphs or peer groups determined from those property graphs, to determine identity management artifacts with ‘abnormal’ patterns when compared to other related identity management artifacts.

Abstract: Systems and methods for embodiments of a graph based artificial intelligence systems for identity management are disclosed. Embodiments of the identity management systems disclosed herein may utilize a network graph approach to analyzing roles of a distributed networked enterprise computing environment. Specifically, in certain embodiments, an artificial intelligence based identity management systems may utilize role graphs to assess the role structure of a distributed enterprise computing environment.

Abstract: Systems and methods for embodiments of a graph based artificial intelligence systems for identity management are disclosed. Embodiments of the identity management systems disclosed herein may utilize artificial intelligence approaches for determining health indicators for the identity management state of an enterprise. Specifically, in certain embodiments, an artificial intelligence based identity management systems may utilize one or more components to generate signals associated with the identity management state of an enterprise based on a network identity graph and evaluate feature spaces of these input signals from these components based on a global objective function or the like.

Abstract: Systems and methods for embodiments of identity management systems and data models used by identity management systems are disclosed. Embodiments of the identity management systems and associated data models as disclosed herein may associate identities with their respective entitlements, while preserving the hierarchy imposed by the source system from which those identities or entitlement were derived, including the hierarchical structure that resulted in the (direct or effective) assignment of such an entitlement, along with the hierarchical nature of the digital assets to which those entitlements pertain.

Abstract: Systems and methods for embodiments of a graph based artificial intelligence systems for identity management are disclosed. Embodiments of the identity management systems disclosed herein may utilize a network graph approach to analyzing identities or entitlements of a distributed networked enterprise computing environment. Specifically, in certain embodiments, an artificial intelligence based identity governance systems may include an intelligent decision support agent to provide an approval or denial recommendation for an access request. To provide an approval or denial recommendation, the intelligent agent may utilize a classifier trained on historical certification data. The intelligent agent may utilize features which represent relevant signals to the approval or denial decision including features that may be associated with a network graph of the identities and entitlements of the enterprise computing environment.

Abstract: Systems and methods for embodiments of a graph based artificial intelligence systems for identity management are disclosed. Embodiments of the identity management systems disclosed herein may utilize a network graph approach to analyzing identities, roles, entitlements or other identity management artifacts of a distributed networked enterprise computing environment. Specifically, embodiments of an artificial intelligence based identity management systems may perform predictive modeling for entitlement diffusion or role evolution or other aspects of identity management artifact using network identity graphs.

Abstract: Systems and methods for embodiments of artificial intelligence systems for identity management are disclosed. Embodiments of the identity management systems disclosed herein may support the creation, association, searching, or visualization of any relevant context to identity management assets for a variety of purposes, including the creation of nested identity management artifacts in a search index and search syntaxes for querying such nested artifacts.

Abstract: Systems and methods for embodiments of graph based and machine learning artificial intelligence systems for generating access item recommendations in an identity management system are disclosed. Embodiments of the identity management systems disclosed herein may utilize a graph based approach, a machine learning based approach, and hybrid combinations thereof for generating access item recommendations.

Abstract: Embodiments of a software services platform with a services infrastructure that allows standalone service to be run in association with other services deployed on a deployment platform. The service infrastructure and services may cooperate to ensure that that communications (associated with the standalone service are routed to that standalone service while communications for other services deployed in the software services may also continue communicating to receive and servicing requests for those services.