Abstract: Systems, computer program products, and methods are described herein for mapping information security configurations across technology platforms. The present invention is configured to electronically receive, from a computing device associated with a technology infrastructure, one or more responses to one or more queries; extract one or more security information and event management (SIEM) fields from the one or more responses; map the one or more SIEM fields to a generic content schema of a common information security model; generate a unique SIEM map for the technology infrastructure based on at least mapping the one or more SIEM fields to the generic content schema of the common information security model; generate a use case for the technology infrastructure using the common information security model; and transform the use case generated using the common information security model using the unique SIEM map.

Abstract: An electronically lockable, electrical plug configured to communicate power and data signals to mobile electronic devices (MED) includes a male electrical plug body insertable into a female electrical socket of the MED and plurality of electrical contacts defined in the male electrical plug for communicating the power and data signals to and from the MED, via corresponding electrical contacts associated with an MED electrical socket. The MED electrical socket is shaped and sized to physically receive and support therein said male electrical plug body.

Abstract: Embodiments described herein provide for performing a risk assessment using graph-derived features of a user interaction. A computer receives interaction information and infers information from the interaction based on information provided to the computer by a communication channel used in transmitting the interaction information. The computer may determine a claimed identity of the user associated with the user interaction. The computer may extract features from the inferred identity and claimed identity. The computer generates a graph representing the structural relationship between the communication channels and claimed identities associated with the inferred identity and claimed identity. The computer may extract additional features from the inferred identity and claimed identity using the graph. The computer may apply the features to a machine learning model to generate a risk score indicating the probability of a fraudulent interaction associated with the user interaction.

Abstract: Provision of a virtual secure cryptoprocessor (VSC) for a guest virtual machine (VM), part of a first guest, of a hypervisor of a computer system, includes (i) storing guest VM state and VSC state together in an encrypted virtual hard disk drive file, (ii) storing a decryption key in a sealed partition, of a second guest, sealed against a physical secure cryptoprocessor, (iii) based on verifying that a host computing environment of the computer system is in a trusted state and on booting the hypervisor thereon, unsealing the sealed partition of the second guest, the unsealing providing the decryption key, and decrypting the encrypted virtual hard disk drive file using the decryption key, where the decrypting decrypts the stored guest VM state for execution of the guest VM and decrypts the VSC state to provide the VSC for use by the guest VM.

Abstract: In one aspect, a computerized-process for implementing Security Assessment For Enterprise (SAFE) Scoring Model include the step of generating a cybersecurity model by the following steps. The process determines a Governance Policy Score. The process determines a People Awareness Score. The process determines a Cybersecurity Architecture Score. The process determines an External Score. The process determines a Technology Score.

Abstract: Disclosed are systems and methods including computing-processes executing machine-learning architectures implementing label distribution loss functions to improve age estimation performance and generalization. The machine-learning architecture includes a front-end neural network architecture defining a speaker embedding extraction engine of the machine-learning architecture, and a backend neural network architecture defining an age estimation engine of the machine-learning architecture. The embedding extractor is trained to extract low-level acoustic features of a speaker's speech, such as mel-frequency cepstral coefficients (MFCCs), from audio signals, and then extract a feature vector or speaker embedding vector that mathematically represents the low-level features of the speaker. The age estimator is trained to generate an estimated age for the speaker and a Gaussian probability distribution around the estimated age, by applying the various types of layers of the age estimator on the speaker embedding.

Abstract: Bandwidth throttling in a browser isolation environment is disclosed. A request is received from a client browser executing on a client device to connect with a remote resource. The browser isolation system provides a surrogate browser to facilitate communications between the client browser and the remote resource. A throttle is applied to a portion of content delivered to the client browser in response to the received request.

Abstract: Disclosed is a method and apparatus for performing steps to cause encoded information to be stored at a client device during a first network session between a server and the client device. To cause encoded information to be stored at a client device, the server first determines a set of network resource requests that encode the information. These network resource requests may include requests for one or more specific URLs and/or requests for one or more files. The server then causes the client device to initiate the network resource requests. The server may cause this initiation by, for example, redirecting the client device to the network resources. The client device initiating the network resource requests causes data representative of the network resource requests to be stored at the client device.

Abstract: Disclosed techniques include integrated cybersecurity threat management. A plurality of network-connected cybersecurity threat protection applications is accessed. A plurality of heterogeneous log files is ingested, wherein the log files are generated by at least two of the cybersecurity threat protection applications. The plurality of heterogeneous log files that were ingested is evaluated to enable identification of cybersecurity threat protection application capabilities. Each of the plurality of log files is sorted. The sorting enables identification of cybersecurity threat protection elements among the plurality of log files. The cybersecurity threat protection elements that were identified are integrated. The integrated cybersecurity threat protection elements are evaluated. At least one response for cybersecurity threat management is generated, based on a result of the evaluating. The response is provided to a cybersecurity threat management entity.

Abstract: A system comprises a web-cloud security subsystem that hosts, manages, and analyzes data related to a plurality of hosted applications that provide at least one of physical access control, surveillance, alarm management, visitor management, and elevator management; at least one physical security subsystem that exchanges data with a corresponding hosted application of the web-cloud security subsystem; and a real-time control and monitoring device that provides secure access of the web-cloud security subsystem.

Abstract: Systems and methods for sharing secrets including passwords, keys, and other confidential information used in computing environments. A secrets record generated at a secrets vault client device is encrypted using an application key associated with a computing environment. The encrypted secrets record is stored in the secrets vault server. The secrets vault client device configures a sharing client device and associated with an access token. The secrets vault client device hashes the access token and sends to the secrets vault server as a client identifier. The sharing client device performs a first-time authentication using a hashed access token with the secrets vault server. Upon successful authentication, the sharing client device requests secrets records from the secrets vault server using the client identifier.

Abstract: Observing and/or monitoring a computer network that includes a plurality of nodes may involve detecting one or more data flows, or communications, between two or more nodes of the computer network. The data flow(s) may be associated with a user of the computer network. The user may be an individual person, an entity, and/or a software application. A characteristic of the data flow and the user may be determined and these characteristics may be used to determine a level of security risk caused by the data flow in the network. Then, when the level of security risk is above a risk threshold, an alert may be communicated to an operator of the computer network. The alert may be, for example, a message (e.g., email, SMS text message, etc.) and/or display of an icon, or an aspect (e.g., size, color, and/or location) of an icon provided on a graphical user interface (GUI).

Abstract: The present invention is directed to a deep neural network (DNN) having a triplet network architecture, which is suitable to perform speaker recognition. In particular, the DNN includes three feed-forward neural networks, which are trained according to a batch process utilizing a cohort set of negative training samples. After each batch of training samples is processed, the DNN may be trained according to a loss function, e.g., utilizing a cosine measure of similarity between respective samples, along with positive and negative margins, to provide a robust representation of voiceprints.

Abstract: A network-accessible service provides an enterprise with a view of all identity and data activity in the enterprise's cloud accounts. The service enables distinct cloud provider management models to be normalized with centralized analytics and views across large numbers of cloud accounts. The service enables an enterprise to model all activity and relationships across cloud vendors, accounts and third party stores. Display views of this information preferably can pivot on cloud provider, country, cloud accounts, application or data store. Using a domain-specific query language, the system enables rapid interrogation of a complete and centralized data model of all data and identity relationships. User reports may be generated showing all privileges and data to which a particular identity has access. Similarly, data reports shown all entities having access to an asset can be generated.

Abstract: A system for identifying an aspect of interest on a vehicle that includes a local AI system that can analyze sensor data from an on-site sensor to make an attempt to identify the aspect of interest according to first criterion. The aspect of interest can be information printed on the vehicle and/or on a seal of the vehicle. If the local AI system is unable to identify and validate the information on the first effort, it can consult with a central/global AI system that can leverage its own database and other local systems at other locations for subsequent attempts at identifying and validating the aspects of interest.

Abstract: Apparatuses, methods, systems, and program products are disclosed for endpoint-based security. An apparatus includes a network module that is configured to receive, at an end user device, a request for content from a network source. An apparatus includes a policy module that is configured to compare a network source of requested content against a policy that is stored on an end user device prior to the content being allowed on the end user device. An apparatus includes an action module that is configured to segment network traffic associated with a request for content from a network source, based on a comparison of the network source against a policy, between at least one of directly accessing the content from the network source and indirectly accessing the content via a remote cloud device by rerouting the network traffic from an end user device to the remote cloud device.

Abstract: Apparatuses, methods, systems, and program products are disclosed for endpoint-based security. An apparatus includes a network module that is configured to receive, at an end user device, a request for content from a network source. An apparatus includes a policy module that is configured to compare a network source of requested content against a policy that is stored on an end user device prior to the content being allowed on the end user device. An apparatus includes an action module that is configured to modify at least one header in a request for content based on a requirement for a network source.

Abstract: Apparatuses, methods, systems, and program products are disclosed for endpoint-based security. An apparatus includes a network module that is configured to receive, at an end user device, a request for content from a network source. An apparatus includes a policy module that is configured to compare a network source of requested content against a policy that is stored on an end user device prior to the content being allowed on the end user device. An apparatus includes an action module that is configured to replay at least one header of the request for content at a remote device where the requested content is further analyzed based on the comparison between the network source of the requested content and the policy.

Abstract: A computer may train a single-class machine learning using normal speech recordings. The machine learning model or any other model may estimate the normal range of parameters of a physical speech production model based on the normal speech recordings. For example, the computer may use a source-filter model of speech production, where voiced speech is represented by a pulse train and unvoiced speech by a random noise and a combination of the pulse train and the random noise is passed through an auto-regressive filter that emulates the human vocal tract. The computer leverages the fact that intentional modification of human voice introduces errors to source-filter model or any other physical model of speech production. The computer may identify anomalies in the physical model to generate a voice modification score for an audio signal. The voice modification score may indicate a degree of abnormality of human voice in the audio signal.

Abstract: Embodiments described herein provide for passive caller verification and/or passive fraud risk assessments for calls to customer call centers. Systems and methods may be used in real time as a call is coming into a call center. An analytics server of an analytics service looks at the purported Caller ID of the call, as well as the unaltered carrier metadata, which the analytics server then uses to generate or retrieve one or more probability scores using one or more lookup tables and/or a machine-learning model. A probability score indicates the likelihood that information derived using the Caller ID information has occurred or should occur given the carrier metadata received with the inbound call. The one or more probability scores be used to generate a risk score for the current call that indicates the probability of the call being valid (e.g., originated from a verified caller or calling device, non-fraudulent).