Abstract: In one aspect, a computerized method for attack generation on a data lake, comprises: for a data lake repository: providing an attack generation mimicry tool; with the attack generation mimicry tool: implementing a reconnaissance phase attack generation; implementing an infiltration phase attack generation on the data lake repository; implementing a hiding and data intelligence collection phase of the attack by hiding from any monitoring or notification system of the data lake repository and surveying the data lake repository to determine what data is worth abusing or exfiltrating from the data lake repository; implementing data gathering phase of the attack that gathers data about other objects, attributes, and relationships in the data lake repository; and implementing the exfiltration of the data or the abuse of the data.

Abstract: In one aspect, In one aspect, a computerized method for automatic grading, impact analysis and mapping to the CIA triad, comprising: identifying a value of a plurality of data stores; associating the value back to an attack scenario such that a measure of impact with respect to attack progression or susceptibility now has a pecuniary value and generating a grading score; associating the grading score mapped to Confidentiality, Integrity and Availability (CIA) Triad; associating an attack progression with the pecuniary value and priority; identifying a progression of the attack; determining a time that is available for a response before a damage occurs to a system under attack; determining a stage of the attack in an attack kill chain, wherein for every stage of the attack as the progress happens, associating the pecuniary value and an impact for such a stage; and automatically calculates an overall data threat grade of the system.

Abstract: In one aspect, a computerized method for detecting data abuse and data exfiltration in a data store or a data lakes cloud warehouse, comprising: identifying a plurality of Command and control (CnC) channels in an enterprise data cloud infrastructure; identifying and detecting malicious compressed data transfers and encrypted data transfers; implementing a destination analysis from within the data store; and implementing data abuse detection and prevention operations.