Abstract: A system for identifying anomalies in an information system is typically configured for: collecting information regarding a hierarchy of capabilities, a hierarchy of resources, capability instances, and resource instances of the information system; storing, in a graph database, nodes corresponding to the hierarchy of capabilities, hierarchy of resources, capability instances, and resource instances; collecting information regarding relationships among the hierarchy of capabilities, hierarchy of resources, capability instances, and resource instances; defining, in the graph database, edges corresponding to the relationships among the hierarchy of capabilities, hierarchy of resources, capability instances, and resource instances; collecting event and/or state data for the information system; comparing the event and/or state data to the graph database and determining that an event and/or state is anomalous; and, in response to determining that the event and/or state is anomalous, taking an information security a

Abstract: Systems, computer program products, and methods are described herein for identifying threat vectors and implementing controls for securing resources within a network. The present invention is configured to determine one or more threat vectors associated with the resource; determine one or more controls associated with each of the one or more threat vectors associated with the resource; determine whether the one or more controls associated with the at least one of the one or more threat vectors is capable of detecting the access by an external computing device via at least one of the one or more types of access; and dynamically generate a graphical representation of the resource and the one or more threat vectors based on at least the received analysis request.

Abstract: Systems, computer program products, and methods are described herein for creating reusable resource-centric threat models and identifying controls for securing resources within a network. The present invention is configured to determine that an internal resource in a network requires protection from unauthorized external access; electronically receive information associated with the internal resource within the network; determine one or more threat vectors associated with the internal resource; electronically retrieve from a controls library, a control template associated with a resource category matching the resource category of the internal resource; and apply the control template to the internal resource.

Abstract: Systems, computer program products, and methods are described herein for identifying threat vectors and implementing controls for securing resources within a network. The present invention is configured to determine one or more threat vectors associated with the resource; determine one or more controls associated with each of the one or more threat vectors associated with the resource; determine whether the one or more controls associated with the at least one of the one or more threat vectors is capable of detecting the access by an external computing device via at least one of the one or more types of access; and dynamically generate a graphical representation of the resource and the one or more threat vectors based on at least the received analysis request.

Abstract: Systems, computer program products, and methods are described herein for creating reusable resource-centric threat models and identifying controls for securing resources within a network. The present invention is configured to determine that an internal resource in a network requires protection from unauthorized external access; electronically receive information associated with the internal resource within the network; determine one or more threat vectors associated with the internal resource; electronically retrieve from a controls library, a control template associated with a resource category matching the resource category of the internal resource; and apply the control template to the internal resource.