Abstract: Disclosed herein is a system for minimizing the amount of time it takes to process and understand an unstructured, text-heavy document that includes important security-related information. The system uses a model that implements natural language processing techniques to semantically analyze an unstructured, text-heavy document, in order to identify notable security features useable to resolve the security issues in a more effective and efficient manner (e.g., without the need for a technical security professional). More specifically, the system receives an unstructured document that includes text which may be provided by multiple different security providers. The system is configured to apply the model to various text segments (e.g., a phrase, a sentence, a paragraph, etc.) included in the unstructured document to identify notable security features. The model can then associate the notable security features with a prescribed set of mitigation actions that can be implemented to resolve a security issue.

Abstract: Generally discussed herein are devices, systems, and methods for improved cyber attack response. A method can include receiving, at a compute device, a natural language description of activity on a computer network, executing, based on the natural language description, a natural language processing (NLP) model to provide a tactic and technique of a cyber attack associated with the natural language description, determining, based on the provided tactic and technique, a response to mitigate the cyber attack, and implementing the determined response on the computer network.

Abstract: Disclosed herein is a system for minimizing the amount of time it takes to process and understand an unstructured, text-heavy document that includes important security-related information. The system uses a model that implements natural language processing techniques to semantically analyze an unstructured, text-heavy document, in order to identify notable security features useable to resolve the security issues in a more effective and efficient manner (e.g., without the need for a technical security professional). More specifically, the system receives an unstructured document that includes text which may be provided by multiple different security providers. The system is configured to apply the model to various text segments (e.g., a phrase, a sentence, a paragraph, etc.) included in the unstructured document to identify notable security features. The model can then associate the notable security features with a prescribed set of mitigation actions that can be implemented to resolve a security issue.

Abstract: In one aspect, a method to assess information security vulnerability of an enterprise includes storing enterprise objectives in a computer system, storing enterprise resources determined using a value criterion, a rareness criterion, an inimitability criterion and a non-substitutability criterion in the computer system and storing enterprise information assets in the computer system. The method also includes mapping the enterprise objectives with the enterprise resources and mapping the enterprise information assets with the enterprise resources. The method further includes determining a threat analysis using an attack tree using the enterprise resources and the information assets and determining a risk value using the attack tree.

Abstract: In one aspect, a method to assess information security vulnerability of an enterprise includes storing enterprise objectives in a computer system, storing enterprise resources determined using a value criterion, a rareness criterion, an inimitability criterion and a non-substitutability criterion in the computer system and storing enterprise information assets in the computer system. The method also includes mapping the enterprise objectives with the enterprise resources and mapping the enterprise information assets with the enterprise resources. The method further includes determining a threat analysis using an attack tree using the enterprise resources and the information assets and determining a risk value using the attack tree.