Abstract: A system determines a baseline cyberthreat-risk score for a user, and displays the baseline cyberthreat-risk score via a user interface. The system presents at least one cyberthreat-education activity via the user interface, and receives, via the user interface, at least one user input associated with the presented at least one cyberthreat-education activity. The system generates an updated cyberthreat-risk score at least in part by updating the baseline cyberthreat-risk score based at least in part on the user input, and displays the updated cyberthreat-risk score via the user interface.

Abstract: One or more embodiments of techniques or systems for session management, security scoring, and friction management are provided herein. Sessions may be monitored for commonalities or other attributes or aspects and closed, terminated, or a freeze placed on additional sessions from being initiated. A security score may be provided which is indicative of how secure a user is with respect to one or more ways the user interacts with a resource. One or more suggested actions or score improvement strategies may be suggested to facilitate improvement of a security score for a user. Friction management may be provided by having one or more additional layers of security applied to an account of a user or an entity based on suspicious behavior or other factors.

Abstract: Systems and techniques for centralized threat intelligence are described herein. A connection may be established to a plurality of threat data sources. An anonymized set of threat data may be obtained by application of a set of privacy rules to the threat data from the plurality of threat data. A threat database may be populated with the anonymized set of threat data. A registration request may be received for a user of a device. A unique user identifier may be assigned for the user and a unique device identifier may be assigned for the device. A threat model may be generated based on a set of the characteristics from the threat database. A set of data access attributes may be received for a data access request. The data access request may be blocked based on an evaluation of the data access attributes using the threat model.

Abstract: One or more embodiments of techniques or systems for session management, security scoring, and friction management are provided herein. Sessions may be monitored for commonalities or other attributes or aspects and closed, terminated, or a freeze placed on additional sessions from being initiated. A security score may be provided which is indicative of how secure a user is with respect to one or more ways the user interacts with a resource. One or more suggested actions or score improvement strategies may be suggested to facilitate improvement of a security score for a user. Friction management may be provided by having one or more additional layers of security applied to an account of a user or an entity based on suspicious behavior or other factors.

Abstract: Systems and techniques for centralized threat intelligence are described herein. A connection may be established to a plurality of threat data sources. An anonymized set of threat data may be obtained by application of a set of privacy rules to the threat data from the plurality of threat data. A threat database may be populated with the anonymized set of threat data. A registration request may be received for a user of a device. A unique user identifier may be assigned for the user and a unique device identifier may be assigned for the device. A threat model may be generated based on a set of the characteristics from the threat database. A set of data access attributes may be received for a data access request. The data access request may be blocked based on an evaluation of the data access attributes using the threat model.

Abstract: Disclosed herein are systems and methods for establishing, using, and recovering universal digital identifiers. In an embodiment, a system establishes a universal identifier (ID) associated with a user and a device of the user. The universal ID is universal with respect to a plurality of distinct entities, has at least a suspended state and an unsuspended state, and initially is in the unsuspended state. The system transmits the universal ID to the device of the user. Thereafter, the system detects an ID-suspension event in connection with the universal ID, and responsively suspends the universal ID, including placing the universal ID in the suspended state. After suspending the universal ID, the system completes an ID-recovery process for the universal ID, and responsively unsuspends the universal ID, including placing the universal ID in the unsuspended state.

Abstract: Systems and techniques for centralized threat intelligence are described herein. A connection may be established to a plurality of threat data sources. An anonymized set of threat data may be obtained by application of a set of privacy rules to the threat data from the plurality of threat data. A threat database may be populated with the anonymized set of threat data. A registration request may be received for a user of a device. A unique user identifier may be assigned for the user and a unique device identifier may be assigned for the device. A threat model may be generated based on a set of the characteristics from the threat database. A set of data access attributes may be received for a data access request. The data access request may be blocked based on an evaluation of the data access attributes using the threat model.

Abstract: Systems and techniques for centralized threat intelligence are described herein. A connection may be established to a plurality of threat data sources. An anonymized set of threat data may be obtained by application of a set of privacy rules to the threat data from the plurality of threat data. A threat database may be populated with the anonymized set of threat data. A registration request may be received for a user of a device. A unique user identifier may be assigned for the user and a unique device identifier may be assigned for the device. A threat model may be generated based on a set of the characteristics from the threat database. A set of data access attributes may be received for a data access request. The data access request may be blocked based on an evaluation of the data access attributes using the threat model.

Abstract: Disclosed herein are systems and methods for establishing, using, and recovering universal digital identifiers. In an embodiment, a system establishes a universal identifier (ID) associated with a user and a device of the user. The universal ID is universal with respect to a plurality of distinct entities, has at least a suspended state and an unsuspended state, and initially is in the unsuspended state. The system transmits the universal ID to the device of the user. Thereafter, the system detects an ID-suspension event in connection with the universal ID, and responsively suspends the universal ID, including placing the universal ID in the suspended state. After suspending the universal ID, the system completes an ID-recovery process for the universal ID, and responsively unsuspends the universal ID, including placing the universal ID in the unsuspended state.

Abstract: One or more embodiments of techniques or systems for session management, security scoring, and friction management are provided herein. Sessions may be monitored for commonalities or other attributes or aspects and closed, terminated, or a freeze placed on additional sessions from being initiated. A security score may be provided which is indicative of how secure a user is with respect to one or more ways the user interacts with a resource. One or more suggested actions or score improvement strategies may be suggested to facilitate improvement of a security score for a user. Friction management may be provided by having one or more additional layers of security applied to an account of a user or an entity based on suspicious behavior or other factors.

Abstract: A system such as in a networked computer system comprising a user, an application server, a gatekeeper server and an authentication server. Communication within the system is managed by the gatekeeper server, wherein the user communicates with the authentication server and the application server through the gatekeeper server. Once the user has been initially authenticated by the authentication server, the user may request application services from a plurality of application servers within the networked computer system without having to be re-authenticated.

Abstract: A system such as in a networked computer system comprising a user, an application server, a gatekeeper server and an authentication server. Communication within the system is managed by the gatekeeper server, wherein the user communicates with the authentication server and the application server through the gatekeeper server. Once the user has been initially authenticated by the authentication server, the user may request application services from a plurality of application servers within the networked computer system without having to be re-authenticated.

Abstract: A system such as in a networked computer system comprising a user, an application server, a gatekeeper server and an authentication server. Communication within the system is managed by the gatekeeper server, wherein the user communicates with the authentication server and the application server through the gatekeeper server. Once the user has been initially authenticated by the authentication server, the user may request application services from a plurality of application servers within the networked computer system without having to be re-authenticated.