Abstract: An apparatus comprises a processing device configured to select a first data field of a first type that is associated with a second data field of a second type in a document, to determine an embedding of terms of unstructured text data in the first data field and to identify a subset of paired data fields from an unstructured text database based at least in part on metrics characterizing similarity between (i) the embedding of terms in the first data field and (ii) embeddings of terms in data fields of the first type in the paired data fields. The processing device is further configured to determine syntactic differences between the unstructured text data in the first data field and the identified subset of paired data fields, and to provide recommendations for unstructured text data to fill the second data field in the document based on the syntactic differences.

Abstract: A method includes identifying two or more vulnerabilities, each vulnerability affecting a set of one or more assets of an enterprise system. The method also includes assigning a weight to each vulnerability, the weight assigned to each of the vulnerabilities being based at least in part on the set of assets affected by that vulnerability, asset criticalities associated with the set of assets affected by that vulnerability, and at least one of (i) an exploitability potential of that vulnerability and (ii) an impact potential of that vulnerability. The method further includes determining an order in which to apply remediation actions in the enterprise system to address at least one of the vulnerabilities based at least in part on the weights assigned to the vulnerabilities, and applying, in accordance with the determined order, at least one of the remediation actions to at least one of the assets in the enterprise system.

Abstract: A method includes obtaining vulnerability scan results for a first subset of assets of an enterprise system and populating an observation data structure, based on the obtained vulnerability scan results, indicating which vulnerabilities are observed on respective ones of the assets. The method also includes determining a set of recommendations for missing entries of the observation data structure for a second subset of the assets of the enterprise system utilizing at least one recommender system that comprises at least one similarity function for determining similarity between a first and second sets of vulnerabilities observed on ones of the first and second subsets of the assets. The method further includes predicting vulnerabilities affecting the second subset of assets utilizing a machine learning model and the determined set of recommendations, and applying remediation actions for remediating the predicted vulnerabilities affecting the second subset of the assets.

Abstract: An apparatus comprises a processing device configured to obtain an unstructured version of a document comprising text data having a nested hierarchical structure comprising two or more levels, and to determine a syntax parse tree for the nested hierarchical structure specifying one or more list types associated with items in at least a given one of the levels in the nested hierarchical structure. The processing device is also configured to identify, in the document, a plurality of items each having one of the specified one or more list types in the syntax parse tree, to extract, from the document, portions of the text data corresponding to respective ones of the plurality of items, and to generate a structured version of the document that associates the extracted portions of the text data with the corresponding ones of the plurality of items.

Abstract: An apparatus comprises a processing device configured to analyze an unstructured version of a document to read text data contained therein having a nested hierarchical structure comprising two or more levels and to obtain at least one sample item for a given one of the levels in the nested hierarchical structure. The processing device is also configured to determine a list type associated with the at least one sample item, to identify items having the determined list type in the text data as belonging to the given, and to extract portions of the text data corresponding to respective ones of the items having the determined list type. The processing device is further configured to generate a structured version of the document that associates the extracted portions of the text data with the corresponding ones of the items having the determined list type.

Abstract: A method includes obtaining information regarding authentication events for users accessing assets of an enterprise system. The method also includes determining a likelihood of a given asset of the enterprise system becoming compromised responsive to compromise of a given user of the enterprise system. The method further includes determining an importance of the given asset based at least in part on a criticality value associated with the given asset, and generating a risk score for the given asset based at least in part on the determined likelihood of the given asset becoming compromised responsive to compromise of the given user and the determined importance of the given asset. The method further includes identifying remedial actions to reduce the risk score for the given asset and implementing, prior to detecting compromise of the given user, at least one of the remedial actions to modify a configuration of the given asset.

Abstract: A method includes obtaining vulnerability scan results for a first subset of assets of an enterprise system and populating an observation data structure, based on the obtained vulnerability scan results, indicating which vulnerabilities are observed on respective ones of the assets. The method also includes determining a set of recommendations for missing entries of the observation data structure for a second subset of the assets of the enterprise system utilizing at least one recommender system that comprises at least one similarity function for determining similarity between a first and second sets of vulnerabilities observed on ones of the first and second subsets of the assets. The method further includes predicting vulnerabilities affecting the second subset of assets utilizing a machine learning model and the determined set of recommendations, and applying remediation actions for remediating the predicted vulnerabilities affecting the second subset of the assets.

Abstract: A method includes identifying two or more vulnerabilities, each vulnerability affecting a set of one or more assets of an enterprise system. The method also includes assigning a weight to each vulnerability, the weight assigned to each of the vulnerabilities being based at least in part on the set of assets affected by that vulnerability, asset criticalities associated with the set of assets affected by that vulnerability, and at least one of (i) an exploitability potential of that vulnerability and (ii) an impact potential of that vulnerability. The method further includes determining an order in which to apply remediation actions in the enterprise system to address at least one of the vulnerabilities based at least in part on the weights assigned to the vulnerabilities, and applying, in accordance with the determined order, at least one of the remediation actions to at least one of the assets in the enterprise system.

Abstract: A method includes obtaining information regarding authentication events for users accessing assets of an enterprise system. The method also includes determining a likelihood of a given asset of the enterprise system becoming compromised responsive to compromise of a given user of the enterprise system. The method further includes determining an importance of the given asset based at least in part on a criticality value associated with the given asset, and generating a risk score for the given asset based at least in part on the determined likelihood of the given asset becoming compromised responsive to compromise of the given user and the determined importance of the given asset. The method further includes identifying remedial actions to reduce the risk score for the given asset and implementing, prior to detecting compromise of the given user, at least one of the remedial actions to modify a configuration of the given asset.