Abstract: A system and method for holistic computer system cybersecurity evaluation and risk rating that takes into account the operation of the entire computer system environment comprising hardware, software, and the operating system. Not only are the hardware, software, and operating system evaluated separately for cybersecurity concerns, their interaction and operation as a whole are also evaluated and scored. The results of such analyses may be used, for example, by underwriters of cybersecurity insurance policies to determine policy terms and rates.

Abstract: A system and method for secure policy-controlled processing and auditing on regulated data sets utilizing metadata and a plurality of analytics. The system and method combine the ability to restrict and control the transport and processing of data based on specified directives and provide rich auditable provenance to support evidential requirements. The system and method may additionally automatically optimize data routes and specify processing hardware based on data residency, sovereignty, or localization restrictions, furthermore, protect sensitive data from compromise by algorithmically generating digital tokens and employ sensors on all devices in the chain to provide a secure means of data transport.

Abstract: A system for meta-indexing, search, compliance, and test framework for software development is provided, comprising an indexing service configured to create a dataset by processing and indexing source code of a project provided by a developer, perform a code audit on the indexed source code, store results from the code audit in the dataset, gather additional information relating to the provided project, store the additional information in the dataset, and store the dataset into memory; and a monitoring service configured to continuously monitor the project for at least source code changes and make changes to the dataset as needed.

Abstract: A system for providing a large set of data resources for nearly any client with a centralized collection of historical data, and a server through which changing datasets located on provider networks may be accessed through the system without having to upload them to the system. The system providers a marketplace for buying and selling of data, optionally including blockchain technology to allow for secure and/or anonymous transactions.

Abstract: A system for customized crowd-sourced data gathering and extraction wherein a client may request that certain data be gathered, and the system will optimally provide the data through a combination of stored data, one or more remote devices with sensing capabilities, and human operators. The system has predictive capability to optimize notifications to human operators likely to be in the area of a data gathering request at the necessary time and likely to be available to gather the requested data. Human operators may be compensated for their data gathering, and may gather data, or parts thereof, as an adjunct to other activities.

Abstract: A system for fully integrated collection of business impacting data, analysis of that data and generation of both analysis driven business decisions and analysis driven simulations of alternate candidate business action comprising a business data retrieval engine stored in a memory of and operating on a processor of a computing device, a business data analysis engine stored in a memory of and operating on a processor of a computing device and a business decision and business action path simulation engine stored in a memory of and operating on a processor of one of more computing devices has been developed.

Abstract: A system for improving a distributable model with distributed data is provided, comprising a network-connected distributable model source configured to serve instances of a distributable model; and a directed computation graph module configured to receive at least an instance of the distributable model from the network-connected computing system, create a cleansed dataset from data stored in the memory with at least biases within the data stored in memory corrected, train the instance of the distributable model with the cleansed dataset, and generate an update report based at least in part by updates to the instance of the distributable model.

Abstract: A system and method for dynamic geospatially-referenced cyber-physical infrastructure inventory and asset management, including a business operating system, parameter evaluation engine, at least one cyber-physical asset, at least one crypt-ledger, a network, and the ability to represent data in Markov State Models and finite state machines.

Abstract: A system for generating a cybersecurity profile, wherein a time series data retrieval and storage server retrieves information from a prospective client, and information previously gathered, and stored, from a plurality of sources; a directed computational graph analysis module performs graph analysis on the data from the time series data retrieval and storage server; and an automated planning service module performs predictive simulation analysis on data received from the directed computational graph.

Abstract: A system and method for self-adjusting cybersecurity analysis and score generation, wherein a reconnaissance engine gathers data about a client's computer network from the client, from devices and systems on the client's network, and from the Internet regarding various aspects of cybersecurity. Each of these aspects is evaluated independently, weighted, and cross-referenced to generate a cybersecurity score by aggregating individual vulnerability and risk factors together to provide a comprehensive characterization of cybersecurity risk using a transparent and traceable methodology. The scoring system itself can be used as a state machine with the cybersecurity score acting as a feedback mechanism, in which a cybersecurity score can be set at a level appropriate for a given organization, and data from clients or groups of clients with more extensive reporting can be used to supplement data for clients or groups of clients with less extensive reporting to enhance cybersecurity analysis and scoring.

Abstract: A system and method for a high-performance, scalable, multi-tenant, dynamically specifiable, knowledge graph information storage and utilization. The system uses an in-memory associative array for high-performance graph storage and access, with a non-volatile distributed database for scalable backup storage, a scalable, distributed graph service for graph creation, an indexing search engine to increase searching performance, and a graph crawler for graph traversal. One or more of these components may be in the form of a cloud-based service, and in some embodiments the cloud-based services may be containerized to allow for multi-tenant co-existence with no possibility of data leakage or cross-over.

Abstract: A system and method for network cybersecurity analysis that uses user and entity behavioral analysis combined with network topology information to provide improved cybersecurity. The system and method involve gathering network entity information, establishing baseline behaviors for each entity, and monitoring each entity for behavioral anomalies that might indicate cybersecurity concerns. Further, the system and method involve incorporating network topology information into the analysis by generating a model of the network, annotating the model with risk and criticality information for each entity in the model and with a vulnerability level between entities, and using the model to evaluate cybersecurity risks to the network. Risks and vulnerabilities associated with user entities may be represented, in part or in whole, by the behavioral analyses and monitoring of those user entities.

Abstract: A system and method for crowd-sourced refinement of natural phenomenon for risk management and contract validation, comprising at least a heterogeneous mixture of sensors and data-gathering techniques, a sensor fusion suite, and a business operating system, which ingests, transforms if necessary, and analyzes received data and develops and applies models of prediction of consequences of the sensor data and future events based on such data for purposes such as insurance liability and risk assessment, emergency services planning, and financial market predictions, and comparing historical models and data with current data and models to attempt to refine and utilize a more precise predictive model for these purposes.

Abstract: A system and methods for sandboxed malware analysis and automated patch development, deployment and validation, that uses a business operating system, vulnerability scoring engine, binary translation engine, sandbox simulation engine, at least one network endpoint, at least one database, a network, and a combination of machine learning and vulnerability probing techniques, to analyze software, locate any vulnerabilities or malicious behavior, and attempt to patch and prevent undesired behavior from occurring, autonomously.

Abstract: A system and method for analyzing integrated operational technology and information technology systems with sufficient granularity to predict their behavior with a high degree of accuracy. The system and method involve creating high-fidelity models of the operational technology and information technology systems using one or more cyber-physical graphs, performing parametric analyses of the models to identify key components, scaling the parametric analyses of the models to analyze the key components at a greater level of granularity, and iteratively improving the models testing them against in-situ data from the real-world systems represented by the high-fidelity models.

Abstract: A system and method for generating comprehensive security profiles and ratings for organizations that takes into account the organization's infrastructure and operations in generating the profile, and the context and purpose of the rating to be generated related to the profile. The system and method may further comprise gathering data about the totality of the organization's infrastructure and operations, generating a cybersecurity profile using active and passive internal and external reconnaissance of the organization to determine cybersecurity vulnerabilities and potential impacts to the business in light of the information gathered about the organization's infrastructure and operations, and generating cybersecurity scores and ratings that take into account all of the above information, plus the context and purpose of the score or rating to be generated based on the cybersecurity profile.

Abstract: A system for predictive analysis of very large data sets using a distributed computational graph that intelligently combines processing of a current data stream with the ability to retrieve relevant stored data in such a way that conclusions or actions may be drawn in a predictive manner. The system has a pipeline construction module that allows a user to construct a streaming analytic workflow using modular building blocks, each of which represents either an environmental orchestration stage or a data processing stage of a streaming analytic workflow, and has a pipeline processing module that receives a data stream and constructs a directed computational graph by processing the data stream through the streaming analytic workflow. The directed computational graph is used to analyze the data stream.

Abstract: A system and methods for cybersecurity rating using active and passive external reconnaissance, comprising a web crawler that send message prompts to external hosts and receives responses from external hosts, a time-series data store that produces time-series data from the message responses, and a directed computational graph module that analyzes the time-series data to produce a weighted score representing the overall cybersecurity state of an organization.

Abstract: A system for contextual and risk-based multi-factor authentication having a multi-dimensional time series data server configured to monitor and record a network's traffic data and to serve the traffic data to other modules and a directed computation graph module configured to receive network traffic data from the multi-dimensional time series data server, determine a network traffic baseline from the network traffic data, and determine a verification score needed before granting access based at least in part by the network traffic baseline. A plurality of verification methods build up a user's verification score to required level to gain access.

Abstract: A system for meta-indexing, search, compliance, and test framework for software development is provided, comprising an indexing service configured to create a dataset by processing and indexing source code of a project provided by a developer, perform a code audit on the indexed source code, store results from the code audit in the dataset, gather additional information relating to the provided project, store the additional information in the dataset, and store the dataset into memory; and a monitoring service configured to continuously monitor the project for at least source code changes and make changes to the dataset as needed.