Abstract: A system for predictive analysis of very large data sets using a distributed computational graph has been developed. Data receipt software receives streaming data from one or more sources. In a batch data pathway, data formalization software formats input data for storage. A batch event analysis server inspects stored data for trends, situations, or knowledge. Aggregated data is passed to message handler software. System sanity software receives status information from message handler and optimizes system performance. In the streaming pathway, transformation pipeline software manipulates the data stream, provides results back to the system, receives directives from the system sanity and retrain software.

Abstract: A system for fully integrated collection of business impacting data, analysis of that data and generation of both analysis driven business decisions and analysis driven simulations of alternate candidate business actions has been devised and reduced to practice. This business operating system may be used to monitor and predictively warn of events that impact the security of business infrastructure and may also be employed to monitor client-facing services supported by both software and hardware to alert in case of reduction or failure and also predict deficiency, service reduction or failure based on current event data.

Abstract: A semantic search system integrates with an AI platform to provide advanced search capabilities by leveraging automatically generated ontologies and knowledge graphs. The system employs natural language processing, machine learning, and large language models to create, update, and align ontologies from diverse data sources. It supports context-aware query interpretation, personalized results, and complex reasoning by incorporating user context, feedback, and domain knowledge. The system optimizes search performance and efficiency through indexing techniques, distributed computing, and continuous learning. With a modular architecture and scalable infrastructure, the semantic search system enables users to retrieve relevant, meaningful, and context-specific information from vast amounts of structured and unstructured data.

Abstract: A system and method for trigger-based scanning of cyber-physical assets, including a distributed operating system, parameter evaluation engine, at least one cyber-physical asset, at least one crypt-ledger, a network, and a scanner that detects trigger conditions and events and performs scans of cyber-physical assets based on the trigger and any relevant stored scan rules before storing scan results as time-series data.

Abstract: A distributed computing cluster includes first, second, and third pluralities of computer systems. A first computer of the first plurality applies a first transformation pipeline to a stream of data to generate a output data, and transmits the output data to a computer of the second plurality, which is distinct from the first plurality. A second computer of the second plurality applies a second transformation pipeline. The second transformation pipeline includes a first storage transformation. A third computer of the third plurality stores a representation of a distributed computational graph (DCG), which includes a representation of a portion of the second transformation pipeline. The third computer processes the representation of the DCG, and determines whether the second transformation pipeline includes a storage transformation. The third computer monitors the second transformation pipeline, and in response, causes a fourth computer of the third plurality to apply a second storage transformation.

Abstract: A system for predictive analysis of very large data sets using a distributed computational graph has been developed. Data receipt software receives streaming data from one or more sources. In a batch data pathway, data formalization software formats input data for storage. A batch event analysis server inspects stored data for trends, situations, or knowledge. Aggregated data is passed to message handler software. System sanity software receives status information from message handler and optimizes system performance. In the streaming pathway, transformation pipeline software manipulates the data stream, provides results back to the system, receives directives from the system sanity and retrain software.

Abstract: A system for predictive analysis of very large data sets using a distributed computational graph has been developed. Data receipt software receives streaming data from one or more sources. In a batch data pathway, data formalization software formats input data for storage. A batch event analysis server inspects stored data for trends, situations, or knowledge. Aggregated data is passed to message handler software. System sanity software receives status information from message handler and optimizes system performance. In the streaming pathway, transformation pipeline software manipulates the data stream, provides results back to the system, receives directives from the system sanity and retrain software.

Abstract: A system for dynamically specifiable knowledge graphs. The system uses an in-memory associative array for high-performance graph storage and access, with a non-volatile distributed database for scalable backup storage, a scalable, distributed graph service for graph creation, an indexing search engine to increase searching performance, and a graph crawler for graph traversal. The system may be provided as a set of cloud services. The cloud-based services may be containerized to allow for multitenant co-existence with no possibility of data leakage or cross-over. The system uses a cyber-physical graph to represent an enterprise's cyber-physical system and can provide graph analysis, graph security, and graph fusion related tasks to identify potential operational risks.

Abstract: A system for predictive analysis of very large data sets using a distributed computational graph has been developed. Data receipt software receives streaming data from one or more sources. In a batch data pathway, data formalization software formats input data for storage. A batch event analysis server inspects stored data for trends, situations, or knowledge. Aggregated data is passed to message handler software. System sanity software receives status information from message handler and optimizes system performance. In the streaming pathway, transformation pipeline software manipulates the data stream, provides results back to the system, receives directives from the system sanity and retrain software.

Abstract: A system and methods for automated Internet-scale vulnerability scanning and enhanced security profiling. The system utilizes a scheduler that directs web crawlers to scan domains retrieved from a database, interact with the contents of any retrieved web pages using fuzz testing, index and store the results of the scan, and provide the indexed results via an API for inclusion in cybersecurity scoring.

Abstract: A system and method for the prevention, mitigation, and detection of cyberattack attacks on computer networks using logon session tracking and logging. The system uses local session monitors to monitor logon sessions within a network, track session details, and generate an event log for any suspicious sessions or details. Cyber-physical graphs and histograms using persisted time-series data provides critical information, patterns, and alerts about configurations, attack vectors, and vulnerabilities which enable information technology and cybersecurity professionals greater leverage and control over their infrastructure.

Abstract: A system for regulation-based electronic message routing using an expanded open system interconnection (“OSI”) model. Information regulations and information policy rules comprise three additional layers beyond the standard seven-layer OSI model from a data store. Electronic messages are routed using a handling policy rule generator to validate destination, storage, and transport.

Abstract: An artificial intelligence-driven simulation and decision platform for reducing epistemic uncertainty in complex systems. The system integrates advanced techniques from artificial intelligence, simulation, and uncertainty quantification to generate and run scenarios, monitor progress, and adjust parameters in real-time to achieve user-defined goals. The simulation and decision platform comprises an AI system that employs natural language processing, reinforcement learning, and multi-objective optimization; a continuous and scalable simulation environment; scenario generation and guidance that provides human-readable scenario guides and contextual explanations; and an uncertainty quantification and reduction that employs entropy-based methods and Bayesian inference. The system allows users to define goals and objectives for their simulations, and the AI component generates and optimizes scenarios to achieve these goals while reducing epistemic uncertainty.

Abstract: A system and method for the privilege assurance of enterprise computer network environments using lateral movement detection and prevention. The system uses local session monitors to monitor logon sessions within a network, generating and verifying event logs and authentication records to ensure the legitimacy of authenticated user sessions and to revoke credentials when an illicit session is detected, halting lateral movement in real-time.

Abstract: A system and method for the privilege assurance of enterprise computer network environments using attack path detection and prediction. The system uses local session monitors to monitor logon sessions within a network, track session details, and log session and network host details. Cyber-physical graphs are produced and used to identify paths within the network based on the logged information, and to apply risk weighting to the identified paths and determine likely attack paths an attacker may use.

Abstract: A system and methods for detecting and mitigating SAML forgery and manipulation attacks against services is provided, comprising a policy manager configured to observe a new authentication object generated by an identity provider, and retrieve the new authentication object; and a hashing engine configured to create a unique identifier for each valid authentication session; wherein subsequent access requests accompanied by authentication objects are validated by checking for a valid unique identifier.

Abstract: A system for detecting and mitigating attacks using forged authentication objects within a domain is provided, comprising an authentication object inspector configured to observe a new authentication object generated by an identity provider, and retrieve the new authentication object; and a hashing engine configured to retrieve the new authentication object from the authentication object inspector, calculate a cryptographic hash for the new authentication object, and store the cryptographic hash for the new authentication object in a data store; wherein subsequent access requests accompanied by authentication objects are validated by comparing hashes for each authentication object to previous generated hashes.

Abstract: A system and methods for detecting and mitigating SAML forgery and manipulation attacks against services is provided, comprising a policy manager configured to observe a new authentication object generated by an identity provider, and retrieve the new authentication object; and a hashing engine configured to create a unique identifier for each valid authentication session; wherein subsequent access requests accompanied by authentication objects are validated by checking for a valid unique identifier.

Abstract: A system and method for fingerprint-based network mapping of cyber-physical assets, including a distributed operating system, parameter evaluation engine, at least one cyber-physical asset, at least one crypt-ledger, a network, and a scanner that retrieves stored fingerprint records and performs scans of cyber-physical assets to compare against corresponding fingerprints and update a cyber-physical graph based on the success or failure of fingerprint matching.

Abstract: A reconnaissance engine gathers data about a client's computer network from the client, from devices and systems on the client's network, and from the Internet regarding various aspects of cybersecurity. Each of these aspects is evaluated independently, weighted, and cross-referenced to generate a cybersecurity score by aggregating individual vulnerability and risk factors together to provide a comprehensive characterization of cybersecurity risk using a transparent and traceable methodology. The scoring system itself can be used as a state machine with the cybersecurity score acting as a feedback mechanism, in which a cybersecurity score can be set at a level appropriate for a given organization, and data from clients or groups of clients with more extensive reporting can be used to supplement data for clients or groups of clients with less extensive reporting to enhance cybersecurity analysis and scoring.