Abstract: A method for managing vulnerability data may include: (1) ingesting, by a data ingestion engine, vulnerability data from a plurality of sources; (2) normalizing, by a data normalizer module, the vulnerability data into a plurality of data records; (3) generating, by a data processing module, a dynamic risk score for each data record; (4) storing, by a risk record register, a risk record for each data record, wherein the risk record may include the dynamic risk score, a priority level, an identifier for a software application, and a software dependency; (5) selecting, by a control policy selection engine, a control policy based on one of the dynamic risk scores; (6) implementing, by the risk record register, the selected control policy; (7) monitoring, by the risk record register, implementation of the control policy; and (8) updating, by the risk record register, the control policy selection engine based on the monitoring.

Abstract: A system that aggregates client data and cyber indicators to authenticate a client is provided. The system receives a request to access a financial account of the client, and retrieves a client profile. The client profile includes an aggregation of data into a plurality of data indicators. An optimal number of data indicators is determined based on an initial threshold inquiry regarding the request, with the optimal number of data indicators being determined based on a phone requesting the access to the financial account. A risk score is generated based on a weighting for each of the plurality of data indicators included within the optimal number, with the weighting representing a confidence in the accuracy of each of those data indicators. Access to predetermined actions by the client is granted based on the risk score.

Abstract: The invention relates to a method and system that aggregates client data and cyber indicators to authenticate a client. The system comprises: a computer server comprising at least one computer processor and coupled to the memory, programmed to: receive, via an electronic input, an authorization request from a requester for access to an account; identify a client identifier associated with the authorization request; using the client identifier, retrieve, from the memory, a client profile, wherein the client profile is based on an aggregation of client data, client device data, claims data and cyber data; generate a risk score based on the aggregated combination of the client data, client device data, claims data and cyber data to determine whether the requester is authenticated to access the account; and automatically apply an authentication determination to the authorization request.

Abstract: The invention relates to database abstraction and data linkage. According to an embodiment of the present invention, the invention takes a variety of attributes (e.g., names, IP address, device identifiers, addresses, phone numbers, account numbers, etc.) and returns the online activity, demographic data, account data and/or other activity, events and data associated with that attribute. The tool may then iterate over each attribute and return a network of connections having multiple degrees of association. The innovative tool may be linked to known bad actor data, and perform automated searches on this data to proactively alert potentially fraudulent activity. The tool may also be developed to add attributes and apply machine learning to the associations to more intelligently describe the returned network. Further, the tool may be developed to describe larger networks having multiple degrees of connections.

Abstract: A method for managing vulnerability data may include: (1) ingesting, by a data ingestion engine, vulnerability data from a plurality of sources; (2) normalizing, by a data normalizer module, the vulnerability data into a plurality of data records; (3) generating, by a data processing module, a dynamic risk score for each data record; (4) storing, by a risk record register, a risk record for each data record, wherein the risk record may include the dynamic risk score, a priority level, an identifier for a software application, and a software dependency; (5) selecting, by a control policy selection engine, a control policy based on one of the dynamic risk scores; (6) implementing, by the risk record register, the selected control policy; (7) monitoring, by the risk record register, implementation of the control policy; and (8) updating, by the risk record register, the control policy selection engine based on the monitoring.

Abstract: A method for managing vulnerability data may include: (1) ingesting, by a data ingestion engine, vulnerability data from a plurality of sources; (2) normalizing, by a data normalizer module, the vulnerability data into a plurality of data records; (3) generating, by a data processing module, a dynamic risk score for each data record; (4) storing, by a risk record register, a risk record for each data record, wherein the risk record may include the dynamic risk score, a priority level, an identifier for a software application, and a software dependency; (5) selecting, by a control policy selection engine, a control policy based on one of the dynamic risk scores; (6) implementing, by the risk record register, the selected control policy; (7) monitoring, by the risk record register, implementation of the control policy; and (8) updating, by the risk record register, the control policy selection engine based on the monitoring.

Abstract: The invention relates to digital cloud forensics. An embodiment of the present invention applies collection processes and tools to cloud infrastructure as a service to provide a more efficient and faithful representation of evidence. An embodiment of the present invention applies innovative concepts to retrospectively investigate ephemeral instances which may have long since terminated. This innovative process provides organizations a strategy to provide forensic investigations within either a public or private cloud environment.

Abstract: The invention relates to a method and system that combines payment data and cyber fraud indicators to identify potential fraud in payment requests from a client. The system comprises: a memory that stores and maintains a list of known fraud characteristics and cyber fraud indicators; and a computer processor, coupled to the memory, programmed to: receive, via an electronic input, a payment instruction from the client; identify one or more cyber fraud indicators associated with the payment instruction; apply payment decisioning to merge the one or more cyber fraud indicators to the payment instruction; generate a risk score based on the payment decisioning to determine whether the payment instruction should be executed; and automatically apply the payment decisioning to the payment instruction.

Abstract: Systems and methods for cybersecurity operations threat modeling are disclosed. In one embodiment, a method may include: (1) receiving threat actor data and threat actor group data; (2) processing the threat actor data and the threat actor group data; (3) for each threat actor group, generating a threat actor group profile; (4) collecting operational data from an organizational system; (5) generating a threat model by applying the threat actor group profile to the operational data; and (6) deploying at least one countermeasure to the organizational system in response to the threat model.

Abstract: Systems and methods are provided for detecting malware. The method includes receiving a request for a web page; determining expected attributes of the web page; generating a modified web page by combining the web page with code for detecting malware; transmitting the modified web page to a client device; receiving data collected from the executed version of the modified web page; determining attributes of the executed version of the modified web page; comparing the expected attributes with the attributes of the executed version of the modified web page; and determining whether the malware is present on the client device based on the comparison.

Abstract: A method for managing vulnerability data may include: (1) ingesting, by a data ingestion engine, vulnerability data from a plurality of sources; (2) normalizing, by a data normalizer module, the vulnerability data into a plurality of data records; (3) generating, by a data processing module, a dynamic risk score for each data record; (4) storing, by a risk record register, a risk record for each data record, wherein the risk record may include the dynamic risk score, a priority level, an identifier for a software application, and a software dependency; (5) selecting, by a control policy selection engine, a control policy based on one of the dynamic risk scores; (6) implementing, by the risk record register, the selected control policy; (7) monitoring, by the risk record register, implementation of the control policy; and (8) updating, by the risk record register, the control policy selection engine based on the monitoring.

Abstract: The invention relates to digital cloud forensics. An embodiment of the present invention applies collection processes and tools to cloud infrastructure as a service to provide a more efficient and faithful representation of evidence. An embodiment of the present invention applies innovative concepts to retrospectively investigate ephemeral instances which may have long since terminated. This innovative process provides organizations a strategy to provide forensic investigations within either a public or private cloud environment.

Abstract: The invention relates to database abstraction and data linkage. According to an embodiment of the present invention, the invention takes a variety of attributes (e.g., names, IP address, device identifiers, addresses, phone numbers, account numbers, etc.) and returns the online activity, demographic data, account data and/or other activity, events and data associated with that attribute. The tool may then iterate over each attribute and return a network of connections having multiple degrees of association. The innovative tool may be linked to known bad actor data, and perform automated searches on this data to proactively alert potentially fraudulent activity. The tool may also be developed to add attributes and apply machine learning to the associations to more intelligently describe the returned network. Further, the tool may be developed to describe larger networks having multiple degrees of connections.

Abstract: The invention relates to a method and system that aggregates client data and cyber indicators to authenticate a client. The system comprises: a computer server comprising at least one computer processor and coupled to the memory, programmed to: receive, via an electronic input, an authorization request from a requester for access to an account; identify a client identifier associated with the authorization request; using the client identifier, retrieve, from the memory, a client profile, wherein the client profile is based on an aggregation of client data, client device data, claims data and cyber data; generate a risk score based on the aggregated combination of the client data, client device data, claims data and cyber data to determine whether the requester is authenticated to access the account; and automatically apply an authentication determination to the authorization request.

Abstract: Systems and methods are provided for detecting malware. The method includes receiving a request for a web page; determining expected attributes of the web page; generating a modified web page by combining the web page with code for detecting malware; transmitting the modified web page to a client device; receiving data collected from the executed version of the modified web page; determining attributes of the executed version of the modified web page; comparing the expected attributes with the attributes of the executed version of the modified web page; and determining whether the malware is present on the client device based on the comparison.

Abstract: The invention relates to database abstraction and data linkage. According to an embodiment of the present invention, the invention takes a variety of attributes (e.g., names, IP address, device identifiers, addresses, phone numbers, account numbers, etc.) and returns the online activity, demographic data, account data and/or other activity, events and data associated with that attribute. The tool may then iterate over each attribute and return a network of connections having multiple degrees of association. The innovative tool may be linked to known bad actor data, and perform automated searches on this data to proactively alert potentially fraudulent activity. The tool may also be developed to add attributes and apply machine learning to the associations to more intelligently describe the returned network. Further, the tool may be developed to describe larger networks having multiple degrees of connections.

Abstract: The invention relates to digital cloud forensics. An embodiment of the present invention applies collection processes and tools to cloud infrastructure as a service to provide a more efficient and faithful representation of evidence. An embodiment of the present invention applies innovative concepts to retrospectively investigate ephemeral instances which may have long since terminated. This innovative process provides organizations a strategy to provide forensic investigations within either a public or private cloud environment.

Abstract: The invention relates to a method and system that aggregates client data and cyber indicators to authenticate a client. The system comprises: a computer server comprising at least one computer processor and coupled to the memory, programmed to: receive, via an electronic input, an authorization request from a requester for access to an account; identify a client identifier associated with the authorization request; using the client identifier, retrieve, from the memory, a client profile, wherein the client profile is based on an aggregation of client data, client device data, claims data and cyber data; generate a risk score based on the aggregated combination of the client data, client device data, claims data and cyber data to determine whether the requester is authenticated to access the account; and automatically apply an authentication determination to the authorization request.

Abstract: The invention relates to a method and system that analyzes domain names for potential fraud. The system comprises: a memory that stores and maintains a list of known domain names associated with an entity; and a computer processor, coupled to the memory, programmed to: receive, via an electronic input, one or more registered domain names from a registration source; access the list of known domain names; apply logic rules to determine visually similar domain names by comparing the one or more registered domain names to the list of known domain names; identify a relevant recipient based on the visually similar domain name; and generate and transmit, via a communication interface, a message to the recipient, the message comprising the visually similar domain name and associated information relevant to the domain name registration.

Abstract: Systems and methods are provided for detecting malware. The method includes receiving a request for a web page; determining expected attributes of the web page; generating a modified web page by combining the web page with code for detecting malware; transmitting the modified web page to a client device; receiving data collected from the executed version of the modified web page; determining attributes of the executed version of the modified web page; comparing the expected attributes with the attributes of the executed version of the modified web page; and determining whether the malware is present on the client device based on the comparison.