Abstract: A cyber security system that protects against cyber threats including a synthetic clone of a voice of a speaker can include several components. A deep learning model is trained to analyze an audio file and produce one or more embeddings of the audio file. One or more AI classifiers are trained to analyze the one or more embeddings of the audio file from the deep learning model to determine whether it is likely that the voice of the speaker engaging with a user is real or the synthetic clone of the voice of the speaker. The voice clone detection bot can be resident on a computing device of the user and can integrate with different sources of audio data on the computing device of the user in order to collect the audio file containing an attempt to synthetically clone the voice of the speaker protected by the cyber security system.

Abstract: A cyber security system is adapted to contextualize and visualize cloud architectures featuring ephemeral cloud assets with generation of a cloud asset remediation plan to group alerts for handling based on security team responsibilities.

Abstract: An interactive cyber-security user-interface for cybersecurity components can receive a voice input from a user as well as ii) a text input as a user input. The interactive cyber-security user-interface works with a set of differently trained LLMs to carry out tasks on behalf of the user input. The interactive cyber-security user-interface cooperates with the set of differently trained LLMs, which are grouped together to operate as an orchestrated system to provide different tasks. The tasks can include a collection of supplementary information, a summarization of cyber security information, translating a query in the natural human speech format into the required search syntax, how to integrate with an API, acting as a first line of support to user inquiries, a suggested response to a cyber security issue, etc. The interactive cyber-security user-interface for the cybersecurity components acts as the user interface for one or more of the cybersecurity components.

Abstract: An orchestration component implemented within a cybersecurity system and operating in concert with a cybersecurity appliance to enhance cyber threat detection or a response to a cyber threat detected by the cybersecurity appliance is described. The orchestration component comprises a first landscape analysis module, a data score and an action severely configured to operate with a first large language model to (i) analyze threat landscape data received from one or more external sources and (ii) identify threat technique data associated with one or more cyber threats included within the threat landscape data. The orchestration component further comprises a data store adapted to maintain the threat technique data identified by the threat landscape analysis module; and an action severity module is configured to adjust a sensitivity of a cyber threat detection engine of the cybersecurity appliance in monitoring for the one or more cyber threats represented by the threat technique data.

Abstract: A system operating with a cybersecurity system to enhance cyber threat detection is described. The system features a first and second orchestrator modules. The first orchestrator module includes at least a first large language model and is configured to perform artificial intelligence-based simulations of cyber-attacks to determine (i) how a simulated cyber-attack might occur in a selected computing device and (ii) how to use simulated cyber-attack information to preempt possible escalations of an ongoing actual cyber-attack. The second orchestrator module includes at least a second large language model and is configured to (i) perform a remediation task to correct one or more misconfigurations in one or more components associated with the cybersecurity system and (ii) return the one or more components back to a trusted operational state.

Abstract: Cybersecurity components configured to cooperate with LLMs including i) a cyber security appliance with a cyber threat detect engine to detect a cyber threat, ii) a proactive threat notification service, iii) a cyber threat autonomous response engine, iv) a cyberattack simulator, v) a cyber-attack restoration engine, and vi) an artificial intelligence-based cyber threat analyst module. The LLMs are configured to communicate and cooperate with the one or more cybersecurity components via one or more Application Program Interfaces (APIs) to receive cyber security information being produced by the one or more of the cybersecurity components and then to apply language generation functionality in order to assist a human in an understanding of the cyber security information being produced by the cybersecurity components, and then also to provide recommendations to prioritize breaches over other breaches in a native human friendly format for the human.

Abstract: The cyber security training tool has a natural language processor and a large language model to be able to analyze both i) a synthetic cyberattack in a mimic network corresponding to a real world network as well as ii) a real cyberattack in the real world network. The cyber security training tool can then provide analysis and an explanation as to why machine learning identified the synthetic cyberattack and/or the real cyberattack as a cyber threat for a purpose of providing cyber security training to at least one of i) an end user of the real world network and ii) a cyber security team member for the real world network. The cyber security training tool further has a user interface component to display security awareness training for the synthetic cyberattack and/or the real cyberattack, and to show the end user and/or the cyber security team member an understanding of the machine learning of the synthetic cyberattack and/or the real cyberattack displayed in the user interface component.

Abstract: A synthetic cyberattack tool uses a generative AI component to assist in generating a synthetic cyberattack by a cyber threat to produce one or more cybersecurity incidents and/or events. The synthetic cyberattack tool uses the generative AI component also to provide an analysis and an explanation for a purpose of providing cyber security training to at least one of an end user of a network and a cyber security team member for the network in a mimic network. The synthetic cyberattack tool orchestrates the synthetic cyberattack and derives the synthetic cyberattack from real world cyberattacks and the wargaming cyberattack exercise from real world behaviors of the end user and/or the cyber security team member as well as the architecture and policies implemented in the real world network. A user interface component displays both results of testing in the wargaming cyberattack exercise along with an explainability on the synthetic cyberattack.

Abstract: A cybersecurity system for adjusting content within an Artificial Intelligence (AI) model or creating a new AI model based on analysis of a model breach alert is described. The cybersecurity system features a model health analysis component and a model refinement component. The model health analysis component is configured to analyze content associated with a model breach alert. Communicatively coupled to the model health analysis component, the model refinement component is configured to receive analytic results from the model health analysis component. Based on the analytic results, the model refinement component determines adjustments to the threshold associated with the AI model or generates a new AI model in substitution of the AI model to avoid an over-breaching condition or improve cyber threat detection.

Abstract: A cybersecurity system for enhancing detection of cyber threats through use of one or more Large Language Models (LLMs) is described. Herein, the LLMs are configured to generate one or more structured elements that operate as a complex filter for automatically extracting salient data from data received from one or more external sources for training of Artificial Intelligence (AI) models. Additionally, the LLMs are further configured to correlate multiple user credentials associated with different platforms to identify a common user to enhance training of the AI models and anonymize at least personally identifiable information (PII) data prior to training of the AI models.

Abstract: An automated sandbox generator for a cyber-attack exercise on a mimic network in a cloud environment can include various components. The cloud deployment component deploys the mimic network in a sandbox environment in the cloud environment. The mimic network can be a clone of components from a network that exists in an organization's environment and/or, predefined example components. The attack engine deploys a cyber threat to use an exploit for the wargaming cyber-attack exercise in the mimic network. The user interface displays, in real time, results of the wargaming cyber-attack exercise being conducted in the sandbox environment, to create a behavioral profile of how the cyber threat using the exploit would actually perform in that particular organization's environment as well as have human users interact with the cyber threat deployed by the attack engine during the cyber-attack on the mimic network, as it happens in real time, during the wargaming cyber-attack exercise.

Abstract: Aspects of the invention relate to a cyber security system that may enable an end user to communicate with a cyber security appliance to identify cyber threats across the client system. The system can include one or more host devices each having a user interface and an endpoint agent for facilitating bi-directional communication between the user and a cyber security appliance. The endpoint agent may include a communication facilitation module including a user interaction module configured to communicate with the user interface and a helper module configured to communicate with the cyber security appliance. The endpoint agent is configured to enable the bi-directional communication between the user interface and the cyber security appliance on receiving a query associated with identified unusual behavior.

Abstract: A cyber threat defense system can incorporate data from multiple Software-as-a-Service (SaaS) applications hosted by multiple third-party platforms to identify cyber threats across platforms. The system can collect third-party event data describing an administrative event of a SaaS application hosted by an associated third-party platform. The system can identify a user associated with the third-party event data based on a composite user profile constructed from user context data collected across the multiple SaaS applications to identify the user across multiple third-party platforms. The system can associate the user with a user risk profile based on the composite user profile. The system can identify whether the third-party event data corresponds to a cyber threat partially based on the user risk profile. The system can execute an autonomous response in response to the cyber threat using an autonomous response module factoring in the user risk profile.

Abstract: In the use of devices and methods for measuring applied pressure on an article, such as a patella construct during a surgical procedure, a clamp is provided with arms, an optional external spring, an optional internal spring and a torque knob for applying constant and measurable pressure to the article. Embodiments of the clamp include a spring rod engaged with the torque knob for assisting in applying and retaining desired pressure. Spike elements and a bushing insert are secured to the ends of the arms for retaining the article in place during use. The elements are advantageously assembled and disassembled to facilitate thorough and quick cleaning.

Abstract: An antenna arrangement can produce omni-directional polarisations of two or more types and comprises a compact arrangement of a dipole with array comprising first and second conductors in parallel planes separated by a printed circuit board and laid on the printed circuit board for generating horizontally polarised signals. A monopole arrangement comprises a third conductor substantially orthogonal to the planes of the first and second conductors and arranged so that one of the first and second conductors acts as a ground plane for the third conductor.

Abstract: Disclosed is an improved reel assembly for use in conjunction with an occupant restraint system. The assembly employs a dual locking arrangement whereby an occupant can be restrained during both major and minor incidents. After a major incident, the reel assembly remains locked until the occupant disengages the reel via a push button. After a minor incident, the reel assembly can be conveniently unlocked, without the need for accessing the push button, by applying counter tension to the webbing.

Abstract: An antenna arrangement can produce omni-directional polarisations of two or more types and comprises a compact arrangement of a dipole with array comprising first and second conductors in parallel planes separated by a printed circuit board and laid on the printed circuit board for generating horizontally polarised signals. A monopole arrangement comprises a third conductor substantially orthogonal to the planes of the first and second conductors and arranged so that one of the first and second conductors acts as a ground plane for the third conductor.

Abstract: A security framework for a host computer system which allows a host to control access to a compliant security token by ensuring enforcement of established security policies administered by a middleware application. Processing between the host computer system and the security token is performed using one or more modular security application agents. The modular security application agents are counterpart applications to security applications installed in the security token and may be retrieved and installed upon to ensure compatibility between counterpart token and host security applications. The security policies are a composite of host security policies and token security policies which are logically combined by the middleware application at the beginning of a session.

Abstract: Providing remote user access to secure financial applications includes deployment of SSO software to client workstations by receiving a password for collaborating access to a secure server, navigating to the secure server using a web browser on a remote workstation, providing user authorization details and the received password to the secure server, generating a subsequent password at the secure server upon validation of the user authorization details and received password, and downloading an SSO deployment file to the remote workstation. The deployment file includes a subsequent password. The SSO deployment file is executed to install an SSO client application on the remote workstation. Workstation settings and user credentials are read from a secure file or data store. The SSO client application is run on the workstation to employ the user credentials and subsequent password to logon to the secure application.

Abstract: Disclosed is an improved reel assembly for use in conjunction with an occupant restraint system. The assembly employs a dual locking arrangement whereby an occupant can be restrained during both major and minor incidents. After a major incident, the reel assembly remains locked until the occupant disengages the reel via a push button. After a minor incident, the reel assembly can be conveniently unlocked, without the need for accessing the push button, by applying counter tension to the webbing.