Abstract: A system and methods for detecting and mitigating SAML forgery and manipulation attacks against services is provided, comprising a policy manager configured to observe a new authentication object generated by an identity provider, and retrieve the new authentication object; and a hashing engine configured to create a unique identifier for each valid authentication session; wherein subsequent access requests accompanied by authentication objects are validated by checking for a valid unique identifier.

Abstract: A system and methods for detecting and mitigating golden SAML attacks against federated services is provided, comprising an authentication object inspector configured to observe a new authentication object generated by an identity provider, and retrieve the new authentication object; and a hashing engine configured to create a security cookie for each valid authentication session; wherein subsequent access requests accompanied by authentication objects are validated by checking for a valid security cookie.

Abstract: A system and methods for detecting and mitigating golden SAML attacks against federated services is provided, comprising an authentication object inspector configured to observe a new authentication object generated by an identity provider, and retrieve the new authentication object; and a hashing engine configured to create a security cookie for each valid authentication session; wherein subsequent access requests accompanied by authentication objects are validated by checking for a valid security cookie.

Abstract: A system and methods for detecting and mitigating golden SAML attacks against federated services is provided, comprising an authentication object inspector configured to observe a new authentication object generated by an identity provider, and retrieve the new authentication object; and a hashing engine configured to create a security cookie for each valid authentication session; wherein subsequent access requests accompanied by authentication objects are validated by checking for a valid security cookie.

Abstract: A system and methods for detecting and mitigating golden SAML attacks against federated services is provided, comprising an authentication object inspector configured to observe a new authentication object generated by an identity provider, and retrieve the new authentication object; and a hashing engine configured to create a security cookie for each valid authentication session; wherein subsequent access requests accompanied by authentication objects are validated by checking for a valid security cookie.

Abstract: A system and method for creating and implementing data processing workflows using a distributed computational graph comprising modules that represent various stages within a data processing workflow. Each module represents one or more data processing steps, with some of the modules representing data processing performed by a cloud-based service and containing code for interfacing with the application programming interface (API) of that cloud-based service. A series of modules and their interconnections specify the workflow. Data is processed according to the workflow by implementing the data processing step represented by each module, some of which may access cloud-based data processing services. The result is that users can create complex data processing workflows that utilize cloud-based services to process data without having to know how to access the cloud-based data processing services, or even know that they exist.

Abstract: A system and method that uses midservers located between the business enterprise computer infrastructure and the cloud-based infrastructure to collect, aggregate, analyze, transform, and securely transmit data from a multitude of computing devices and peripherals at an external network to a cloud-based service.

Abstract: A system for predictive analysis of very large data sets using a distributed computational graph that intelligently combines processing of a current data stream with the ability to retrieve relevant stored data in such a way that conclusions or actions may be drawn in a predictive manner. The system has a pipeline construction module that allows a user to construct a streaming analytic workflow using modular building blocks, each of which represents either an environmental orchestration stage or a data processing stage of a streaming analytic workflow, and has a pipeline processing module that receives a data stream and constructs a directed computational graph by processing the data stream through the streaming analytic workflow. The directed computational graph is used to analyze the data stream.

Abstract: A system and method for a high-performance, scalable, multi-tenant, dynamically specifiable, knowledge graph information storage and utilization. The system uses an in-memory associative array for high-performance graph storage and access, with a non-volatile distributed database for scalable backup storage, a scalable, distributed graph service for graph creation, an indexing search engine to increase searching performance, and a graph crawler for graph traversal. One or more of these components may be in the form of a cloud-based service, and in some embodiments the cloud-based services may be containerized to allow for multi-tenant co-existence with no possibility of data leakage or cross-over.

Abstract: A system and methods for integrating datasets and automating transformation workflows using a distributed computational graph comprising modules that represent various stages within a data processing workflow. The system detects new datasets and automatically selects or assembles a workflow to process the new data, and integrates new data through a series of identification, transformation, and metadata enrichment pipelines.

Abstract: A system and methods for detecting and mitigating golden SAML attacks against federated services is provided, comprising an authentication object inspector configured to observe a new authentication object generated by an identity provider, and retrieve the new authentication object; and a hashing engine configured to create a security cookie for each valid authentication session; wherein subsequent access requests accompanied by authentication objects are validated by checking for a valid security cookie.

Abstract: A system and method for creating and implementing data processing workflows using a distributed computational graph comprising modules that represent various stages within a data processing workflow. Each module represents one or more data processing steps, with some of the modules representing data processing performed by a cloud-based service and containing code for interfacing with the application programming interface (API) of that cloud-based service. A series of modules and their interconnections specify the workflow. Data is processed according to the workflow by implementing the data processing step represented by each module, some of which may access cloud-based data processing services. The result is that users can create complex data processing workflows that utilize cloud-based services to process data without having to know how to access the cloud-based data processing services, or even know that they exist.

Abstract: A system and method for a high-performance, scalable, multi-tenant, dynamically specifiable, knowledge graph information storage and utilization. The system uses an in-memory associative array for high-performance graph storage and access, with a non-volatile distributed database for scalable backup storage, a scalable, distributed graph service for graph creation, an indexing search engine to increase searching performance, and a graph crawler for graph traversal. One or more of these components may be in the form of a cloud-based service, and in some embodiments the cloud-based services may be containerized to allow for multi-tenant co-existence with no possibility of data leakage or cross-over.

Abstract: A system for predictive analysis of very large data sets using a distributed computational graph that intelligently combines processing of a current data stream with the ability to retrieve relevant stored data in such a way that conclusions or actions may be drawn in a predictive manner. The system has a pipeline construction module that allows a user to construct a streaming analytic workflow using modular building blocks, each of which represents either an environmental orchestration stage or a data processing stage of a streaming analytic workflow, and has a pipeline processing module that receives a data stream and constructs a directed computational graph by processing the data stream through the streaming analytic workflow. The directed computational graph is used to analyze the data stream.

Abstract: A system and method that uses midservers located between the business enterprise computer infrastructure and the cloud-based infrastructure to collect, aggregate, analyze, transform, and securely transmit data from a multitude of computing devices and peripherals at an external network to a cloud-based service.