Abstract: A computer implemented method includes receiving a request for device validation, reading a genesis record from a device, the genesis record containing a device identification (ID), an original owner ID, a current owner ID, and a first hash of the device ID, an original owner ID, a current owner ID, and validating, by multiple processing entities having replicated copies of a chain that includes the genesis record and a succeeding transfer block, ownership of the device.

Abstract: Security incident detection based on historian configuration data collected over time is described. Historic configuration data associated with a computing device is updated based on received configuration data indicative of a change in configuration of the computing device in a computer system. The historic configuration data indicates changes to configurations of the computing device over a time period. A determination that relationship between the computing device and an entity of the computer system has changed is made based on the updated historic configuration data. The updated historic configuration data is provided as input to a machine learning (ML) model configured to generate an indication of whether the updated historic configuration data evidences a security incident. In response to the ML model generating an indication that the updated historic configuration data evidences a security incident, a security alert indicative of the evidenced security incident is generated.

Abstract: Networked device management is based on an ontology graph which includes device nodes, physical facility nodes, and edges. The ontology graph may go beyond network topology by also documenting: relationships between devices and facilities, facility attributes such as facility-specific security scores, and device characteristics such as whether a device is recognized, whether it is authorized, and its mission criticality. Medical devices, physical condition sensors, and other internet of things devices, including those embedded in vehicles, those located on a vehicle, those used for industrial control, or those which are intermittently air-gapped, are managed. Devices may be discovered by extraction of identifications and characteristics from telemetry data in a staged architecture. Security postures may be assessed, and security recommendations based on device context may be provided.

Abstract: Networked device management is based on an ontology graph which includes device nodes, physical facility nodes, and edges. The ontology graph may go beyond network topology by also documenting: relationships between devices and facilities, facility attributes such as facility-specific security scores, and device characteristics such as whether a device is recognized, whether it is authorized, and its mission criticality. Medical devices, physical condition sensors, and other internet of things devices, including those embedded in vehicles, those located on a vehicle, those used for industrial control, or those which are intermittently air-gapped, are managed. Devices may be discovered by extraction of identifications and characteristics from telemetry data in a staged architecture. Security postures may be assessed, and security recommendations based on device context may be provided.

Abstract: Security incident detection based on historian configuration data collected over time is described. Historic configuration data associated with a computing device is updated based on received configuration data indicative of a change in configuration of the computing device in a computer system. The historic configuration data indicates changes to configurations of the computing device over a time period. A determination that relationship between the computing device and an entity of the computer system has changed is made based on the updated historic configuration data. The updated historic configuration data is provided as input to a machine learning (ML) model configured to generate an indication of whether the updated historic configuration data evidences a security incident. In response to the ML model generating an indication that the updated historic configuration data evidences a security incident, a security alert indicative of the evidenced security incident is generated.

Abstract: A computer implemented method includes receiving a request for device validation, reading a genesis record from a device, the genesis record containing a device identification (ID), an original owner ID, a current owner ID, and a first hash of the device ID, an original owner ID, a current owner ID, and validating, by multiple processing entities having replicated copies of a chain that includes the genesis record and a succeeding transfer block, ownership of the device.

Abstract: Security incident detection based on historian configuration data collected over time is described. Historic configuration data associated with a computing device is updated based on received configuration data indicative of a change in configuration of the computing device in a computer system. The historic configuration data indicates changes to configurations of the computing device over a time period. A determination that relationship between the computing device and an entity of the computer system has changed is made based on the updated historic configuration data. The updated historic configuration data is provided as input to a machine learning (ML) model configured to generate an indication of whether the updated historic configuration data evidences a security incident. In response to the ML model generating an indication that the updated historic configuration data evidences a security incident, a security alert indicative of the evidenced security incident is generated.

Abstract: Networked device management is based on an ontology graph which includes device nodes, physical facility nodes, and edges. The ontology graph may go beyond network topology by also documenting: relationships between devices and facilities, facility attributes such as facility-specific security scores, and device characteristics such as whether a device is recognized, whether it is authorized, and its mission criticality. Medical devices, physical condition sensors, and other internet of things devices, including those embedded in vehicles, those located on a vehicle, those used for industrial control, or those which are intermittently air-gapped, are managed. Devices may be discovered by extraction of identifications and characteristics from telemetry data in a staged architecture. Security postures may be assessed, and security recommendations based on device context may be provided.

Abstract: Networked device management is based on an ontology graph which includes device nodes, physical facility nodes, and edges. The ontology graph may go beyond network topology by also documenting: relationships between devices and facilities, facility attributes such as facility-specific security scores, and device characteristics such as whether a device is recognized, whether it is authorized, and its mission criticality. Medical devices, physical condition sensors, and other internet of things devices, including those embedded in vehicles, those located on a vehicle, those used for industrial control, or those which are intermittently air-gapped, are managed. Devices may be discovered by extraction of identifications and characteristics from telemetry data in a staged architecture. Security postures may be assessed, and security recommendations based on device context may be provided.