Abstract: In one aspect, a computerized method for locating one or more shadow vulnerable datastores for cloud-platform datastores includes the step of identifying a cloned data store of an original datastore in a cloud database instance. It includes the step of determining that the cloned datastore comprises a shadow vulnerable datastore. It includes the step of defining a security posture of the cloned datastore. It includes the step of publishing a digitized data clone security differential report comprising the security posture and one or more remediations to fix security posture issues.

Abstract: In one aspect, a method for implementing a cloud-platform push for one or more known data breaches includes the step of, for each data breach of the one or more known data breaches, providing a functionality that maps one or more kill chains or Tactics, Techniques, and Procedures (TTPs) for a specified set of security dimensions. A step includes generating a security rule for each mapped kill chain or TTP based on the functionality that maps the one or more kill chains or Tactics, Techniques, and Procedures (TTPs) for a specified set of security dimensions. A step includes pushing the security rule to an enterprise so that the enterprise is aware of a vulnerability in the data breach. A step includes generating a customized posture for a Virtual private cloud (VPC) in the enterprise's cloud-based network. A step includes determining that the data breach can occur within the enterprise's cloud-based network.

Abstract: A vehicle system and method that implements a cycle to vehicle wheels for freeing a vehicle from a stuck condition is provided. The vehicle system includes a drive unit and controller. The drive unit provides a drive toque through a transmission to at least one wheel of the vehicle wheels for propelling the vehicle. The controller has a rock cycle module that determines a torque, a gear shift strategy and a frequency output based on vehicle inputs including wheel speeds of the vehicle wheels. The controller determines whether the rock cycle has been initiated and determines a surface type the vehicle is encountering. A first torque is selected at a torque module. A first gear shift strategy is selected at a gear module. A first frequency is selected at a frequency module. The selected torque, gear shift strategy and frequency are implemented at the drive unit, transmission and vehicle wheels.

Abstract: In one aspect, a computerized system for locating anomalous query activity with a cloud-based database, comprising: with an atypical query engine: analyzing and understanding data within a cloud-based database, processing all accesses to the data within cloud-based database and SAAS environment, generating a list of user that accesses a table from a location in the cloud-based database using, and capture a set of specified key statistics about the cloud-based database query; and role suggestion engine: generating a user behavior fingerprint comprising a history of the user's behavior within the cloud-based database, identifying that a user is an outlier with respect to behavior with respect to the set of specified key statistics, and suggesting a new role within an enterprise managing the cloud-based database for the user, wherein the fingerprint of the outlier user is used to generate the suggestion for the new role.

Abstract: Techniques are disclosed relating to a graphical user interface (GUI) for editing classification rules. The graphical user interface may include a display of a modified threshold value for a classification rule, where values on one side (e.g. above) the threshold value indicate a first type of classification, and values on the other side (e.g. below) indicate a second type of classification. Machine learning techniques may be used to suggest a modified threshold value to the user, who may accept the modified value, or may provide, via the GUI, their own modified value, which can be different from a suggested value. Graphical indications of accuracy for the classification rule may be displayed.

Abstract: Systems, methods, and computer program products for identifying a fraudulent device. A device analytics engine receives device data from a computing device, the device data including parameters associated with the computing device. The device analytics engine selects a set of rules in a plurality of rules that indicate at least one parameter in the plurality of parameters in the device data for determining a device identifier. The set of rules are evaluated in order until the device identifier is determined from the at least one parameter indicated in the set of rules, the device data, and previously stored data from multiple computing devices. A score is generated for the computing device using one or more of the device identifier, device data, a set of rules, and previously receive device data that corresponds to the device identifier. A computing device is identified as a fraudulent computing device based on the score.

Abstract: In one aspect, a computerized method for automatically identifying and solving for vendor data abuse in an enterprise network, includes the step of implementing a vendor detection at one or more gateways of the enterprise network. The method includes the step of mapping a set of data along with any associated data attributes of the set of data that are being shared with a vendor via the one or more gateways. The method includes the step of detecting and identifying an access anomaly with respect to the set of data associated with a vendor access. The method includes the step of implementing a specified data minimization process to the access anomaly.

Abstract: Systems, methods, and computer program products for identifying a fraudulent device. A device analytics engine receives device data from a computing device, the device data including parameters associated with the computing device. The device analytics engine selects a set of rules in a plurality of rules that indicate at least one parameter in the plurality of parameters in the device data for determining a device identifier. The set of rules are evaluated in an order until the device identifier is determined from the at least one parameter indicated in the set of rules, the device data, and previously stored data from multiple computing devices. A score is generated for the computing device using one or more of the device identifier, device data, a set of rules, and previously receive device data that corresponds to the device identifier. A computing device is identified as a fraudulent computing device based on the score.

Abstract: One or more embodiments include techniques for automating vehicle routines. The techniques include receiving a rule that includes one or more deterministic elements and a machine learning element; collecting, during operation of the vehicle, a set of vehicle data based on the machine learning element; training a machine learning model that corresponds to the machine learning element using the set of vehicle data, wherein the machine learning model is used to process the machine learning element during execution of the rule.

Abstract: There are provided systems and methods for a shared prediction engine for machine learning model deployment. A service provider may provide AI hosting platforms that allow for clients, customers, and other end users to upload AI models for execution, such as machine learning models. A user may utilize one or more user interfaces provided to a client device by the service provider to select machine learning models to perform predictive services based on input features provided in an input string. Thereafter, a machine learning engine may host and execute the models during an instance of the engine provided to the client device. The engine may then process the input features in a processing thread remotely from the client device during the instance so that machine learning predictions may be determined. Thereafter, an output string for the predictions and model explanations may be provided to the client device.

Abstract: In one aspect, a computerized system for locating anomalous query activity with a cloud-based database, comprising: with an atypical query engine: analyzing and understanding data within a cloud-based database, processing all accesses to the data within cloud-based database and SAAS environment, generating a list of user that accesses a table from a location in the cloud-based database using, and capture a set of specified key statistics about the cloud-based database query; and role suggestion engine: generating a user behavior fingerprint comprising a history of the user's behavior within the cloud-based database, identifying that a user is an outlier with respect to behavior with respect to the set of specified key statistics, and suggesting a new role within an enterprise managing the cloud-based database for the user, wherein the fingerprint of the outlier user is used to generate the suggestion for the new role.

Abstract: In one aspect, a computerized method for locating one or more shadow vulnerable datastores for cloud-platform datastores includes the step of identifying a cloned data store of an original datastore in a cloud database instance. It includes the step of determining that the cloned datastore comprises a shadow vulnerable datastore. It includes the step of defining a security posture of the cloned datastore. It includes the step of publishing a digitized data clone security differential report comprising the security posture and one or more remediations to fix security posture issues.

Abstract: There are provided systems and methods for a shared prediction engine for machine learning model deployment. A service provider may provide AI hosting platforms that allow for clients, customers, and other end users to upload AI models for execution, such as machine learning models. A user may utilize one or more user interfaces provided to a client device by the service provider to select machine learning models to perform predictive services based on input features provided in an input string. Thereafter, a machine learning engine may host and execute the models during an instance of the engine provided to the client device. The engine may then process the input features in a processing thread remotely from the client device during the instance so that machine learning predictions may be determined. Thereafter, an output string for the predictions and model explanations may be provided to the client device.

Abstract: A computerized method for implementing risk discovery with a set of unified security and privacy policies, includes the step of discovering a set of data and a set of data accesses within an enterprise computing system. The method includes the step of classifying the set of discovered data and the set of data accesses with an identification that shows which of the data assets are important or critical for the enterprise. The method includes the step of determining which of the set of discovered data and the set of data accesses have or are associated with sensitive information. The method includes the step of placing the set of discovered data and the set of data accesses that are associated with sensitive information into a set of discovered information about the infrastructure. The method includes the step of determining which of the set of discovered data and the set of data accesses are relevant in the context of a specified governmental data privacy regulation.

Abstract: In one aspect, a method for implementing a cloud-platform push for one or more known data breaches includes the step of, for each data breach of the one or more known data breaches, providing a functionality that maps one or more kill chains or Tactics, Techniques, and Procedures (TTPs) for a specified set of security dimensions. A step includes generating a security rule for each mapped kill chain or TTP based on the functionality that maps the one or more kill chains or Tactics, Techniques, and Procedures (TTPs) for a specified set of security dimensions. A step includes pushing the security rule to an enterprise so that the enterprise is aware of a vulnerability in the data breach. A step includes generating a customized posture for a Virtual private cloud (VPC) in the enterprise's cloud-based network. A step includes determining that the data breach can occur within the enterprise's cloud-based network.

Abstract: In one aspect, a computerized method for automatically identifying and solving for vendor data abuse in an enterprise network, includes the step of implementing a vendor detection at one or more gateways of the enterprise network. The method includes the step of mapping a set of data along with any associated data attributes of the set of data that are being shared with a vendor via the one or more gateways. The method includes the step of detecting and identifying an access anomaly with respect to the set of data associated with a vendor access. The method includes the step of implementing a specified data minimization process to the access anomaly.

Abstract: Techniques are disclosed relating to a graphical user interface (GUI) for editing classification rules. The graphical user interface may include a display of a modified threshold value for a classification rule, where values on one side (e.g. above) the threshold value indicate a first type of classification, and values on the other side (e.g. below) indicate a second type of classification. Machine learning techniques may be used to suggest a modified threshold value to the user, who may accept the modified value, or may provide, via the GUI, their own modified value, which can be different from a suggested value. Graphical indications of accuracy for the classification rule may be displayed.

Abstract: Systems, methods, and computer program products for identifying a fraudulent device. A device analytics engine receives device data from a computing device, the device data including parameters associated with the computing device. The device analytics engine selects a set of rules in a plurality of rules that indicate at least one parameter in the plurality of parameters in the device data for determining a device identifier. The set of rules are evaluated in an order until the device identifier is determined from the at least one parameter indicated in the set of rules, the device data, and previously stored data from multiple computing devices. A score is generated for the computing device using one or more of the device identifier, device data, a set of rules, and previously receive device data that corresponds to the device identifier. A computing device is identified as a fraudulent computing device based on the score.

Abstract: There are provided systems and methods for a shared prediction engine for machine learning model deployment. A service provider may provide AI hosting platforms that allow for clients, customers, and other end users to upload AI models for execution, such as machine learning models. A user may utilize one or more user interfaces provided to a client device by the service provider to select machine learning models to perform predictive services based on input features provided in an input string. Thereafter, a machine learning engine may host and execute the models during an instance of the engine provided to the client device. The engine may then process the input features in a processing thread remotely from the client device during the instance so that machine learning predictions may be determined. Thereafter, an output string for the predictions and model explanations may be provided to the client device.

Abstract: Methods and systems for preparing acetone from cumene hydroperoxide (CHP) are disclosed. The disclosed methods involve cleaving CHP to form a cleavage product stream. In some embodiments, the cleavage product stream is separated into an overhead stream and a bottoms stream. The bottoms stream is neutralized, washed and then treated in a crude acetone column to provide a crude acetone stream. The overhead stream of the cleavage product is flashed forward in the process, bypassing the neutralization, washing, and crude acetone column and is then combined with the crude acetone stream. The combined acetone streams are provided to an acetone product column. According to some embodiments, the acetone product column comprises a side draw for obtaining a recycle acetone stream, which is recycled to the cleavage reactor(s). The recycle acetone side draw may be located lower on the acetone product column than the point from which product acetone is obtained.