Abstract: A vertically integrated access control system may store in a database data records corresponding to the interfaces, access control rules, and computing resources of an information system, as well as data records for entity capabilities. Data records for related interfaces, access control rules, computing resources, and entity capabilities may be linked. Using the database, the system may determine the entity capabilities that can be performed based on an existing user entitlement. If the entity capabilities include a flagged combination of entity capabilities, the system may perform an information security action to remediate the flagged combination. The system may use the database to form vertically integrated access units. The vertically integrated access units may be used to form user entitlements. The system may continuously monitor whether any proposed configurations would create a flagged combination of entity capabilities, and if so take an action to prevent such flagged combination.

Abstract: A vertically integrated access control system may store in a database data records corresponding to the interfaces, access control rules, and computing resources of an information system, as well as data records for entity capabilities. Data records for related interfaces, access control rules, computing resources, and entity capabilities may be linked. Using the database, the system may determine the entity capabilities that can be performed based on an existing user entitlement. If the entity capabilities include a flagged combination of entity capabilities, the system may perform an information security action to remediate the flagged combination. The system may use the database to form vertically integrated access units. The vertically integrated access units may be used to form user entitlements. The system may continuously monitor whether any proposed configurations would create a flagged combination of entity capabilities, and if so take an action to prevent such flagged combination.

Abstract: A vertically integrated access control system may store in a database data records corresponding to the interfaces, access control rules, and computing resources of an information system, as well as data records for entity capabilities. Data records for related interfaces, access control rules, computing resources, and entity capabilities may be linked. Using the database, the system may determine the entity capabilities that can be performed based on an existing user entitlement. If the entity capabilities include a flagged combination of entity capabilities, the system may perform an information security action to remediate the flagged combination. The system may use the database to form vertically integrated access units. The vertically integrated access units may be used to form user entitlements. The system may continuously monitor whether any proposed configurations would create a flagged combination of entity capabilities, and if so take an action to prevent such flagged combination.

Abstract: A vertically integrated access control system may store in a database data records corresponding to the interfaces, access control rules, and computing resources of an information system, as well as data records for entity capabilities. Data records for related interfaces, access control rules, computing resources, and entity capabilities may be linked. Using the database, the system may determine the entity capabilities that can be performed based on an existing user entitlement. If the entity capabilities include a flagged combination of entity capabilities, the system may perform an information security action to remediate the flagged combination. The system may use the database to form vertically integrated access units. The vertically integrated access units may be used to form user entitlements. The system may continuously monitor whether any proposed configurations would create a flagged combination of entity capabilities, and if so take an action to prevent such flagged combination.

Abstract: A vertically integrated access control system may store in a database data records corresponding to the interfaces, access control rules, and computing resources of an information system, as well as data records for entity capabilities. Data records for related interfaces, access control rules, computing resources, and entity capabilities may be linked. Using the database, the system may determine the entity capabilities that can be performed based on an existing user entitlement. If the entity capabilities include a flagged combination of entity capabilities, the system may perform an information security action to remediate the flagged combination. The system may use the database to form vertically integrated access units. The vertically integrated access units may be used to form user entitlements. The system may continuously monitor whether any proposed configurations would create a flagged combination of entity capabilities, and if so take an action to prevent such flagged combination.

Abstract: A vertically integrated access control system may store in a database data records corresponding to the interfaces, access control rules, and computing resources of an information system, as well as data records for entity capabilities. Data records for related interfaces, access control rules, computing resources, and entity capabilities may be linked. Using the database, the system may determine the entity capabilities that can be performed based on an existing user entitlement. If the entity capabilities include a flagged combination of entity capabilities, the system may perform an information security action to remediate the flagged combination. The system may use the database to form vertically integrated access units. The vertically integrated access units may be used to form user entitlements. The system may continuously monitor whether any proposed configurations would create a flagged combination of entity capabilities, and if so take an action to prevent such flagged combination.

Abstract: A system for identifying anomalies in an information system is typically configured for: collecting information regarding a hierarchy of capabilities, a hierarchy of resources, capability instances, and resource instances of the information system; storing, in a graph database, nodes corresponding to the hierarchy of capabilities, hierarchy of resources, capability instances, and resource instances; collecting information regarding relationships among the hierarchy of capabilities, hierarchy of resources, capability instances, and resource instances; defining, in the graph database, edges corresponding to the relationships among the hierarchy of capabilities, hierarchy of resources, capability instances, and resource instances; collecting event and/or state data for the information system; comparing the event and/or state data to the graph database and determining that an event and/or state is anomalous; and, in response to determining that the event and/or state is anomalous, taking an information security a

Abstract: The invention provides a multidimensional graph database with property and relationship subclasses. In comparison to current graph database technology, which only allows for the creation of nodes, relationships, and properties for the nodes and relationships, the new multidimensional graph database treats properties as a separate object class. In this way, each property may in turn have one or more of its own properties and/or relationships to other nodes, relationships, or properties. The system is able to add as many layers of properties and relationships as needed to precisely represent the data as well as the relationships between and/or amongst the data. By extending the graph database schema beyond the conventional bounds, the multidimensional graph database increases the efficiency of database queries while simultaneously increasing the depth and quality of the data produced by the search queries.

Abstract: Systems, computer program products, and methods are described herein for a model framework and system for cyber security services. The present invention is configured to determine one or more access paths to the internal computing device from an external computing device; determine one or more controls associated with each access path; determine one or more types of access that may be made via one or more of the access paths by the external computing device to access the internal computing device; determine whether the one or more controls associated with the at least one of the one or more access paths is capable of detecting the access; determine one or more tools configured to regulate the one or more controls; and incorporate the one or more tools within the network to regulate the one or more controls to detect and monitor the access.

Abstract: Systems, computer program products, and methods are described herein for a model framework and system for cyber security services. The present invention is configured to determine one or more access paths to the internal computing device from an external computing device; determine one or more controls associated with each access path; determine one or more types of access that may be made via one or more of the access paths by the external computing device to access the internal computing device; determine whether the one or more controls associated with the at least one of the one or more access paths is capable of detecting the access; determine one or more tools configured to regulate the one or more controls; and incorporate the one or more tools within the network to regulate the one or more controls to detect and monitor the access.