Abstract: The present invention provides a method of identifying aggregating and mathematically ranking security alert data having the steps of identifying a plurality of alerts, selecting a subset of the plurality alerts based on at least one preselected theme, applying a function to the subset of the plurality alerts to compute an aggregate risk score, the function based on at least one factor and prioritizing the aggregate risk score in a risk score list.

Abstract: The present invention provides methods for providing mathematical regression analysis. In particular, the method for conducting regression analysis comprises the steps of: selecting a regression model; selecting an initial set of regression parameters; applying the regression model to the initial set of regression parameters to create an initial set of regression values; selecting an improved set of regression values, wherein the improved set of regression values is selected from the set of initial regression values; generating a loss function based on the improved set; applying an iterative optimization method to the loss function and the improved set of regression values to generate a resultant set of regression values; and outputting the resultant set of regression values.

Abstract: The present invention provides a method, system and computer program product for analyzing risks, for example associated with potential data leakage. Risk for activities may be measured as a function of risk components related to: persons involved in the activity; sensitivity of data at risk; endpoint receiving data at risk; and type the activity. Risk may account for the probability of a leakage event given an activity as well as a risk cost which reflects the above risk components. Manually and/or automatically tuned parameters may be used to affect the risk calculation. Risk associated with persons and/or files may be obtained by: initializing risk scores of persons or files based on a rule set; adjusting the risk scores in response to ongoing monitoring of events; identifying commonalities across persons or files; and propagating risk scores based on the commonalities.