Abstract: A process for handling wireless service and wireless device transaction and information requests includes storing in a database wireless service information responses, wireless service transaction responses, wireless device information responses, and wireless device transaction responses. The process including receiving and analyzing a keyword, obtaining a response, based at least on the keyword, and transmitting the response.

Abstract: Self-sovereign identity systems and methods for identification documents are disclosed herein. An example method includes transmitting data obtained from a near-field communications (NFC) chip of an object to the service provider. The data can include identifying information for an owner of the object. The method can include receiving a user identity packet from the service provider that is generated by the service provider based on verification of an identity of the owner and validity of the NFC chip, storing the user identity packet on a computing device, receiving a request from a first requesting device or service for the data stored on the NFC chip of the object and transmitting the user identity packet from the computing device to the first requesting device or service instead of the data.

Abstract: A process for handling wireless service and wireless device transaction and information requests includes storing in a database wireless service information responses, wireless service transaction responses, wireless device information responses, and wireless device transaction responses. The process including receiving and analyzing a keyword, obtaining a response, based at least on the keyword, and transmitting the response.

Abstract: A process for handling wireless service and wireless device transaction and information requests includes storing in a database wireless service information responses, wireless service transaction responses, wireless device information responses, and wireless device transaction responses. The process including receiving and analyzing a keyword, obtaining a response, based at least on the keyword, and transmitting the response.

Abstract: A process for handling wireless service and wireless device transaction and information requests includes storing in a database wireless service information responses, wireless service transaction responses, wireless device information responses, and wireless device transaction responses. The process including receiving and analyzing a keyword, obtaining a response, based at least on the keyword, and transmitting the response.

Abstract: Methods, systems, and apparatus, including computer programs encoded on computer storage media, for asset risk analysis. One method includes receiving threat definition data for threats, vulnerability detection data for assets, and countermeasure detection data for assets. The method further includes determining a respective risk metric for each of the assets for each of the threats. This includes analyzing the vulnerability detection data for an asset to determine whether the asset is vulnerable to a threat, determining from the threat definition data and the countermeasure detection data whether the asset is protected by one of the countermeasures identified for the threat, and determining the risk metric for the asset for the threat according to whether the asset is vulnerable to the threat and whether the asset is protected by one of the countermeasures identified for the threat.

Abstract: A security metrics system receives security information data for a network system of computers and metric definitions from metric sources. Each metric definition defines a heuristic for calculating a score for the network system from one or more security signal values at a time in the plurality of times, wherein the score quantifies a security metric for the network system. The system calculates each metric definition for a plurality of times and selecting metric definitions that are related to the performance of and are indicative of one or more other metric definitions as candidates to be key performance indicators.

Abstract: Brand threat information is identified relating to potential threats to one or more brands of one or more organizations. A characteristic of one or more operating environments is identified and a relation is determined between a particular one of the potential threats and the characteristic. The determined relation is used to determine risk associated with a particular brand of an organization.

Abstract: Methods, systems, and apparatus, including computer programs encoded on computer storage media, for asset risk analysis. One method includes receiving threat definition data for threats, vulnerability detection data for assets, and countermeasure detection data for assets. The method further includes determining a respective risk metric for each of the assets for each of the threats. This includes analyzing the vulnerability detection data for an asset to determine whether the asset is vulnerable to a threat, determining from the threat definition data and the countermeasure detection data whether the asset is protected by one of the countermeasures identified for the threat, and determining the risk metric for the asset for the threat according to whether the asset is vulnerable to the threat and whether the asset is protected by one of the countermeasures identified for the threat.

Abstract: Methods, systems, and apparatus, including computer programs encoded on computer storage media, for generating quantitative risk metrics for assets and threats. Risk metrics are generated for individual assets and individual threats. These individual metrics can then be analyzed to generate aggregate risk metrics for assets, groups of assets, and threats. Assets and threats can be ordered according to their aggregate risk metrics.

Abstract: Methods, systems, and apparatus, including computer programs encoded on computer storage media, for asset risk analysis. One method includes receiving threat definition data for threats, vulnerability detection data for assets, and countermeasure detection data for assets. The method further includes determining a respective risk metric for each of the assets for each of the threats. This includes analyzing the vulnerability detection data for an asset to determine whether the asset is vulnerable to a threat, determining from the threat definition data and the countermeasure detection data whether the asset is protected by one of the countermeasures identified for the threat, and determining the risk metric for the asset for the threat according to whether the asset is vulnerable to the threat and whether the asset is protected by one of the countermeasures identified for the threat.

Abstract: Methods, systems, and apparatus, including computer programs encoded on computer storage media, for prioritizing asset remediations. One method includes generating a risk metric for an asset and a threat, generating a remediation availability metric for the asset and the threat, and determining a remediation prioritization metric for the asset and the threat according to the risk metric and the remediation availability metric. The remediation prioritization metric specifies a priority of applying the remediation to the asset.

Abstract: A prevention-based network auditing system includes a central compliance server generating network policies and configuring audits of the data communications network. The compliance server presents a graphical user interface (GUI) to describe the specific data gathering parameters, policies to be analyzed, and the schedule of analysis. One or more audit servers strategically deployed around the network employ heterogeneous data-gathering tools to gather information about the network in response to the configured audits, and transmit the gathered information to the compliance server. An audit repository stores the gathered information for use by the compliance server for security and regulatory policy assessment, network vulnerability analysis, report generation, and security improvement recommendations.

Abstract: A prevention-based network auditing system includes a central compliance server providing a user interface allowing a user to schedule and configure a network audit. The configured audit is stored in an audit repository until its scheduled time. At such a time, the compliance server automatically invokes one or more audit servers to gather information about the network. The compliance server receives the gathered information and electronically applies a network policy to the information for determining compliance with the policy. A remediation task may be generated if the policy has been violated, and the task monitored until its completion.

Abstract: A prevention-based network auditing system includes a central compliance server storing both natural language policy documents and machine-processable policy rules in an audit repository. The compliance server provides a client-side user interface allowing a user to easily generate a machine-auditable policy by selecting/generating a natural language policy source document, and linking the applicable machine-processable policy rules to the applicable portions of the source document. The selected machine-processable policy rules are then applied to information gathered about the network during a scheduled network audit session for efficiently and systematically determining whether policy violations and/or vulnerabilities exist.