Abstract: In one aspect, a computerized method for detecting reconnaissance and infiltration in data lakes and cloud warehouses, comprising: monitoring a SaaS data store or a cloud-native data store from inside the data store; examining the attack and automatically identifies how far the attack has progressed in the attack lifecycle; identifying the target and scope of the attack evaluates how far the attackers have penetrated the system and what is their target; and establishing the value of the asset subject to the attackers' attack and maps the impact of the attack on the CIA (confidentiality, integrity and availability) triad.

Abstract: In one aspect, a computerized method for detecting data abuse and data exfiltration in a data store or a data lakes cloud warehouse, comprising: identifying a plurality of Command and control (CnC) channels in an enterprise data cloud infrastructure; identifying and detecting malicious compressed data transfers and encrypted data transfers; implementing a destination analysis from within the data store; and implementing data abuse detection and prevention operations.

Abstract: In one aspect, a computerized system for securing data cloning and sharing options on data warehouses, comprising: a clone determiner engine that determines that a data asset is a primary data asset or a clone data asset, wherein the clone determiner engine comprises: a log data analyzer that obtains and analyzes a set of logs of the data asset from a specified log source, and wherein set of logs are used to determine that the data asset is the primary data asset or the clone data asset, a timestamp analyzer engine that obtains a timestamp data of the data asset and reviews the timestamp data to analyze ordering of the data asset, and wherein the timestamp analyzer engine determines the data asset is a primary asset or a secondary asset, and a fingerprints analyzer that obtains and reviews the data asset and any metadata of data asset, and wherein the fingerprints analyzer creates a fingerprint based on a content of the data asset and the metadata of the data asset, and wherein the fingerprints analyzer then

Abstract: In one aspect, a computerized method for minimizing a data governance in order to improve data security, comprising: providing and imposing a set of access rules to a set of data, wherein the set of data is stored in a data warehouse; measuring a level of over provisioning of the set of data; measuring a level of data abuse susceptibility of the set of data; implementing a dark data governance operation on the set of data; and identifying a set of infrequently used roles in the set of data.

Abstract: A consumable item dispenser and method may include an ingredient storage unit configured to store a consumable ingredient used to produce consumable items by the dispenser. A sensor may be configured to sense an amount of consumable ingredient remaining to be dispensed. An input/output unit may be configured to communicate data over a communications network. A processing unit may be in communication with the sensor, and be configured to authenticate an electronic device associated with an operator and register the electronic device associated with the operator. A determination as to whether an amount of the ingredient in the ingredient storage unit is at or below a threshold level. The processing unit may generate a notification indicative that the ingredient is at or below a threshold level, and communicate the notification to the operator in response to being generated.

Abstract: In one aspect, a computerized system for locating anomalous query activity with a cloud-based database, comprising: with an atypical query engine: analyzing and understanding data within a cloud-based database, processing all accesses to the data within cloud-based database and SAAS environment, generating a list of user that accesses a table from a location in the cloud-based database using, and capture a set of specified key statistics about the cloud-based database query; and role suggestion engine: generating a user behavior fingerprint comprising a history of the user's behavior within the cloud-based database, identifying that a user is an outlier with respect to behavior with respect to the set of specified key statistics, and suggesting a new role within an enterprise managing the cloud-based database for the user, wherein the fingerprint of the outlier user is used to generate the suggestion for the new role.

Abstract: In one aspect, a computerized method for locating one or more shadow vulnerable datastores for cloud-platform datastores includes the step of identifying a cloned data store of an original datastore in a cloud database instance. It includes the step of determining that the cloned datastore comprises a shadow vulnerable datastore. It includes the step of defining a security posture of the cloned datastore. It includes the step of publishing a digitized data clone security differential report comprising the security posture and one or more remediations to fix security posture issues.

Abstract: In one aspect, a method for implementing a cloud-platform push for one or more known data breaches includes the step of, for each data breach of the one or more known data breaches, providing a functionality that maps one or more kill chains or Tactics, Techniques, and Procedures (TTPs) for a specified set of security dimensions. A step includes generating a security rule for each mapped kill chain or TTP based on the functionality that maps the one or more kill chains or Tactics, Techniques, and Procedures (TTPs) for a specified set of security dimensions. A step includes pushing the security rule to an enterprise so that the enterprise is aware of a vulnerability in the data breach. A step includes generating a customized posture for a Virtual private cloud (VPC) in the enterprise's cloud-based network. A step includes determining that the data breach can occur within the enterprise's cloud-based network.

Abstract: A consumable item dispenser and method may include an ingredient storage unit configured to store a consumable ingredient used to produce consumable items by the dispenser. A sensor may be configured to sense an amount of consumable ingredient remaining to be dispensed. An input/output unit may be configured to communicate data over a communications network. A processing unit may be in communication with the sensor, and be configured to authenticate an electronic device associated with an operator and register the electronic device associated with the operator. A determination as to whether an amount of the ingredient in the ingredient storage unit is at or below a threshold level. The processing unit may generate a notification indicative that the ingredient is at or below a threshold level, and communicate the notification to the operator in response to being generated.

Abstract: A consumable item dispenser and method may include an ingredient storage unit configured to store a consumable ingredient used to produce consumable items by the dispenser. A sensor may be configured to sense an amount of consumable ingredient remaining to be dispensed. An input/output unit may be configured to communicate data over a communications network. A processing unit may be in communication with the sensor, and be configured to authenticate an electronic device associated with an operator and register the electronic device associated with the operator. A determination as to whether an amount of the ingredient in the ingredient storage unit is at or below a threshold level. The processing unit may generate a notification indicative that the ingredient is at or below a threshold level, and communicate the notification to the operator in response to being generated.

Abstract: A consumable item dispenser and method may include an ingredient storage unit configured to store a consumable ingredient used to produce consumable items by the dispenser. A sensor may be configured to sense an amount of consumable ingredient remaining to be dispensed. An input/output unit may be configured to communicate data over a communications network. A processing unit may be in communication with the sensor, and be configured to authenticate an electronic device associated with an operator and register the electronic device associated with the operator. A determination as to whether an amount of the ingredient in the ingredient storage unit is at or below a threshold level. The processing unit may generate a notification indicative that the ingredient is at or below a threshold level, and communicate the notification to the operator in response to being generated.