Abstract: There is disclosed herein a computer-implemented system and method of providing wellness detect and response (WDR) security services for an enterprise, including computing, for the enterprise, a quantitative user-centric security posture, wherein computing the quantitative user-centric security posture comprises calculating, for a user, a quantitative user risk profile according to a combination of user role, user privileges, user behavior, and digital assets assigned to a user and owned by the enterprise.

Abstract: A computer-implemented method provides security services to an enterprise. The method computes, for a plurality of enterprise users, a plurality of user health scores based on respective protection statuses for a plurality of enterprise assets owned by respective users; computes, for the enterprise, an overall enterprise security status score based on the plurality of user health scores; graphically displays to an enterprise administrator the overall enterprise security status score; and presents to the enterprise administrator a plurality of action recommendations to improve the overall enterprise security status score.

Abstract: An apparatus, related devices and methods, having a memory element operable to store instructions; and a processor operable to execute the instructions, such that the apparatus is configured to identify sensitive user data stored in the memory by a first application, determine a risk exposure score for the sensitive user data, apply, based on a determination that the risk exposure score is above a threshold, a security policy to restrict access to the sensitive user data, receive a request from a second application to access the sensitive user data, determine whether the first application and the second application are similar applications, and allow access based on a determination that the first application and the second application are similar applications.

Abstract: A computing includes a hardware platform having a processor and a memory; and instructions encoded within the memory to instruct the processor to: on behalf of a human user, scan a social media platform for which the user has an account, and compute a proactive privacy risk score, wherein the proactive privacy risk score is a quantitative value based at least in part on an inherent risk of the social media platform according to data types that may be collected and exposed by the social media platform, and at least in part on privacy settings for the social media platform in relation to the data types; and recommend or initiate an action to improve the proactive privacy risk score.

Abstract: An apparatus, related devices and methods, having a memory element operable to store instructions; and a processor operable to execute the instructions, such that the apparatus is configured to identify sensitive user data stored in the memory by a first application, determine a risk exposure score for the sensitive user data, apply, based on a determination that the risk exposure score is above a threshold, a security policy to restrict access to the sensitive user data, receive a request from a second application to access the sensitive user data, determine whether the first application and the second application are similar applications, and allow access based on a determination that the first application and the second application are similar applications.

Abstract: There is disclosed in one example a computing apparatus, including: a hardware platform including a processor and a memory; a network interface to communicatively couple to a network; and a network gateway engine to identify devices on the network, the network gateway engine including instructions encoded within the memory to instruct the processor to provide two-phase identification for a device newly-identified on the network, including: a static identification phase including applying discovery probes to the newly-identified device; and a dynamic identification phase including collecting network telemetry for the newly-identified device over time and analyzing the collected network telemetry to determine if the network telemetry is consistent with expected network usage for the newly-discovered device.