Abstract: A network-accessible service provides an enterprise with a view of identity and data activity in the enterprise's cloud accounts. The service enables cloud provider management models to be normalized with centralized analytics and views across cloud accounts. Based on identity and audit data received from a set of cloud deployments, and according to a cloud intelligence model, a set of permissions associated with each of a set of identities are determined. For each identity, and based on a set of identity chains extracted from the cloud intelligence model, a set of identity account action paths (IAAPs) are then determined. An IAAP defines how the identity obtains an ability to perform a given action in a given account. Using the identity account action paths together with context information, one or more roles, groups and accounts in the enterprise that are propagating permissions within the public cloud environment are then identified.

Abstract: A network-accessible service provides an enterprise with a view of identity and data activity in the enterprise's cloud accounts. The service enables cloud provider management models to be normalized with centralized analytics and views across cloud accounts. Based on identity and audit data received from a set of cloud deployments, and according to a cloud intelligence model, a set of permissions associated with each of a set of identities are determined. For each identity, and based on a set of identity chains extracted from the cloud intelligence model, a set of identity account action paths (IAAPs) are then determined. An IAAP defines how the identity obtains an ability to perform a given action in a given account. Using the identity account action paths together with context information, one or more roles, groups and accounts in the enterprise that are propagating permissions within the public cloud environment are then identified.

Abstract: A network-accessible service provides an enterprise with a view of identity and data activity in the enterprise's cloud accounts. The service enables distinct cloud provider management models to be normalized with centralized analytics and views across large numbers of cloud accounts. The service enables an enterprise to model all activity and relationships across cloud vendors, accounts and third party stores. Using a domain-specific query language, the system enables rapid interrogation of a complete and centralized data model of all data and identity relationships. User reports may be generated showing all privileges and data to which a particular identity has access. Using the display views, a user can pivot all functions across teams, applications and data, geography, provider and compliance mandates, and the like.

Abstract: A network-accessible service provides an enterprise with a view of identity and data activity in the enterprise's cloud accounts. The service enables distinct cloud provider management models to be normalized with centralized analytics and views across large numbers of cloud accounts. Based on identity and audit data received from a set of cloud deployments, and according to a cloud intelligence model, a set of permissions associated with each of a set of identities are determined. For each identity, and based on a set of identity chains extracted from the cloud intelligence model, a set of identity account action paths (IAAPs) are then determined. An IAAP defines how the identity obtains an ability to perform a given action in a given account. Using the identity account action paths together with context information, one or more roles, groups and accounts in the enterprise that are propagating permissions within the public cloud environment are then identified.

Abstract: A network-accessible service provides an enterprise with a view of all identity and data activity in the enterprise's cloud accounts. The service enables distinct cloud provider management models to be normalized with centralized analytics and views across large numbers of cloud accounts. The service enables an enterprise to model all activity and relationships across cloud vendors, accounts and third party stores. Display views of this information preferably can pivot on cloud provider, country, cloud accounts, application or data store. Using a domain-specific query language, the system enables rapid interrogation of a complete and centralized data model of all data and identity relationships. User reports may be generated showing all privileges and data to which a particular identity has access. Similarly, data reports shown all entities having access to an asset can be generated.

Abstract: A network-accessible service provides an enterprise with a view of all identity and data activity in the enterprise's cloud accounts. The service enables distinct cloud provider management models to be normalized with centralized analytics and views across large numbers of cloud accounts. The service enables an enterprise to model all activity and relationships across cloud vendors, accounts and third party stores. Display views of this information preferably can pivot on cloud provider, country, cloud accounts, application or data store. Using a domain-specific query language, the system enables rapid interrogation of a complete and centralized data model of all data and identity relationships. User reports may be generated showing all privileges and data to which a particular identity has access. Similarly, data reports shown all entities having access to an asset can be generated.

Abstract: A network-accessible service provides an enterprise with a view of all identity and data activity in the enterprise's cloud accounts. The service enables distinct cloud provider management models to be normalized with centralized analytics and views across large numbers of cloud accounts. The service enables an enterprise to model all activity and relationships across cloud vendors, accounts and third party stores. Display views of this information preferably can pivot on cloud provider, country, cloud accounts, application or data store. Using a domain-specific query language, the system enables rapid interrogation of a complete and centralized data model of all data and identity relationships. User reports may be generated showing all privileges and data to which a particular identity has access. Similarly, data reports shown all entities having access to an asset can be generated.

Abstract: A network-accessible service provides an enterprise with a view of all identity and data activity in the enterprise's cloud accounts. The service enables distinct cloud provider management models to be normalized with centralized analytics and views across large numbers of cloud accounts. The service enables an enterprise to model all activity and relationships across cloud vendors, accounts and third party stores. Display views of this information preferably can pivot on cloud provider, country, cloud accounts, application or data store. Using a domain-specific query language, the system enables rapid interrogation of a complete and centralized data model of all data and identity relationships. User reports may be generated showing all privileges and data to which a particular identity has access. Similarly, data reports shown all entities having access to an asset can be generated.

Abstract: A network-accessible service provides an enterprise with a view of all identity and data activity in the enterprise's cloud accounts. The service enables distinct cloud provider management models to be normalized with centralized analytics and views across large numbers of cloud accounts. The service enables an enterprise to model all activity and relationships across cloud vendors, accounts and third party stores. Display views of this information preferably can pivot on cloud provider, country, cloud accounts, application or data store. Using a domain-specific query language, the system enables rapid interrogation of a complete and centralized data model of all data and identity relationships. User reports may be generated showing all privileges and data to which a particular identity has access. Similarly, data reports shown all entities having access to an asset can be generated.

Abstract: A network-accessible service provides an enterprise with a view of all identity and data activity in the enterprise's cloud accounts. The service enables distinct cloud provider management models to be normalized with centralized analytics and views across large numbers of cloud accounts. The service enables an enterprise to model all activity and relationships across cloud vendors, accounts and third party stores. Display views of this information preferably can pivot on cloud provider, country, cloud accounts, application or data store. Using a domain-specific query language, the system enables rapid interrogation of a complete and centralized data model of all data and identity relationships. User reports may be generated showing all privileges and data to which a particular identity has access. Similarly, data reports shown all entities having access to an asset can be generated.

Abstract: A system for matching a system event to a rule is disclosed. The system includes a computer-readable data structure comprising a plurality of system event rules organizable as a partially ordered set. The system also includes a processor configured to analyze the computer-readable data structure to determine whether an event matches a description set of at least one rule from the plurality of system event rules. Methods and machine-readable mediums are also disclosed.

Abstract: A security incident manger includes events and network flows in the analysis of an attack to better identify the magnitude of the attack and how to handle the situation. The raw events are reported by monitored devices and the incident manager may request network flows from various devices corresponding to a raw event. The manager then assigns a variable score to the severity, the relevance and the credibility of the event to determine its next processing steps. Those events that appear to be a likely and effective attack are classified as offenses. Offenses are stored in order to provide additional data for evaluating future events and for building a “rap sheet” against repeat attackers and repeat events.

Abstract: A method of simulating network activities includes building a model of the network, the model including data retrieved over a predetermined period of time. The method further includes running a plurality of queries against the model to determine their impacts on the network.

Abstract: A system for matching a system event to a rule is disclosed. The system includes a computer-readable data structure comprising a plurality of system event rules organizable as a partially ordered set. The system also includes a processor configured to analyze the computer-readable data structure to determine whether an event matches a description set of at least one rule from the plurality of system event rules. Methods and machine-readable mediums are also disclosed.

Abstract: A method of simulating network activities includes building a model of the network, the model including data retrieved over a predetermined period of time. The method further includes running a plurality of queries against the model to determine their impacts on the network.

Abstract: The present invention provides a method of displaying an image on a display device having first and second sides, said image including an light restricting silhouette pattern having a plurality of first transparent or translucent areas, and at least one design layer having at least one color, said at least one design layer being visible from one side of said display device and substantially less visible from the other side, said image being substantially transparent or translucent as viewed from the other side, comprising the steps: 1) providing at least a definition of said design layer to a computer; 2) generating a computerized version of said design layer with the computer; 3) outputting the computerized version of said design layer to said display device, the computerized version of said design layer being modified to subdivide said design layer into a plurality of second discrete transparent or translucent areas and other areas, and 4) displaying said modified design layer and said silhouette pattern wi

Abstract: A security incident manger includes events and network flows in the analysis of an attack to better identify the magnitude of the attack and how to handle the situation. The raw events are reported by monitored devices and the incident manager may request network flows from various devices corresponding to a raw event. The manager then assigns a variable score to the severity, the relevance and the credibility of the event to determine its next processing steps. Those events that appear to be a likely and effective attack are classified as offenses. Offenses are stored in order to provide additional data for evaluating future events and for building a “rap sheet” against repeat attackers and repeat events.

Abstract: The present invention provides a method of displaying an image on a display device having first and second sides, said image including an light restricting silhouette pattern having a plurality of first transparent or translucent areas, and at least one design layer having at least one color, said at least one design layer being visible from one side of said display device and substantially less visible from the other side, said image being substantially transparent or translucent as viewed from the other side, comprising the steps: 1) providing at least a definition of said design layer to a computer; 2) generating a computerized version of said design layer with the computer; 3) outputting the computerized version of said design layer to said display device, the computerized version of said design layer being modified to subdivide said design layer into a plurality of second discrete transparent or translucent areas and other areas, and 4) displaying said modified design layer and said silhouette pattern wi

Abstract: Methods and apparatuses for the visualization of network traffic and permitting access thereto are provided. In one aspect of the invention, an illustrative method includes defining a plurality of views of network traffic for the classification of network traffic into the views. At least one of the views is a group view. In one example, the types of views include at least two of the following: network address, application, protocol, flow type, packet type, geographic region, ICMP type, slow scan, operating system, flag, remote host count, local host count, spoofing, fragments, service, sessions, response time, status, and user. In another example, network traffic is classified according to the composite views of various combinations of previously defined views. A master console permits users to access only the portion of the network for which the users is responsible. The permitted view does not show other parts of the network.

Abstract: An improved radio deployment tool (RDT) for determining cell boundaries is disclosed. An RDT used to carry-out active deployment procedures consists of an RDT wireless handset (RDTWH) that a deployment engineer uses to generate test signals, and an RDT base station (RDTBS) that is used to measure the RSSI of the test signals sent by the RDTWH. The RDTBS factors in the impact of short-term fades and dispersion, as well as long-term fading, by measuring and processing bit error rate (BER) and received signal strength intensity (RSSI) levels. BER levels can be measured for signals whose RSSI-levels have been driven into a testing range at which signals are susceptible to short-term fades and dispersion. A sufficient resolution of BER measurements is achieved by filling the payload fields of test packets exchanged by the RDTWH and RDTBS, with BER test data. The payload fields of the test packets can be filled by pressing down the mute button of the RDTWH.