Abstract: A system for analyzing an environment to identify a security risk in a process, comprising a model engine to generate a model of the environment using multiple components defining adjustable elements of the model and including components representing a patching process for the environment, a risk analyzer to calculate multiple randomized instances of an outcome for the environment using multiple values for parameters of the elements of the model selected from within respective predefined ranges for the parameters, and to use a results plan to provide data for identifying a security risk in the patching process using the multiple instances.

Abstract: A mapping system is provided that makes use of security data collected from various data sources. Following appropriate pre-processing, the mapping system analyses the security data to provide estimated values for parameters in a security model, the security model in turn being based on one or more mathematical representations.

Abstract: A security risk of a computer network is assessed by simulating a threat environment of the computer network, wherein the threat environment includes a vulnerability and a website, simulating a protection environment of the computer network and a computer system in the computer network, and simulating network activity of the computer system. The security risk of the computer network is assessed based at least in part on the simulated threat environment, the simulated protection environment, and the simulated network activity of the computer system.

Abstract: A system for analyzing a process, comprising a model engine to generate a model of the environment using multiple components defining adjustable elements of the model and including components representing a process for provisioning and de-provisioning of access credentials for an individual in the environment and a risk analyzer to calculate multiple randomized instances of an outcome for the environment using multiple values for parameters of the elements of the model selected from within respective predefined ranges for the parameters, and to use a results plan to provide data for identifying the security risk using the multiple instances.

Abstract: A security risk of a computer network is assessed by simulating a threat environment of the computer network, wherein the threat environment includes a vulnerability and a website, simulating a protection environment of the computer network and a computer system in the computer network, and simulating network activity of the computer system. The security risk of the computer network is assessed based at least in part on the simulated threat environment, the simulated protection environment, and the simulated network activity of the computer system.

Abstract: Information relating to an entity's objectives is received, a utility function based on the received objectives is derived, the utility function is compared with results from a number of simulated investment options, and the comparisons are presented to a user associated with the entity.

Abstract: A system for analyzing an environment to identify a security risk in a process, comprising a model engine to generate a model of the environment using multiple components defining adjustable elements of the model and including components representing a patching process for the environment, a risk analyzer to calculate multiple randomized instances of an outcome for the environment using multiple values for parameters of the elements of the model selected from within respective predefined ranges for the parameters, and to use a results plan to provide data for identifying a security risk in the patching process using the multiple instances.

Abstract: A system for analyzing an environment to identify a security risk, comprising a model engine to generate a model of the environment using multiple components defining adjustable elements of the model and a risk analyzer to calculate multiple randomized instances of an outcome for the environment using multiple values for parameters of the elements of the model selected from within respective predefined ranges for the parameters.

Abstract: A system for analyzing a process, comprising a model engine to generate a model of the environment using multiple components defining adjustable elements of the model and including components representing a process for provisioning and de-provisioning of access credentials for an individual in the environment and a risk analyzer to calculate multiple randomized instances of an outcome for the environment using multiple values for parameters of the elements of the model selected from within respective predefined ranges for the parameters, and to use a results plan to provide data for identifying the security risk using the multiple instances.

Abstract: A method of computer operating system data management comprising the steps of: (a) associating data management information with data input to a process (300); and (b) regulating operating system operations involving the data according to the data management information is provided (310). A computing platform (1) for operating system data management is also provided. Furthermore, a computer program including instructions configured to enable operating system data management, an operating system, and an operating system data management method and apparatus arranged to identify data having data management information associated therewith when that data is read into a memory space are provided.

Abstract: A method for analyzing risk to a system, the method being carried out by a computer having a processor and system memory, includes the steps of inputting data representing multiple threat objectives that comprise the risk, calculating a residual risk for each threat objective in view of a plurality of control mechanisms, and generating output representing an overall residual risk to the system that is a combination of the residual risks.

Abstract: A data handling apparatus (400) for a computer platform (1) using an operating system executing a process, the apparatus comprising a system call monitor (402) for detecting predetermined system calls, and means (402, 404, 406) for applying a data handling policy to the system call upon a predetermined system call being detected, whereby the data handling policy is applied for all system calls involving the writing of data outside the process. A corresponding method is disclosed.

Abstract: In one embodiment, a system or method pertain to accessing a model that comprises a computer-readable version of a standard or policy, identifying rules or requirements specified by the model that pertain to compliance with the standard or policy, and automatically generating questions relevant to the identified rules or requirements, the questions being intended to query intended respondents as to compliance with the identified rules or requirements.

Abstract: In one embodiment, a system and method pertain to receiving audit exceptions indicative of instances of noncompliance of an information system under evaluation relative to a policy or standard, identifying remediation recommendations that are relevant to the audit exceptions and that indicate how to correct conditions that caused the noncompliance, and providing the remediation recommendations to an entity responsible for correcting the conditions so as to provide information as to how the information system can be brought into compliance with the policy or standard.

Abstract: A method of monitoring compliance with a business process comprising the steps of: generating, from a record of the business process and further information not expressed explicitly within the record of the process, a canonical model of all processes of a given genre which are to be monitored; applying the canonical model to the process as recorded to generate a process-specific model in which specific process operations are expressed in canonical form; and measuring the performance of the process by generating reports, based on the algorithms contained within the process-specific model and data generated by actual performance of the process, thereby to indicate whether the process is compliant.

Abstract: A monitoring method and system for monitoring compliance of a policy in an IT infrastructure (150) are described. A modeling component (110) and an analysis system (110) are used. The modeling component (110) is arranged to model the policy and configure the analysis system in dependence on the model and the analysis system (100) is arranged to monitor aspects of the IT infrastructure (150) in dependence on the model.

Abstract: The present invention provides a document storage specification generator apparatus (2) for generating a storage specification (14) for a document (10), the document (10) having associated with it at least one storage label (12), the apparatus (2) comprising a storage specification template database (4) for determining storage specification templates according to storage labels associated with documents, a rules database (6) comprising rules for resolving conflicts between conflicting storage specification templates and a storage specification generator (8) for generating a storage specification (14) for the document (10) therefrom. A corresponding method, which may use specification fields, and appropriately programmed computer apparatus is also disclosed.

Abstract: A method of protecting a user's data comprises: a) wrapping data content to be sent to a third party computing platform in a compound software wrapper; b) interrogating the third party computing platform for compliance with a trusted platform specification; c) on successful interrogation of the third party computing platform, transmitting the data content wrapped in the compound wrapper to the third party computing platform; d) unwrapping the compound software wrapper on the third party computing platform; e) wherein the third party computing platform treats the data content in conformity with a compound policy forming part of the software wrapper which compound policy specifies how the data content may be used.

Abstract: A method of controlling access to data comprises: a) in a first platform wrapping selected data content and at least one information flow control policy in a software wrapper; b) interrogating a second platform for compliance with a trusted platform specification; c) on successful interrogation of the second platform, sending the wrapped data content to the second platform; and d) unwrapping the wrapped data content within the trusted environment of the second platform for use.

Abstract: A data handling apparatus (400) for a computer platform (1) using an operating system executing a process, the apparatus comprising a system call monitor (402) for detecting predetermined system calls, and means (402, 404, 406) for applying a data handling policy to the system call upon a predetermined system call being detected, whereby the data handling policy is applied for all system calls involving the writing of data outside the process. A corresponding method is disclosed.