Enhanced system, method and medium for certifying and accrediting requirements compliance utilizing robust risk assessment model
원문보기
IPC분류정보
국가/구분
United States(US) Patent
등록
국제특허분류(IPC7판)
G06F-017/18
G06F-011/00
출원번호
US-0304825
(2002-11-27)
발명자
/ 주소
Tracy,Richard P.
Barrett,Hugh
Catlin,Gary M.
출원인 / 주소
Telos Corporation
대리인 / 주소
Cooley Godward LLP
인용정보
피인용 횟수 :
34인용 특허 :
35
초록▼
A computer-assisted system, medium and method of providing a risk assessment of a target system. The method includes providing one or more test requirements categories, associating one or more first data elements with each requirements category, associating one or more second data elements with a de
A computer-assisted system, medium and method of providing a risk assessment of a target system. The method includes providing one or more test requirements categories, associating one or more first data elements with each requirements category, associating one or more second data elements with a degree of exposure of the target system to the one or more threats, comparing the first data elements to the second data elements to determine, based on predetermined rules, composite data elements for each requirements category; and selecting, based upon predetermined rules, a level of risk of the composite data elements as a baseline risk level for each requirements category.
대표청구항▼
Having thus described our invention, what we claim as new and desire to secure by Letters Patent is as follows: 1. A method, comprising: associating at least one first data element uniquely with at least one requirement category, each first data element from the at least one first data element repr
Having thus described our invention, what we claim as new and desire to secure by Letters Patent is as follows: 1. A method, comprising: associating at least one first data element uniquely with at least one requirement category, each first data element from the at least one first data element representing a potential of a vulnerability that could be used to exploit a target system; associating at least one second data element uniquely with a degree of exposure of the target system to a threat associated with the vulnerability of the target system; comparing the at least one first data element to the at least one second data element; determining, based on predetermined rules, at least one composite data element for each requirement category from the at least one requirement category; and determining a baseline risk level for each requirement category from the at least one requirement category, the baseline risk level for each requirement category being based on a level of risk of the composite data element associated with that requirement category. 2. The method of claim 1, wherein each baseline risk level is selected from the group of: high, medium-high, medium, medium-low, low and negligible. 3. The method of claim 1, wherein the baseline risk level for each requirement category from the at least one requirement category is selected from the group of: high, medium-high, medium, medium-low, low and negligible, each baseline risk level being determined by at least one of the following: assigning a baseline risk level of negligible if: a threat level of the requirement category is negligible and a corresponding project threat level is negligible, low, medium-low, or medium; a threat level of the requirement category is low and a corresponding project threat level is negligible; a threat level of the requirement category is medium-low and a corresponding project threat level is negligible; or a threat level of the requirement category is medium and a corresponding project threat level is negligible; assigning a baseline risk level of low if: a threat level of the requirement category is negligible and a corresponding project threat level is medium-high or high; a threat level of the requirement category is low and a corresponding project threat level is medium-low or low; a threat level of the requirement category is medium-low and a corresponding project threat level is low or medium-low; a threat level of the requirement category is medium and a corresponding project threat level is low; a threat level of the requirement category is medium-high and a corresponding project threat level is negligible; or a threat level of the requirement category is high and a corresponding project threat level is negligible; assigning a baseline risk level of medium-low if: a threat level of the requirement category is low and a corresponding project threat level is medium or medium-high; a threat level of the requirement category is medium-low and a corresponding project threat level is medium; a threat level of the requirement category is medium and a corresponding project threat level is medium-low; or a threat level of the requirement category is medium-high and a corresponding project threat level is low; assigning a baseline risk level of medium if: a threat level of the requirement category is low and a corresponding project threat level is high; a threat level of the requirement category is medium-low and a corresponding project threat level is medium-high; a threat level of the requirement category is medium and a corresponding project threat level is medium; a threat level of the requirement category is medium-high and a corresponding project threat level is medium-low; or a threat level of the requirement category is high and a corresponding project threat level is low or medium-low; assigning a baseline risk level of medium-high if: a threat level of the requirement category is medium-low and a corresponding project threat level is high; a threat level of the requirement category is medium and a corresponding project threat level is medium-high; a threat level of the requirement category is medium-high and a corresponding project threat level is medium; or a threat level of the requirement category is high and a corresponding project threat level is low or medium; and assigning a baseline risk level of high if: a threat level of the requirement category is medium and a corresponding project threat level is high; a threat level of the requirement category is medium-high and a corresponding project threat level is medium-high or high; or a threat level of the requirement category is high and a corresponding project threat level is medium-high or high. 4. The method of claim 3, further comprising: determining an adjusted risk level for the at least one requirement category. 5. The method of claim 4, wherein the adjusted risk level is selected from the group of: high, medium-high, medium, medium-low, low, and negligible. 6. The method of claim 5, further comprising: decreasing the risk level of the requirement category two levels when a percentage of failed requirements falls within a first range, and the baseline risk level is one of high, medium-high, medium, and medium-low. 7. The method of claim 6, wherein the first range includes approximately zero to approximately twenty percent. 8. The method of claim 5, further comprising: decreasing the risk level of the requirement category one level when the percentage of failed requirements falls within a first range, and an initial baseline risk level is low. 9. The method of claim 8, wherein the first range includes approximately zero to approximately twenty percent. 10. The method of claim 5, further comprising; decreasing the risk level of the requirement category one level when a percentage of failed requirements falls within a second range, and an initial baseline risk level is one of high, medium-high, medium, medium-low and low. 11. The method of claim 10, wherein the second range includes approximately twenty percent to approximately forty percent. 12. The method of claim 5, further comprising: maintaining the risk level of the requirement category at a current level when a percentage of failed requirements falls within a third range, and an initial baseline risk level is one of high, medium-high, medium, medium-low, low and negligible. 13. The method of claim 12, wherein the third range includes approximately forty percent to approximately sixty percent. 14. The method of claim 5, further comprising: increasing the risk level of the requirement category one level when a percentage of failed requirements falls within a fourth range, and an initial baseline risk level is one of medium-high, medium, medium-low, low and negligible. 15. The method of claim 14, wherein the fourth range includes approximately sixty percent to approximately eighty percent. 16. The method of claim 5, further comprising: increase the risk level of the requirement category two levels when the percentage of failed requirements falls within a fifth range, and an initial baseline risk level is one of medium, medium-low, low and negligible. 17. The method of claim 16, wherein the fifth range includes approximately eighty percent to approximately one hundred percent. 18. The method of claim 5, further comprising: decreasing the risk level of the requirement category when a percentage of failed requirements falls within a first range, and an initial baseline risk level is one of high, medium-high, medium, and medium-low; decreasing the risk level of the requirement category one level when a percentage of failed requirements falls within a first range, and the initial baseline risk level is low; decreasing the risk level of the requirement category one level when a percentage of failed requirements falls within a second range, and the initial baseline risk level is one of high, medium-high, medium, medium-low and low; maintaining the risk level of the requirement category at a current level when a percentage of failed requirements falls within a third range, and the initial baseline risk level is one of high, medium-high, medium, medium-low, low and negligible; increasing a risk level of the requirement category one level when a percentage of failed requirements falls within a fourth range, and the initial baseline risk level is one of medium-high, medium, medium-low, low and negligible; increasing a risk level of the requirement category two levels when a percentage of failed requirements falls within a fifth range, and the initial baseline risk level is one of medium, medium-low, low and negligible; and increasing a risk level of the requirement category one level when a percentage of failed requirements falls within a fifth range, and the initial baseline risk level is medium-high. 19. The method of claim 18, further comprising: assigning the target system a risk having a risk level that is the highest risk level among any of the requirement categories. 20. The method of claim 19, further comprising: printing a documentation package indicative of target system resistance to at least one threat. 21. The method of claim 1, wherein the vulnerability includes at least one of natural disaster, system failure, environmental failure, unintentional human, and intentional human threats. 22. The method of claim 21, wherein the natural disaster vulnerability includes at least one of fire, flood, earthquake, volcano, tornado and lighting. 23. The method of claim 21, wherein the system failure vulnerability includes at least one of a hardware failure, a power failure, and a communication link failure. 24. The method of claim 21, wherein the environmental failure vulnerability includes at least one of temperature, power, humidity, sand, dust, shock, and vibration. 25. The method of claim 21, wherein the human unintentional vulnerability includes at least one of a software design error, a system design error, and an operator error. 26. The method of claim 21, wherein the human intentional vulnerability includes at least one of an authorized system administrator, an authorized maintenance personnel, an authorized user, a terrorist, a hacker, a saboteur, a thief, and a vandal. 27. The method of claim 1, wherein the first data elements and the second data elements comprise strings. 28. The method of claim 1, wherein the highest threat level among the data elements is selected as the baseline risk level for each requirement category. 29. A system, comprising: at least one data repository configured to store at least one requirement category and information about potential vulnerabilities, the at least one data repository being further configured to store predetermined rules configured to be used in determining risk levels; a processor in communication with the at least one data repository, the processor configured to associate at least one first data element uniquely with the at least one requirement category, each first data element from the at least one first data element representing a potential of a vulnerability that could be used to exploit a target system, the processor being configured to associate at least one second data element uniquely with a degree of exposure of the target system to the a threat associated with the vulnerability of the target system, the processor being configured to compare the at least one first data element to the at least one second data element, the processor being configured to determine, based on predetermined rules, at least one composite data element for each requirement category from the at least one requirement category, the processor being further configured to determine a baseline risk level for each requirement category from the at least one requirement category, the baseline risk level for each requirement category being based on a level of risk of the composite data element associated with that requirement category. 30. The system of claim 29, wherein the processor is configured to select each baseline risk level from the group of high, medium-high, medium, medium-low, low and negligible. 31. The system of claim 30, wherein the processor is configured to determine an overall risk of the at least one composite data element by: assigning a risk as negligible if: a threat level of the requirement category is negligible and a corresponding project threat level is negligible, low, medium-low, or medium; a threat level of the requirement category is low and a corresponding project threat level is negligible; a threat level of the requirement category is medium-low and a corresponding project threat level is negligible; or a threat level of the requirement category is medium and a corresponding project threat level is negligible; assigning a risk as low if: a threat level of the requirement category is negligible and a corresponding project threat level is medium-high or high; a threat level of the requirement category is low and a corresponding project threat level is medium-low or low; a threat level of the requirement category is medium-low and a corresponding project threat level is low or medium-low; a threat level of the requirement category is medium and a corresponding project threat level is low; a threat level of the requirement category is medium-high and a corresponding project threat level is negligible; or a threat level of the requirement category is high and a corresponding project threat level is negligible; assigning a risk as medium-low if: a threat level of the requirement category is low and a corresponding project threat level is medium or medium-high; a threat level of the requirement category is medium-low and a corresponding project threat level is medium; a threat level of the requirement category is medium and a corresponding project threat level is medium-low; or a threat level of the requirement category is medium-high and a corresponding project threat level is low; assigning a risk as medium if: a threat level of the requirement category is low and a corresponding project threat level is high; a threat level of the requirement category is medium-low and a corresponding project threat level is medium-high; a threat level of the requirement category is medium and a corresponding project threat level is medium; a threat level of the requirement category is medium-high and a corresponding project threat level is medium-low; or a threat level of the requirement category is high and a corresponding project threat level is low or medium-low; assigning a risk as medium-high if: a threat level of the requirement category is medium-low and a corresponding project threat level is high a threat level of the requirement category is medium and a corresponding project threat level is medium-high; a threat level of the requirement category is medium-high and a corresponding project threat level is medium; or a threat level of the requirement category is high and a corresponding project threat level is low or medium; and assigning a risk as high if: a threat level of the requirement category is medium and a corresponding project threat level is high; a threat level of the requirement category is medium-high and a corresponding project threat level is medium-high or high; or a threat level of the requirement category is high and a corresponding project threat level is medium-high or high. 32. The system of claim 31, wherein the processor is further configured to determine an adjusted risk level for the at least one requirement category. 33. The system of claim 32, wherein the processor is configured to select the adjusted risk level from the group of: high, medium-high, medium, medium-low, low, and negligible. 34. The system of claim 33, wherein the processor is configured to decrease the risk level of the requirement category by two levels if a percentage of failed requirements falls within a first range and the baseline risk level is one of high, medium-high, medium, and medium-low. 35. The system of claim 34, wherein the first range includes approximately zero to twenty percent. 36. The system of claim 33, wherein the processor is configured to decrease the risk level of the requirement category by one level if the percentage of failed requirements falls within a first range and an initial baseline risk level is low. 37. The system of claim 36, wherein the first range includes approximately zero to twenty percent. 38. The system of claim 33, wherein the processor is configured to decrease the risk level of the requirement category by one level if a percentage of failed requirements falls within a second range and an initial baseline risk level is one of high, medium-high, medium, medium-low and low. 39. The system of claim 38, wherein the second range includes approximately twenty percent to forty percent. 40. The system of claim 33, wherein the processor is configured to maintain the risk level of the requirement category the same if a percentage of failed requirements falls within a third range and an initial baseline risk level is one of high, medium-high, medium, medium-low, low and negligible. 41. The system of claim 40, wherein the third range includes approximately forty percent to sixty percent. 42. The system of claim 33, wherein the processor is configured to increase the risk level of the requirement category by one level if a percentage of failed requirements falls within a fourth range, and an initial baseline risk level is one of medium-high, medium, medium-low, low and negligible. 43. The system of claim 42, wherein the fourth range includes approximately sixty percent to eighty percent. 44. The system of claim 33, wherein the processor is configured to increase the risk level of the requirement category by two levels when the percentage of failed requirements falls within a fifth range, and an initial baseline risk level is one of medium, medium-low, low and negligible. 45. The system of claim 44, wherein the fifth range includes approximately eighty percent to one hundred percent. 46. The system of claim 33, wherein the processor is configured to cause a documentation package to be printed, the documentation package being indicative of target system resistance to one or more threats. 47. The system of claim 29, wherein the first data elements and the second data elements comprise strings. 48. The system of claim 29, wherein the highest threat level among the data elements is selected as the baseline risk level for each requirement category. 49. A processor-readable medium comprising code representing instructions to cause a processor to: associate at least one first data element uniquely with at least one requirement category, each first data element from the at least one first data element representing a potential of a vulnerability that could be used to exploit a target system; associate at least one second data element uniquely with the vulnerability of the target system; compare the at least one first data element to the at least one second data element; determine, based on predetermined rules, at least one composite data element for each requirement category from the at least one requirement category; and determine a baseline risk level for each requirement category from the at least one requirement category, the baseline risk level for each requirement category being based on a level of risk of the composite data element associated with that requirement category. 50. The processor-readable medium of claim 49, wherein the baseline risk levels comprise high, medium-high, medium, medium-low, low and negligible. 51. The processor-readable medium of claim 50, wherein the code representing instructions to determine a baseline risk level for a requirement category is configured to determine an overall risk of each of the at least one composite data element by: assigning a risk as negligible if: a threat level of the requirement category is negligible and a corresponding project threat level is negligible, low, medium-low, or medium; a threat level of the requirement category is low and a corresponding project threat level is negligible; a threat level of the requirement category is medium-low and a corresponding project threat level is negligible; or a threat level of the requirement category is medium and a corresponding project threat level is negligible; assigning a risk as low if: a threat level of the requirement category is negligible and a corresponding project threat level is medium-high or high; a threat level of the requirement category is low and a corresponding project threat level is medium-low or low; a threat level of the requirement category is medium-low and a corresponding project threat level is low or medium-low; a threat level of the requirement category is medium and a corresponding project threat level is low; a threat level of the requirement category is medium-high and a corresponding project threat level is negligible; or a threat level of the requirement category is high and a corresponding project threat level is negligible; assigning a risk as medium-low if: a threat level of the requirement category is low and a corresponding project threat level is medium or medium-high; a threat level of the requirement category is medium-low and a corresponding project threat level is medium; a threat level of the requirement category is medium and a corresponding project threat level is medium-low; or a threat level of the requirement category is medium-high and a corresponding project threat level is low; assigning a risk as medium if: a threat level of the requirement category is low and a corresponding project threat level is high; a threat level of the requirement category is medium-low and a corresponding project threat level is medium-high; a threat level of the requirement category is medium and a corresponding project threat level is medium; a threat level of the requirement category is medium-high and a corresponding project threat level is medium-low; or a threat level of the requirement category is high and a corresponding project threat level is low or medium-low; assigning a risk as medium-high if: a threat level of the requirement category is medium-low and a corresponding project threat level is high; a threat level of the requirement category is medium and a corresponding project threat level is medium-high; a threat level of the requirement category is medium-high and a corresponding project threat level is medium; or a threat level of the requirement category is high and a corresponding project threat level is low or medium; and assigning a risk as high if: a threat level of the requirement category is medium and a corresponding project threat level is high; a threat level of the requirement category is medium-high and a corresponding project threat level is medium-high or high; or a threat level of the requirement category is high and a corresponding project threat level is medium-high or high. 52. The processor-readable medium of claim 51, further comprising code representing instructions to cause a processor to determine an adjusted risk level for at least one requirement category. 53. The processor-readable medium of claim 52, wherein the adjusted risk level is selected from a group of: high, medium-high, medium, medium-low, low, and negligible. 54. The processor-readable medium of claim 53, wherein the code representing instructions is configured to cause a processor to decrease the risk level of the requirement category by two levels if a percentage of failed requirements falls within a first range and the baseline risk level is selected from one of high, medium-high, medium, and medium-low. 55. The processor-readable medium of claim 54, wherein the first range includes approximately zero to twenty percent. 56. The processor-readable medium of claim 53, wherein the code representing instructions is configured to cause a processor to decrease the risk level of the requirement category by one level if the percentage of failed requirements falls within a first range and an initial baseline risk level is low. 57. The processor-readable medium of claim 56, wherein the first range includes approximately zero to twenty percent. 58. The processor-readable medium of claim 53, wherein the code representing instructions is configured to cause a processor to decrease the risk level of the requirement category by one level if a percentage of failed requirements falls within a second range and an initial baseline risk level is one of high, medium-high, medium, medium-low and low. 59. The processor-readable medium of claim 58, wherein the second range includes approximately twenty percent to forty percent. 60. The processor-readable medium of claim 53, wherein the code representing instructions is configured to cause a processor to maintain the risk level of the requirement category the same if a percentage of failed requirements falls within a third range, and an initial baseline risk level is one of high, medium-high, medium, medium-low, low and negligible, the risk level of the requirement category remains the same. 61. The processor-readable medium of claim 60, wherein the third range includes approximately forty percent to sixty percent. 62. The processor-readable medium of claim 53, wherein the code representing instructions is configured to cause a processor to increase the risk level of the requirement category by one level if a percentage of failed requirements falls within a fourth range and an initial baseline risk level is one of medium-high, medium, medium-low, low and negligible. 63. The processor-readable medium of claim 62, wherein the fourth range includes approximately sixty percent to eighty percent. 64. The processor-readable medium of claim 53, wherein the code representing instructions is configured to cause a processor to increase the risk level of the requirement category by two levels if the percentage of failed requirements falls within a fifth range, and an initial baseline risk level is one of medium, medium-low, low and negligible. 65. The processor-readable medium of claim 64, wherein the fifth range includes approximately eighty percent to one hundred percent. 66. The processor-readable medium of claim 52, further comprising code representing instructions to cause a processor to determine the target system risk as the highest level of risk among any of the requirement categories. 67. The processor-readable medium of claim 66, further comprising code representing instructions to cause a processor to facilitate printing a documentation package indicative of target system resistance any threats associated with the vulnerability of the target system. 68. The processor-readable medium of claim 49, wherein the first data elements and the second data elements comprise strings. 69. The processor-readable medium of claim 49, wherein the highest threat level among the data elements is selected as the baseline risk level for each requirement category. 70. A device, comprising: at least one memory area; and at least one processor, the processor being configured to associate at least one first data element uniquely with at least one requirement category, each first data element from the at least one first data element representing a potential of a vulnerability that could be used to exploit a target system, the processor being configured to associate at least one second data element uniquely with a degree of exposure of the target system to a threat associated with the vulnerability of the target system, the processor being configured to compare the at least one first data element to the at least one second data element, the processor being configured to determine, based on predetermined rules, at least one composite data element for each requirement category from the at least one requirement category, the processor being further configured to determine a baseline risk level for each requirement category from the at least one requirement category, the baseline risk level for each requirement category being based on a level of risk of the composite data element associated with that requirement category. 71. The device of claim 70, wherein the device is configured to enable selection of at least one technique from a plurality of predefined techniques, the device being configured to create a tailored sequence of techniques from the selected at least one technique, the tailored sequence of techniques being configured to assess a risk associated with the target system at least partially based on the compliance of the target system at least one of a predefined standard, a regulation and a requirement.
연구과제 타임라인
LOADING...
LOADING...
LOADING...
LOADING...
LOADING...
이 특허에 인용된 특허 (35)
Steinmetz Michael J. ; Kirst Michael E., Automated diagnostic system.
Hecht Matthew S. (Potomac MD) Johri Abhai (Gaithersburg MD) Wei Tsung T. (Gaithersburg MD) Steves Douglas H. (Austin TX), Distributed security auditing subsystem for an operating system.
Lermuzeaux Jean-Marc (St Michel sur Orge FRX) Emery Thierry (St Germain les Arpajon FRX) Gonthier Patrice (Antony FRX), Facility for detecting intruders and suspect callers in a computer installation and a security system including such a f.
Jones Wendell Davis ; Aud Stephen J. ; Hudepohl John P. ; Flournory Martin L. ; Snipes William B. ; Schutz Eric C., Method and system for dynamic risk assessment of software systems.
Brandwajn Vladimir (San Jose CA) Ipakchi Ali (San Carlos CA) Kumar A. B. Ranjit (Cupertino CA) Cauley Gerald W. (San Jose CA), Neural network for contingency ranking dynamic security indices for use under fault conditions in a power distribution s.
Grimm Robert ; Bershad Brian N., Process for transparently enforcing protection domains and access control as well as auditing operations in software components.
Kodosky Jeffrey L. ; Andrade Hugo ; Odom Brian K. ; Butler Cary P., System and method for configuring an instrument to perform measurement functions utilizing conversion of graphical programs into hardware implementations.
Testa Louis C. ; Geiger Susan P., System and method for generating test program code simultaneously with data produced by ATPG or simulation pattern capture program.
Davis James W. ; Du Weimin ; Shan Ming-Chien, System and method for performing flexible workflow process compensation in a distributed workflow management system.
Devanbu Premkumar Thomas ; Stubblebine Stuart Gerald, System and method for providing assurance to a host that a piece of software possesses a particular property.
Gleichauf Robert ; Shanklin Steven, System and method for real-time insertion of data into a multi-dimensional database for network intrusion detection and vulnerability assessment.
Michael F. Guheen ; James D. Mitchell ; James J. Barrese, System for establishing plan to test components of web based framework by displaying pictorial representation and conveying indicia coded components of existing network framework.
Magdych, James S.; Rahmanovic, Tarik; McDonald, John R.; Tellier, Brock E., System, method and computer program product for risk assessment scanning based on detected anomalous events.
Ginter Karl L. ; Shear Victor H. ; Sibert W. Olin ; Spahn Francis J. ; Van Wie David M., Systems and methods for secure transaction management and electronic rights protection.
Karl L. Ginter ; Victor H. Shear ; Francis J. Spahn ; David M. Van Wie, Systems and methods for secure transaction management and electronic rights protection.
Shrader Theodore Jack London ; Ault Michael Bradford ; Child Garry L. ; Plassmann Ernst Robert ; Rich Bruce Arland ; Soper Davis Kent, Web client scripting test architecture for web server-based authentication.
Barday, Kabir A.; Brannon, Jonathan Blake, Data processing systems and communications systems and methods for integrating privacy compliance systems with software development and agile tools for privacy design.
Barday, Kabir A., Data processing systems and methods for integrating privacy information management systems with data loss prevention tools or other tools for privacy design.
Barday, Kabir A., Data processing systems and methods for performing privacy assessments and monitoring of new versions of computer code for privacy compliance.
Barday, Kabir A., Data processing systems and methods for performing privacy assessments and monitoring of new versions of computer code for privacy compliance.
Barday, Kabir A.; Sabourin, Jason L.; Brannon, Jonathan Blake; Karanjkar, Mihir S.; Jones, Kevin, Data processing systems for fulfilling data subject access requests and related methods.
Barday, Kabir A.; Karanjkar, Mihir S.; Finch, Steven W.; Browne, Ken A.; Heard, Nathan W.; Patel, Aakash H.; Sabourin, Jason L.; Daniel, Richard L.; Patton-Kuhl, Dylan D.; Brannon, Jonathan Blake, Data processing systems for generating and populating a data inventory.
Barday, Kabir A.; Karanjkar, Mihir S.; Finch, Steven W.; Browne, Ken A.; Heard, Nathan W.; Patel, Aakash H.; Sabourin, Jason L.; Daniel, Richard L.; Patton-Kuhl, Dylan D.; Brannon, Jonathan Blake, Data processing systems for generating and populating a data inventory for processing data access requests.
Barday, Kabir A.; Sabourin, Jason L.; Brannon, Jonathan Blake; Karanjkar, Mihir S.; Jones, Kevin, Data processing systems for prioritizing data subject access requests for fulfillment and related methods.
Chakravarty, Dipto; Choudhary, Usman; Gassner, John Paul; Pellegrino, Frank Anthony; Weiner, William Matthew; Fuksenko, Yuriy; Price, Robert, Event source management using a metadata-driven framework.
Chakravarty, Dipto; Choudhary, Usman; Gassner, John Paul; Pellegrino, Frank Anthony; Weiner, William Matthew; Fuksenko, Yuriy; Price, Robert, Event source management using a metadata-driven framework.
Ahmed, Mohamed N.; Baughman, Aaron K.; Behnken, John F.; Marzorati, Mauro, Forecasting and classifying cyber-attacks using neural embeddings based on pattern of life data.
Ahmed, Mohamed N.; Baughman, Aaron K.; Behnken, John F.; Marzorati, Mauro, Forecasting and classifying cyber-attacks using neural embeddings based on pattern of life data.
Choudhary, Usman; Antony, John Melvin; Cooper, Michael Howard; Srinivasan, Pattabiraman, System and method for auditing governance, risk, and compliance using a pluggable correlation architecture.
Chakravarty, Dipto; Choudhary, Usman; Antony, John Melvin; Cooper, Michael Howard; Arrington, Jason Lee; Witt, Cheryl, System and method for correlating events in a pluggable correlation architecture.
Cobb, Richard M.; Elliott, Steven J.; Garrity, III, Thomas; Boccasam, Prashanth V.; Matteson, Silas S., System and method for managing controls within a heterogeneous enterprise environment.
※ AI-Helper는 부적절한 답변을 할 수 있습니다.