Peter Makohon

The innovation disclosed and claimed herein, in one aspect thereof, comprises systems and methods of autonomous asset configuration modeling and management. The innovation includes probing elements of a networked architecture to compile information about elements in the networked architecture. The innovation learns a configuration for the at least one element in the environment based on the probing and determines vulnerabilities in the learned configuration. The innovation develops a threat… Show more

The innovation disclosed and claimed herein, in one aspect thereof, comprises systems and methods of autonomous asset configuration modeling and management. The innovation includes probing elements of a networked architecture to compile information about elements in the networked architecture. The innovation learns a configuration for the at least one element in the environment based on the probing and determines vulnerabilities in the learned configuration. The innovation develops a threat model based on the learned configuration. The innovation applies the threat model to the elements of the networked architecture and deploys a configuration that resolves the vulnerabilities based on the threat model to the elements in the networked architecture. The threat model can be developed over time using machine learning concepts and deep learning of data sources associated with the elements and vulnerabilities. Show less

In one or more embodiments, a first entity may create a profile by providing content via an interface or a first interface. A second entity may manage one or more aspects of the profile via a second interface. The amount of control the second entity has over one or more portions of the profile may be related to or based on content of the profile or a relationship between the first entity and the second entity. For example, the second entity may screen content of the profile from public view… Show more

In one or more embodiments, a first entity may create a profile by providing content via an interface or a first interface. A second entity may manage one or more aspects of the profile via a second interface. The amount of control the second entity has over one or more portions of the profile may be related to or based on content of the profile or a relationship between the first entity and the second entity. For example, the second entity may screen content of the profile from public view. Additionally, profiles may be searched internally within an organization or externally, such as for outsourcing or to provide vendors or clients with more customized solutions. In this manner, profile management is provided. Show less

The innovation disclosed and claimed herein, in one aspect thereof, comprises systems and methods of determining network segmentation. The innovation can search a network to determine a set of network entities, the network entities belonging to the network, and determine network factors of each network entity in the set of network entities. The innovation can evaluate each network factor and determine segmentation candidates based on the evaluation of each network factor. The innovation can… Show more

The innovation disclosed and claimed herein, in one aspect thereof, comprises systems and methods of determining network segmentation. The innovation can search a network to determine a set of network entities, the network entities belonging to the network, and determine network factors of each network entity in the set of network entities. The innovation can evaluate each network factor and determine segmentation candidates based on the evaluation of each network factor. The innovation can determine a risk ranking for each network factor for each network entity and aggregate each risk ranking into a segmentation score for each network entity. The innovation can determine a segmentation candidate when a network entity segmentation score satisfies a threshold score. The innovation can generate a sub-network that is part of the network for the segmentation candidate, and transfer the segmentation candidate to the sub-network. Show less

The innovation disclosed and claimed herein, in one aspect thereof, comprises systems and methods of eliminating blind spots in a network system. The systems and methods generate synthetic transactions across a network system and capture at least part of the generated synthetic transactions. The systems and methods determine parts of the synthetic transactions that were not captured and generate a logical security map of the network system based on the captured synthetic transactions. The… Show more

The innovation disclosed and claimed herein, in one aspect thereof, comprises systems and methods of eliminating blind spots in a network system. The systems and methods generate synthetic transactions across a network system and capture at least part of the generated synthetic transactions. The systems and methods determine parts of the synthetic transactions that were not captured and generate a logical security map of the network system based on the captured synthetic transactions. The systems and methods determine at least one blind spot in the logical security map of the network system and determine a solution to eliminate the at least one blind spot. The systems and methods implement the solution for the network system to eliminate the blind spot. Show less

The innovation disclosed and claimed herein, in one aspect thereof, comprises systems and methods of managing network entities. The innovation scans a network system to determine network entities, e.g. hardware devices and/or software applications. The innovation receives version information about hardware and software. The innovation compares version information to end-of-life information regarding the network entities. The innovation determines potential mitigating actions based on the… Show more

The innovation disclosed and claimed herein, in one aspect thereof, comprises systems and methods of managing network entities. The innovation scans a network system to determine network entities, e.g. hardware devices and/or software applications. The innovation receives version information about hardware and software. The innovation compares version information to end-of-life information regarding the network entities. The innovation determines potential mitigating actions based on the comparison and creates an end-of-schedule for managing vendor contracts with regards to end-of-life network entities. Show less

Provided is predictive modeling for anti-malware solutions. The predictive modeling includes an identification manager component that generates profile data for a hostile source. The hostile source is identified based on a previous threat attributed to the hostile source. The predictive modeling also includes an evaluation component that determines a characteristic of an interaction between a source and an endpoint. Further, the predictive modeling includes a validation component that compares… Show more

Provided is predictive modeling for anti-malware solutions. The predictive modeling includes an identification manager component that generates profile data for a hostile source. The hostile source is identified based on a previous threat attributed to the hostile source. The predictive modeling also includes an evaluation component that determines a characteristic of an interaction between a source and an endpoint. Further, the predictive modeling includes a validation component that compares the characteristic of the interaction with the profile data and controls access to the source by the endpoint based on the comparison. In addition, anti-malware software is not deployed on the endpoint. Show less

Provided are a universal software installer and/or uninstaller. The universal software installer determines a structure of the software to be installed and verifies all necessary software elements are applied or installed on the endpoint during the install. The universal software uninstaller determines a structure of the software to be uninstalled and verifies all related software elements are removed from the endpoint. The universal software installer and/or uninstaller is independent of an… Show more

Provided are a universal software installer and/or uninstaller. The universal software installer determines a structure of the software to be installed and verifies all necessary software elements are applied or installed on the endpoint during the install. The universal software uninstaller determines a structure of the software to be uninstalled and verifies all related software elements are removed from the endpoint. The universal software installer and/or uninstaller is independent of an operating system platform executing on the endpoint.
Show less

An electronic computing device obtains application source code to be tested. The application source code is automatically categorized into one or more hardware or software classifications. One or more tests are identified for the application source code based on the one or more hardware or software classifications. The one or more tests are run against the application source code. The one more tests are monitored as they are running Based on results from the one or more tests, a test score… Show more

An electronic computing device obtains application source code to be tested. The application source code is automatically categorized into one or more hardware or software classifications. One or more tests are identified for the application source code based on the one or more hardware or software classifications. The one or more tests are run against the application source code. The one more tests are monitored as they are running Based on results from the one or more tests, a test score representing a security risk of the application source code is automatically determined. A summary of the results from the one or more tests, including the test score, is visually displayed on the electronic computing device. Show less

Provided is authentication and authorization without the use of supplicants. Authentication and authorization includes generating a profile for a device based on at least one characteristic observed during a successful attempt by the device to access an 802.1X network infrastructure. Expected characteristics for a next attempt to access the infrastructure by the device are determined. A characteristic of the next access attempt is matched to the expected characteristic and access to the network… Show more

Provided is authentication and authorization without the use of supplicants. Authentication and authorization includes generating a profile for a device based on at least one characteristic observed during a successful attempt by the device to access an 802.1X network infrastructure. Expected characteristics for a next attempt to access the infrastructure by the device are determined. A characteristic of the next access attempt is matched to the expected characteristic and access to the network is selectively controlled as a result of the matching. This is achieved without a supplicant being installed on the device. Show less

Systems and methods provide for a situational awareness and perimeter protection orchestration system to determine when network attacks are occurring or are about to occur, and provide tools and services to mitigate the attacks. The attacks can be denial of service attacks or distributed denial of service attacks or other types of attacks designed to disable and degrade a network. The dashboard can collect intelligence on what is happening on the network, and also streams of information from… Show more

Systems and methods provide for a situational awareness and perimeter protection orchestration system to determine when network attacks are occurring or are about to occur, and provide tools and services to mitigate the attacks. The attacks can be denial of service attacks or distributed denial of service attacks or other types of attacks designed to disable and degrade a network. The dashboard can collect intelligence on what is happening on the network, and also streams of information from third parties that can be used to predict imminent network attacks. The dashboard can also determine what tools and services are available to the network operator in order to counteract the attacks. Show less

Systems and methods that facilitate operational support for network infrastructures are discussed. The disclosed system and method facilitate a unified view of the current state of the network and networked devices including real-time log monitoring and for providing metrics for long term system planning. One such method can include the acts of automatically discovering a device deployed on a network, receiving device and network related data in real-time, determining whether a device is… Show more

Systems and methods that facilitate operational support for network infrastructures are discussed. The disclosed system and method facilitate a unified view of the current state of the network and networked devices including real-time log monitoring and for providing metrics for long term system planning. One such method can include the acts of automatically discovering a device deployed on a network, receiving device and network related data in real-time, determining whether a device is authorized, terminating device network access, filtering device data, validating device configuration, configuring a device and providing an output for use by a user. The disclosed system and method can be utilized, for example, to reduce the time involved in troubleshooting and resolving network issues, for establishing a baseline for network performance and for network capacity planning. Show less