Systems and methods for detecting suspicious malware by analyzing data such as transfer protocol data or logs from a host within an enterprise is provided. The systems and methods include a database for storing current data and historical data obtained from the network and a detection module and an optional display. The embodiments herein extract information from non-encrypted transfer protocol metadata, determine a plurality of features, utilize an outlier detection model that is based on historical behaviors, calculate a suspiciousness score, and create alerts for analysis by users when the score exceeds a threshold. In doing so, the systems and methods of the present invention improve the ability to identify suspicious outliers or potential malware on an iterative basis over time.
According to the present disclosure, network security systems (e.g., network security algorithms) may uniquely identify an underlying algorithm and configuration used to produce domain names. For instance, network security techniques described herein may consider a collection of fully-qualified domain names (FQDNs) (e.g., taken from related network traffic data) and produce a value that can serve to uniquely identify the underlying generating algorithm and configuration used to produce the collection of FQDNs. In some examples, such may include implementation of statistical techniques to capture characteristic information about the amount of randomness, length, and distribution of characters in the collection of FQDNs. In some aspects, values of the characteristic information are adjusted based on a determined set of precision parameters. In some aspects, a single value may be produced, which can then be stored for later use in comparing with other values produced from some subsequent collection of FQDNs.
Methods and systems for a network of computing devices are described. Embodiments of the present disclosure include a pipeline system that may be configured to identify a plurality of leads from amongst the computing devices by comparing data received from the computing devices to soft fingerprints. In some cases, the pipeline system may perform probing each of the plurality of leads using an emulator, and generating a threat indicator in response to the probing. Next, the pipeline system may enrich the plurality of leads in response to probing each of the plurality of leads and appending enrichment data to the threat indicator. The threat indicator and the enrichment data may be subsequently transferred to update a search cluster.
System and methods for cross-domain training and updating of models to perform classification and scoring of network data/traffic are described. Information used to build deep machine learning models about traffic in one domain is used to improve the modeling in another domain. By using cross-domain learning, labeled data from another domain can be used to improve the detection rate and false positive rate of an analytic model in another domain. Because of the construction of the models, and because the models, and not the data are transferred, there is no disclosure of personally identifiable or otherwise restricted information.
Systems and techniques for detecting advertising fraudulent traffic, or invalid traffic, by correlating advertising traffic with cyber network defense events are described. For example, described techniques include querying cyber network traffic events, querying the metadata returned by the tag script placed in the displayed advertisement, and correlating times, internet protocol (IP) addresses, publisher domains, and referrer domains with domains and IP addresses flagged by network cyber security events.
Systems and methods for recording information at a granular level; checking and verifying that data is used and processed is consistent with an entity's internal policies and/or external regulations; and producing reports to authorized users (e.g., individuals and organizations) with information are provided. The system and methods capture required data in an immutable fashion so that users outside of an entity (e.g., public, third parties) can check and audit that internal policies and other regulatory policies and frameworks are followed.
G06F 3/06 - Entrée numérique à partir de, ou sortie numérique vers des supports d'enregistrement
H04L 9/06 - Dispositions pour les communications secrètes ou protégéesProtocoles réseaux de sécurité l'appareil de chiffrement utilisant des registres à décalage ou des mémoires pour le codage par blocs, p. ex. système DES
G06F 21/62 - Protection de l’accès à des données via une plate-forme, p. ex. par clés ou règles de contrôle de l’accès
G06N 5/025 - Extraction de règles à partir de données
7.
AUTOMATIC IDENTIFICATION OF ALGORITHMICALLY GENERATED DOMAIN FAMILIES
According to the present disclosure, network security systems (e.g., network security algorithms) may uniquely identify an underlying algorithm and configuration used to produce domain names. For instance, network security techniques described herein may consider a collection of fully-qualified domain names (FQDNs) (e.g., taken from related network traffic data) and produce a value that can serve to uniquely identify the underlying generating algorithm and configuration used to produce the collection of FQDNs. In some examples, such may include implementation of statistical techniques to capture characteristic information about the amount of randomness, length, and distribution of characters in the collection of FQDNs. In some aspects, values of the characteristic information are adjusted based on a determined set of precision parameters. In some aspects, a single value may be produced, which can then be stored for later use in comparing with other values produced from some subsequent collection of FQDNs.
H04L 61/4511 - Répertoires de réseauCorrespondance nom-adresse en utilisant des répertoires normalisésRépertoires de réseauCorrespondance nom-adresse en utilisant des protocoles normalisés d'accès aux répertoires en utilisant le système de noms de domaine [DNS]
According to the present disclosure, network security systems (e.g., network security algorithms) may uniquely identify an underlying algorithm and configuration used to produce domain names. For instance, network security techniques described herein may consider a collection of fully-qualified domain names (FQDNs) (e.g., taken from related network traffic data) and produce a value that can serve to uniquely identify the underlying generating algorithm and configuration used to produce the collection of FQDNs. In some examples, such may include implementation of statistical techniques to capture characteristic information about the amount of randomness, length, and distribution of characters in the collection of FQDNs. In some aspects, values of the characteristic information are adjusted based on a determined set of precision parameters. In some aspects, a single value may be produced, which can then be stored for later use in comparing with other values produced from some subsequent collection of FQDNs.
Systems and methods for detecting anomalous and malicious URL's by analyzing markup language structure, such as HTML, are provided. The systems and methods include the querying of a URL to obtain the markup language data. The markup language data their corresponding elements and their locations rows/depths are parsed into coordinates within a 2-dimensional grid and then processed into features. A color is assigned to each feature as a function of the type of feature. The three dimensions (x, y coordinates and color coordinate) of the features are used to generate an image. The generated images are then compressed to facilitate processing. The compressed images of common websites are analyzed using deep machine learning algorithms to generate a model that represents their structure. These generated models are then used to detect suspicious and/or anomalous websites.
Systems and methods for detecting suspicious malware by analyzing data such as transfer protocol data or logs from a host within an enterprise is provided. The systems and methods include a database for storing current data and historical data obtained from the network and a detection module and an optional display. The embodiments herein extract information from non-encrypted transfer protocol metadata, determine a plurality of features, utilize an outlier detection model that is based on historical behaviors, calculate a suspiciousness score, and create alerts for analysis by users when the score exceeds a threshold. In doing so, the systems and methods of the present invention improve the ability to identify suspicious outliers or potential malware on an iterative basis over time.
The present disclosure describes methods, apparatuses, and systems to protect wind turbines, wind farms, and power infrastructure. For instance, wind turbines produce several streams of data varying over time, including sensor readings from components in wind turbines, network traffic from SCADA systems, data from wind farm internal networks, data from the internet, etc. According to the techniques described herein, wind farms may be protected by identifying patterns that may not be apparent from individual time series or network data. Embodiments of the present disclosure include integration and fusion of information from various time series data sources and network data sources for detecting patterns in data (e.g., patterns in data that may indicate an abnormal event, such as wind farm component failure, a control system cyber-attack, etc.). For instance, in some cases, such patterns may be used to detect an abnormal event of interest (e.g., such as an attack).
H02J 13/00 - Circuits pour pourvoir à l'indication à distance des conditions d'un réseau, p. ex. un enregistrement instantané des conditions d'ouverture ou de fermeture de chaque sectionneur du réseauCircuits pour pourvoir à la commande à distance des moyens de commutation dans un réseau de distribution d'énergie, p. ex. mise en ou hors circuit de consommateurs de courant par l'utilisation de signaux d'impulsion codés transmis par le réseau
The present disclosure describes methods, apparatuses, and systems to protect wind turbines, wind farms, and power infrastructure. For instance, wind turbines produce several streams of data varying over time, including sensor readings from components in wind turbines, network traffic from SCADA systems, data from wind farm internal networks, data from the internet, etc. According to the techniques described herein, wind farms may be protected by identifying patterns that may not be apparent from individual time series or network data. Embodiments of the present disclosure include integration and fusion of information from various time series data sources and network data sources for detecting patterns in data (e.g., patterns in data that may indicate an abnormal event, such as wind farm component failure, a control system cyber-attack, etc.). For instance, in some cases, such patterns may be used to detect an abnormal event of interest (e.g., such as an attack).
Systems and methods for recording information at a granular level; checking and verifying that data is used and processed is consistent with an entity's internal policies and/or external regulations; and producing reports to authorized users (e.g., individuals and organizations) with information are provided. The system and methods capture required data in an immutable fashion so that users outside of an entity (e.g., public, third parties) can check and audit that internal policies and other regulatory policies and frameworks are followed.
H04L 29/06 - Commande de la communication; Traitement de la communication caractérisés par un protocole
G06F 3/06 - Entrée numérique à partir de, ou sortie numérique vers des supports d'enregistrement
H04L 9/06 - Dispositions pour les communications secrètes ou protégéesProtocoles réseaux de sécurité l'appareil de chiffrement utilisant des registres à décalage ou des mémoires pour le codage par blocs, p. ex. système DES
G06F 21/62 - Protection de l’accès à des données via une plate-forme, p. ex. par clés ou règles de contrôle de l’accès
G06N 5/025 - Extraction de règles à partir de données
14.
Systems and methods for analyzing cybersecurity events
Methods and systems for the detection, identification, analysis of cybersecurity events in order to support prevention of the persistence of threats, malware or other harmful events are provided. The methods and systems of the present invention enable a user to find similar anomalous network traffic within a single network or across multiple networks. The methods and systems identify and correlate activity in order to analyze potential threats within a network by providing broader contextual information about how those threats relate to other activity within the network or across a sector or country.
Systems and techniques for detecting advertising fraudulent traffic, or invalid traffic, by correlating advertising traffic with cyber network defense events are described. For example, described techniques include querying cyber network traffic events, querying the metadata returned by the tag script placed in the displayed advertisement, and correlating times, internet protocol (IP) addresses, publisher domains, and referrer domains with domains and IP addresses flagged by network cyber security events.
Systems and techniques for detecting advertising fraudulent traffic, or invalid traffic, by correlating advertising traffic with cyber network defense events are described. For example, described techniques include querying cyber network traffic events, querying the metadata returned by the tag script placed in the displayed advertisement, and correlating times, internet protocol (IP) addresses, publisher domains, and referrer domains with domains and IP addresses flagged by network cyber security events.
42 - Services scientifiques, technologiques et industriels, recherche et conception
Produits et services
Application service provider featuring application programming interface (API) software for providing cyber threat data to subscribing organizations' security platforms to assist such organizations in protecting against cyber threats
18.
SYSTEMS AND METHODS FOR DETECTING MALICIOUS NETWORK TRAFFIC USING MULTI-DOMAIN MACHINE LEARNING
System and methods for cross-domain training and updating of models to perform classification and scoring of network data/traffic are described. Information used to build deep machine learning models about traffic in one domain is used to improve the modeling in another domain. By using cross-domain learning, labeled data from another domain can be used to improve the detection rate and false positive rate of an analytic model in another domain. Because of the construction of the models, and because the models, and not the data are transferred, there is no disclosure of personally identifiable or otherwise restricted information.
System and methods for cross-domain training and updating of models to perform classification and scoring of network data/traffic are described. Information used to build deep machine learning models about traffic in one domain is used to improve the modeling in another domain. By using cross-domain learning, labeled data from another domain can be used to improve the detection rate and false positive rate of an analytic model in another domain. Because of the construction of the models, and because the models, and not the data are transferred, there is no disclosure of personally identifiable or otherwise restricted information.
Systems and methods for detecting anomalous and malicious URL's by analyzing markup language structure, such as HTML, are provided. The systems and methods include the querying of a URL to obtain the markup language data. The markup language data their corresponding elements and their locations rows/depths are parsed into coordinates within a 2-dimensional grid and then processed into features. A color is assigned to each feature as a function of the type of feature. The three dimensions (x, y coordinates and color coordinate) of the features are used to generate an image. The generated images are then compressed to facilitate processing. The compressed images of common websites are analyzed using deep machine learning algorithms to generate a model that represents their structure. These generated models are then used to detect suspicious and/or anomalous websites.
Systems and methods for detecting anomalous and malicious URL's by analyzing markup language structure, such as HTML, are provided. The systems and methods include the querying of a URL to obtain the markup language data. The markup language data their corresponding elements and their locations rows/depths are parsed into coordinates within a 2-dimensional grid and then processed into features. A color is assigned to each feature as a function of the type of feature. The three dimensions (x, y coordinates and color coordinate) of the features are used to generate an image. The generated images are then compressed to facilitate processing. The compressed images of common websites are analyzed using deep machine learning algorithms to generate a model that represents their structure. These generated models are then used to detect suspicious and/or anomalous websites.
Systems and methods for recording information at a granular level; checking and verifying that data is used and processed is consistent with an entity's internal policies and/or external regulations; and producing reports to authorized users (e.g., individuals and organizations) with information are provided. The system and methods capture required data in an immutable fashion so that users outside of an entity (e.g., public, third parties) can check and audit that internal policies and other regulatory policies and frameworks are followed.
H04L 29/06 - Commande de la communication; Traitement de la communication caractérisés par un protocole
G06F 3/06 - Entrée numérique à partir de, ou sortie numérique vers des supports d'enregistrement
H04L 9/06 - Dispositions pour les communications secrètes ou protégéesProtocoles réseaux de sécurité l'appareil de chiffrement utilisant des registres à décalage ou des mémoires pour le codage par blocs, p. ex. système DES
G06F 21/62 - Protection de l’accès à des données via une plate-forme, p. ex. par clés ou règles de contrôle de l’accès
G06N 5/02 - Représentation de la connaissanceReprésentation symbolique
23.
DATA BLOCK-BASED SYSTEM AND METHODS FOR PREDICTIVE MODELS
Systems and methods for recording information at a granular level; checking and verifying that data is used and processed is consistent with an entity's internal policies and/or external regulations; and producing reports to authorized users (e.g., individuals and organizations) with information are provided. The system and methods capture required data in an immutable fashion so that users outside of an entity (e.g., public, third parties) can check and audit that internal policies and other regulatory policies and frameworks are followed.
Systems and methods for detecting suspicious malware by analyzing data such as transfer protocol data or logs from a host within an enterprise is provided. The systems and methods include a database for storing current data and historical data obtained from the network and a detection module and an optional display. The embodiments herein extract information from non-encrypted transfer protocol metadata, determine a plurality of features, utilize an outlier detection model that is based on historical behaviors, calculate a suspiciousness score, and create alerts for analysis by users when the score exceeds a threshold. In doing so, the systems and methods of the present invention improve the ability to identify suspicious outliers or potential malware on an iterative basis over time.
G06F 21/00 - Dispositions de sécurité pour protéger les calculateurs, leurs composants, les programmes ou les données contre une activité non autorisée
G06F 21/56 - Détection ou gestion de programmes malveillants, p. ex. dispositions anti-virus
Systems and methods for detecting suspicious malware by analyzing data such as transfer protocol data or logs from a host within an enterprise is provided. The systems and methods include a database for storing current data and historical data obtained from the network and a detection module and an optional display. The embodiments herein extract information from non-encrypted transfer protocol metadata, determine a plurality of features, utilize an outlier detection model that is based on historical behaviors, calculate a suspiciousness score, and create alerts for analysis by users when the score exceeds a threshold. In doing so, the systems and methods of the present invention improve the ability to identify suspicious outliers or potential malware on an iterative basis over time.
Methods and systems for the detection, identification, analysis of cybersecurity events in order to support prevention of the persistence of threats, malware or other harmful events are provided. The methods and systems of the present invention enable a user to find similar anomalous network traffic within a single network or across multiple networks. The methods and systems identify and correlate activity in order to analyze potential threats within a network by providing broader contextual information about how those threats relate to other activity within the network or across a sector or country.
G06F 11/00 - Détection d'erreursCorrection d'erreursContrôle de fonctionnement
G06F 21/00 - Dispositions de sécurité pour protéger les calculateurs, leurs composants, les programmes ou les données contre une activité non autorisée
27.
Systems and methods for analyzing cybersecurity events
Methods and systems for the detection, identification, analysis of cybersecurity events in order to support prevention of the persistence of threats, malware or other harmful events are provided. The methods and systems of the present invention enable a user to find similar anomalous network traffic within a single network or across multiple networks. The methods and systems identify and correlate activity in order to analyze potential threats within a network by providing broader contextual information about how those threats relate to other activity within the network or across a sector or country.
09 - Appareils et instruments scientifiques et électriques
41 - Éducation, divertissements, activités sportives et culturelles
42 - Services scientifiques, technologiques et industriels, recherche et conception
45 - Services juridiques; services de sécurité; services personnels pour individus
Produits et services
Computer software, downloadable computer software, mobile
device software for use in cybersecurity detection and
prevention of malware, intrusions, and other cyber threats,
for network defense and for monitoring, assessing and
implementing improvements in the security of enterprise
data, infrastructure, and networks; computer software,
downloadable computer software, mobile device software for
use in real-time threat assessment, detection, and updates,
behavioral modeling, data analytics and proactive responses;
computer software, downloadable computer software, mobile
device software for assessing the status of enterprise data,
infrastructure, and network traffic, and for identifying and
assessing threats to the enterprise data, infrastructure,
and network traffic, all for use in cybersecurity
consulting, assessments, and training; computer software,
downloadable computer software, mobile device software for
simulating threats, and possible responses to those threats,
to the security of enterprise data, infrastructure and
networks, for use in cybersecurity consulting, assessments,
and training. Cybersecurity training services. Providing non-downloadable computer programs for detection
and prevention of malware, intrusions, and other cyber
threats, for network defense and for monitoring, assessing
and implementing improvements in the security of enterprise
data, infrastructure, and networks, all in the field of
cybersecurity; computer security consultancy and threat
assessments in connection therewith. Remote security monitoring services in the nature of
providing real-time threat assessment, detection, and
updates of unlawful activity, behavioral modelling of
network systems for tracking network security threats,
electronic data analytics, namely, analyzing data in
computer databases for unlawful activity, and generating
proactive incident responses in connection with all of the
foregoing.
29.
TRANSFORMING CYBERSECURITY THROUGH COLLECTIVE DEFENSE
09 - Appareils et instruments scientifiques et électriques
41 - Éducation, divertissements, activités sportives et culturelles
42 - Services scientifiques, technologiques et industriels, recherche et conception
45 - Services juridiques; services de sécurité; services personnels pour individus
Produits et services
(1) Computer software, downloadable computer software, mobile device software for use in cybersecurity detection and prevention of malware, intrusions, and other cyber threats, for network defense and for monitoring, assessing and implementing improvements in the security of enterprise data, infrastructure, and networks; computer software, downloadable computer software, mobile device software for use in real-time threat assessment, detection, and updates, behavioral modeling, data analytics and proactive responses, namely, in the field of cybersecurity detection, prevention of malware, intrusions, and other cyber threats, for network defense; computer software, downloadable computer software, mobile device software for assessing the status of enterprise data, infrastructure, and network traffic, and for identifying and assessing threats to the enterprise data, infrastructure, and network traffic, all for use in cybersecurity consulting, assessments, and training; computer software, downloadable computer software, mobile device software for simulating threats, and possible responses to those threats, to the security of enterprise data, infrastructure and networks, for use in cybersecurity consulting, assessments, and training. (1) Cybersecurity training services.
(2) Providing non-downloadable computer programs for detection and prevention of malware, intrusions, and other cyber threats, for network defense and for monitoring, assessing and implementing improvements in the security of enterprise data, infrastructure, and networks, all in the field of cybersecurity; computer security consultancy and threat assessments in connection therewith.
(3) Remote security monitoring services in the nature of providing real-time threat assessment, detection, and updates of unlawful activity, behavioral modelling of network systems for tracking network security threats, electronic data analytics, namely, analyzing data in computer databases for unlawful activity, and generating proactive incident responses in connection with all of the foregoing.
30.
Simulation and virtual reality based cyber behavioral systems
A cybersecurity system for managing cyber behavior associated with cyber actors such that the cyber behavior can be computed and predicted and cyber interactions between the cyber actors can be created. The system includes a cyber behavioral space management module configured to receive input data, and data from the interaction engine and the analytic workflow engine, and to generate a plurality of cyber behavioral spaces based on the received data. The system includes an interaction engine configured to process cyber actor data to facilitate interactions with the cyber behavioral space, a cyber scene, a cyber map, and another cyber actor. The system includes an analytic workflow engine configured to analyze the cyber behavioral spaces and update cyber data based on the analyzed data and the interaction engine data. The system includes a visualization engine configured to compute visualizations and transmit the visualizations for display.
H04L 29/06 - Commande de la communication; Traitement de la communication caractérisés par un protocole
G06F 21/57 - Certification ou préservation de plates-formes informatiques fiables, p. ex. démarrages ou arrêts sécurisés, suivis de version, contrôles de logiciel système, mises à jour sécurisées ou évaluation de vulnérabilité
G06F 21/55 - Détection d’intrusion locale ou mise en œuvre de contre-mesures
G06T 19/00 - Transformation de modèles ou d'images tridimensionnels [3D] pour infographie
31.
Simulation and virtual reality based cyber behavioral systems
A cybersecurity system for managing cyber behavior associated with cyber actors such that the cyber behavior can be computed and predicted and cyber interactions between the cyber actors can be created. The system includes a cyber behavioral space management module configured to receive input data, and data from the interaction engine and the analytic workflow engine, and to generate a plurality of cyber behavioral spaces based on the received data. The system includes an interaction engine configured to process cyber actor data to facilitate interactions with the cyber behavioral space, a cyber scene, a cyber map, and another cyber actor. The system includes an analytic workflow engine configured to analyze the cyber behavioral spaces and update cyber data based on the analyzed data and the interaction engine data. The system includes a visualization engine configured to compute visualizations and transmit the visualizations for display.
H04L 29/06 - Commande de la communication; Traitement de la communication caractérisés par un protocole
G06F 21/57 - Certification ou préservation de plates-formes informatiques fiables, p. ex. démarrages ou arrêts sécurisés, suivis de version, contrôles de logiciel système, mises à jour sécurisées ou évaluation de vulnérabilité
G06F 21/55 - Détection d’intrusion locale ou mise en œuvre de contre-mesures
G06T 19/00 - Transformation de modèles ou d'images tridimensionnels [3D] pour infographie
32.
SIMULATION AND VIRTUAL REALITY BASED CYBER BEHAVIORAL SYSTEMS
A cybersecurity system for managing cyber behavior associated with cyber actors such that the cyber behavior can be computed and predicted and cyber interactions between the cyber actors can be created. The system includes a cyber behavioral space management module configured to receive input data, and data from the interaction engine and the analytic workflow engine, and to generate a plurality of cyber behavioral spaces based on the received data. The system includes an interaction engine configured to process cyber actor data to facilitate interactions with the cyber behavioral space, a cyber scene, a cyber map, and another cyber actor. The system includes an analytic workflow engine configured to analyze the cyber behavioral spaces and update cyber data based on the analyzed data and the interaction engine data. The system includes a visualization engine configured to compute visualizations and transmit the visualizations for display.
G06F 17/30 - Recherche documentaire; Structures de bases de données à cet effet
G06F 21/50 - Contrôle des utilisateurs, des programmes ou des dispositifs de préservation de l’intégrité des plates-formes, p. ex. des processeurs, des micrologiciels ou des systèmes d’exploitation
G06F 21/56 - Détection ou gestion de programmes malveillants, p. ex. dispositions anti-virus
09 - Appareils et instruments scientifiques et électriques
41 - Éducation, divertissements, activités sportives et culturelles
42 - Services scientifiques, technologiques et industriels, recherche et conception
45 - Services juridiques; services de sécurité; services personnels pour individus
Produits et services
Computer software, downloadable computer software, mobile
device software for use in cybersecurity detection and
prevention of malware, intrusions, and other cyber threats,
for network defense and for monitoring, assessing and
implementing improvements in the security of enterprise
data, infrastructure, and networks; computer software,
downloadable computer software, mobile device software for
use in real-time threat assessment, detection, and updates,
behavioral modeling, data analytics and proactive responses;
computer software, downloadable computer software, mobile
device software for use in cybersecurity consulting,
assessments, and training. Cybersecurity training services. Providing non-downloadable computer programs for detection
and prevention of malware, intrusions, and other cyber
threats, for network defense and for monitoring, assessing
and implementing improvements in the security of enterprise
data, infrastructure, and networks, all in the field of
cybersecurity; computer security consulting and threat
assessments in connection therewith. Remote security monitoring services in the nature of
providing real-time threat assessment, detection, and
updates of unlawful activity, behavioral modelling of
network systems for tracking network security threats,
electronic data analytics, namely, analyzing data in
computer databases for unlawful activity, and generating
proactive incident responses in connection with all of the
foregoing.
09 - Appareils et instruments scientifiques et électriques
41 - Éducation, divertissements, activités sportives et culturelles
42 - Services scientifiques, technologiques et industriels, recherche et conception
45 - Services juridiques; services de sécurité; services personnels pour individus
Produits et services
Computer software, downloadable computer software, mobile
device software for use in cybersecurity detection and
prevention of malware, intrusions, and other cyber threats,
for network defense and for monitoring, assessing and
implementing improvements in the security of enterprise
data, infrastructure, and networks; computer software,
downloadable computer software, mobile device software for
use in real-time threat assessment, detection, and updates,
behavioral modeling, data analytics and proactive responses;
computer software, downloadable computer software, mobile
device software for use in cybersecurity consulting,
assessments, and training. Cybersecurity training services. Providing non-downloadable computer programs for detection
and prevention of malware, intrusions, and other cyber
threats, for network defense and for monitoring, assessing
and implementing improvements in the security of enterprise
data, infrastructure, and networks, all in the field of
cybersecurity; computer security consulting and threat
assessments in connection therewith. Remote security monitoring services in the nature of
providing real-time threat assessment, detection, and
updates of unlawful activity, behavioral modelling of
network systems for tracking network security threats,
electronic data analytics, namely, analyzing data in
computer databases for unlawful activity, and generating
proactive incident responses in connection with all of the
foregoing.
09 - Appareils et instruments scientifiques et électriques
41 - Éducation, divertissements, activités sportives et culturelles
42 - Services scientifiques, technologiques et industriels, recherche et conception
45 - Services juridiques; services de sécurité; services personnels pour individus
Produits et services
Computer software, downloadable computer software, mobile
device software for use in cybersecurity detection and
prevention of malware, intrusions, and other cyber threats,
for network defense and for monitoring, assessing and
implementing improvements in the security of enterprise
data, infrastructure, and networks; computer software,
downloadable computer software, mobile device software for
use in real-time threat assessment, detection, and updates,
behavioral modeling, data analytics and proactive responses;
computer software, downloadable computer software, mobile
device software for use in cybersecurity consulting,
assessments, and training. Cybersecurity training services. Providing non-downloadable computer programs for detection
and prevention of malware, intrusions, and other cyber
threats, for network defense and for monitoring, assessing
and implementing improvements in the security of enterprise
data, infrastructure, and networks, all in the field of
cybersecurity; computer security consulting and threat
assessments in connection therewith. Remote security monitoring services in the nature of
providing real-time threat assessment, detection, and
updates of unlawful activity, behavioral modelling of
network systems for tracking network security threats,
electronic data analytics, namely, analyzing data in
computer databases for unlawful activity, and generating
proactive incident responses in connection with all of the
foregoing.
09 - Appareils et instruments scientifiques et électriques
41 - Éducation, divertissements, activités sportives et culturelles
42 - Services scientifiques, technologiques et industriels, recherche et conception
45 - Services juridiques; services de sécurité; services personnels pour individus
Produits et services
Computer software, downloadable computer software, mobile
device software for use in cybersecurity detection and
prevention of malware, intrusions, and other cyber threats,
for network defense and for monitoring, assessing and
implementing improvements in the security of enterprise
data, infrastructure, and networks; computer software,
downloadable computer software, mobile device software for
use in real-time threat assessment, detection, and updates,
behavioral modeling, data analytics and proactive responses;
computer software, downloadable computer software, mobile
device software for use in cybersecurity consulting,
assessments, and training. Cybersecurity training services. Providing non-downloadable computer programs for detection
and prevention of malware, intrusions, and other cyber
threats, for network defense and for monitoring, assessing
and implementing improvements in the security of enterprise
data, infrastructure, and networks, all in the field of
cybersecurity. Remote security monitoring services in the nature of
providing real-time threat assessment, detection, and
updates of unlawful activity, behavioral modelling of
network systems for tracking network security threats,
electronic data analytics, namely, analyzing data in
computer databases for unlawful activity, and generating
proactive incident responses in connection with all of the
foregoing; providing cybersecurity consulting and threat
assessments.
09 - Appareils et instruments scientifiques et électriques
45 - Services juridiques; services de sécurité; services personnels pour individus
Produits et services
(1) Computer software, downloadable computer software, mobile device software for use in cybersecurity detection and prevention of malware, intrusions, and other cyber threats, for network defense and for monitoring, assessing and implementing improvements in the security of enterprise data, infrastructure, and networks; computer software, downloadable computer software, mobile device software for use in real-time threat assessment, detection, and updates, behavioral modeling, data analytics and proactive responses, namely, in the field of cybersecurity detection, prevention of malware, intrusions, and other cyber threats, for network defense; computer software, downloadable computer software, mobile device software for use in cybersecurity consulting, assessments, and training (1) Providing cybersecurity services, namely, providing non-downloadable computer programs for detection and prevention of malware, intrusions, and other cyber threats, for network defense and for monitoring, assessing and implementing improvements in the security of enterprise data, infrastructure, and networks; providing real-time threat assessment, detection, and updates, behavioral modeling, data analytics and proactive responses; providing cybersecurity consulting, assessments, and training services
09 - Appareils et instruments scientifiques et électriques
45 - Services juridiques; services de sécurité; services personnels pour individus
Produits et services
(1) Computer software, downloadable computer software, mobile device software for use in cybersecurity detection and prevention of malware, intrusions, and other cyber threats, for network defense and for monitoring, assessing and implementing improvements in the security of enterprise data, infrastructure, and networks; computer software, downloadable computer software, mobile device software for use in real-time threat assessment, detection, and updates, behavioral modeling, data analytics and proactive responses, namely, in the field of cybersecurity detection, prevention of malware, intrusions, and other cyber threats, for network defense; computer software, downloadable computer software, mobile device software for use in cybersecurity consulting, assessments, and training (1) Providing cybersecurity services, namely, providing non-downloadable computer programs for detection and prevention of malware, intrusions, and other cyber threats, for network defense and for monitoring, assessing and implementing improvements in the security of enterprise data, infrastructure, and networks; providing real-time threat assessment, detection, and updates, behavioral modeling, data analytics and proactive responses; providing cybersecurity consulting, assessments, and training services
09 - Appareils et instruments scientifiques et électriques
45 - Services juridiques; services de sécurité; services personnels pour individus
Produits et services
(1) Computer software, downloadable computer software, mobile device software for use in cybersecurity detection and prevention of malware, intrusions, and other cyber threats, for network defense and for monitoring, assessing and implementing improvements in the security of enterprise data, infrastructure, and networks; computer software, downloadable computer software, mobile device software for use in real-time threat assessment, detection, and updates, behavioral modeling, data analytics and proactive responses, namely, in the field of cybersecurity detection, prevention of malware, intrusions, and other cyber threats, for network defense; computer software, downloadable computer software, mobile device software for use in cybersecurity consulting, assessments, and training (1) Providing cybersecurity services, namely, providing non-downloadable computer programs for detection and prevention of malware, intrusions, and other cyber threats, for network defense and for monitoring, assessing and implementing improvements in the security of enterprise data, infrastructure, and networks; providing real-time threat assessment, detection, and updates, behavioral modeling, data analytics and proactive responses; providing cybersecurity consulting, assessments, and training services
09 - Appareils et instruments scientifiques et électriques
45 - Services juridiques; services de sécurité; services personnels pour individus
Produits et services
(1) Computer software, downloadable computer software, mobile device software for use in cybersecurity detection and prevention of malware, intrusions, and other cyber threats, for network defense and for monitoring, assessing and implementing improvements in the security of enterprise data, infrastructure, and networks; computer software, downloadable computer software, mobile device software for use in real-time threat assessment, detection, and updates, behavioral modeling, data analytics and proactive responses, namely, in the field of cybersecurity detection, prevention of malware, intrusions, and other cyber threats, for network defense; computer software, downloadable computer software, mobile device software for use in cybersecurity consulting, assessments, and training (1) Providing cybersecurity services, namely, providing non-downloadable computer programs for detection and prevention of malware, intrusions, and other cyber threats, for network defense and for monitoring, assessing and implementing improvements in the security of enterprise data, infrastructure, and networks; providing real-time threat assessment, detection, and updates, behavioral modeling, data analytics and proactive responses; providing cybersecurity consulting, assessments, and training services
A cybersecurity system for processing events to produce scores, alerts, and mitigation actions. The system includes sensors for receiving and processing data to form events, distributed analytic platform for processing events to form analytic workflows, and scoring engines for processing events using analytic workflows to produce scoring engine messages. The system also includes real time analytic engine for processing scoring engine messages and distributed analytic platform messages using the analytic workflows and analytic workflow and event processing rules to form and transmit a threat intelligence message. Threat intelligence messages include broadcast messages, mitigation messages, and model update messages. The system also includes logical segments which associate an analytic model, a set of analytic models, or an analytic workflow; one or more sources of inputs about activity within the logical segment, and a set of actions for mitigating an impact of the anomalous activity occurring within the logical segment.
41 - Éducation, divertissements, activités sportives et culturelles
42 - Services scientifiques, technologiques et industriels, recherche et conception
45 - Services juridiques; services de sécurité; services personnels pour individus
Produits et services
[ Cybersecurity training services ] Providing non-downloadable computer programs for detection and prevention of malware, intrusions, and other cyber threats, for network defense and for monitoring, assessing and implementing improvements in the security of enterprise data, infrastructure, and networks, all in the field of cybersecurity Remote security monitoring services in the nature of providing real-time threat assessment, detection, and updates of unlawful activity, behavioral modelling of network systems for tracking network security threats, electronic data analytics, namely, analyzing data in computer databases for unlawful activity, and generating proactive incident responses in connection with all of the foregoing; providing cybersecurity consulting and threat assessments
41 - Éducation, divertissements, activités sportives et culturelles
42 - Services scientifiques, technologiques et industriels, recherche et conception
45 - Services juridiques; services de sécurité; services personnels pour individus
Produits et services
[ Cybersecurity training services ] Providing non-downloadable computer programs for detection and prevention of malware, intrusions, and other cyber threats, for network defense and for monitoring, assessing and implementing improvements in the security of enterprise data, infrastructure, and networks, all in the field of cybersecurity Remote security monitoring services in the nature of providing real-time threat assessment, detection, and updates of unlawful activity, behavioral modelling of network systems for tracking network security threats, electronic data analytics, namely, analyzing data in computer databases for unlawful activity, and generating proactive incident responses in connection with all of the foregoing; providing cybersecurity consulting and threat assessments
A cybersecurity system for processing events to produce scores, alerts, and mitigation actions. The system includes sensors for receiving and processing data to form events, distributed analytic platform for processing events to form analytic workflows, and scoring engines for processing events using analytic workflows to produce scoring engine messages. The system also includes real time analytic engine for processing scoring engine messages and distributed analytic platform messages using the analytic workflows and analytic workflow and event processing rules to form and transmit a threat intelligence message. Threat intelligence messages include broadcast messages, mitigation messages, and model update messages. The system also includes logical segments which associate an analytic model, a set of analytic models, or an analytic workflow; one or more sources of inputs about activity within the logical segment, and a set of actions for mitigating an impact of the anomalous activity occurring within the logical segment.
