Various methods, apparatuses/systems, and media for implementing a release automation dashboard module are disclosed. A database that stores a set of Sarbanes-Oxley (SOX) audit rules. A processor is coupled to the database via a communication network. The processor creates a release; checks the release for violations against the set of Sarbanes-Oxley (SOX) audit rules; validates that the release is scanned for cyber vulnerabilities in accordance with an organization's established practices; and authorizes deployment of the release based on a determination that the one or more features from the release does not violate the set of SOX audit rules and that the one or more features from the release meet a predetermined threshold for the cyber vulnerabilities.

The present invention relates to a file system protection technology, which is applied to an auxiliary storage device (20), and to an apparatus and method for protecting a file system in a manner of blocking or warning about, in advance, an access to a file system or a change of the file system and identifying permission of a user as necessary. A control device (60) is connected to a host interface (30), a data storage device (40), and a user input device (50) to control an operation mode of the auxiliary storage device or manage and protect a file system object to be protected, according to a user command. When the operation mode of the auxiliary storage device is a management mode, the user can designate file system objects to be protected by the user and set a protection type, wherein information set by the user is stored in an object DB (70) to be protected. In a normal mode, when an access by a host computer targets a file system object listed in the object DB to be protected, a protection operation is performed by referring to the protection type of the object DB to be protected. In the normal mode, the host computer cannot access the object DB (70) to be protected, set in a setting mode by the user, and thus, the object DB (70) to be protected can be prevented from being changed or damaged by malicious code.

One example method includes receiving identification information associated with a new user device, the new user device associated with the user; accessing a signature chain associated with the user, the signature chain comprising one or more sequential records; associating user personal information with the new user device; generating a cryptographic signature based on cryptographic keys associated with the new user device; generating an obfuscated representation of the user personal information; generating a record comprising the identification information, the user personal information, the cryptographic signature, and the obfuscated representation of the user personal information; generating a cryptographic identifier based on the identification information, the cryptographic signature, the obfuscated representation of the user personal information, and a latest of the one or more sequential records; inserting the cryptographic identifier into the record; appending the record to the signature chain as a sequential record; receiving a request to join a video conference from the user device, the request identifying the new client device and the user as a participant in the video conference; and authenticating the user based on the record.

Systems and methods are provided for monitoring and logging all activity occurring in a system. The logged activity may include keystroke entries input into the system, user and/or application interactions with the system, access restriction conflicts, and the like. The logged activity may be stored in at least two datastores, at least one of which is an immutable, append-only datastore. Storage of the logged activity in the immutable, append-only datastore is performed using hash algorithms. Attempts at manipulating or at hiding malicious or unauthorized activity can be recognized due to all activity being captured in the immutable, append-only datastore.

A database access, monitoring, and control system and method monitor database access, detect suspicious database activities, and react to suspicious database activities by initiating one or more control functions. In at least one embodiment, suspicious database activities include activities related to a number of rows of data retrieved in response to one or more queries within a predetermined threshold window of time. Data retrieval row count above a predetermined threshold that represents an anticipated maximum request for legitimate users can indicate a suspicious database activity. In at least one embodiment, the database access, monitoring, and control system and method detects suspicious database activities even if a data requestor has thwarted other security measures or if the data requestor has authorized access but is potentially accessing data inappropriately.

An example operation may include one or more of generating a snapshot of a state of a permissioned blockchain, generating a unique identifier of the state snapshot that distinguishes the state snapshot from other state snapshots of the permissioned blockchain, storing the state snapshot in a data store, and storing proof of the state snapshot including the unique identifier and a storage location of the state snapshot on a public blockchain.

A secure enclave may be used to satisfy privacy requirements and audit requirements. Code may be loaded into the secure enclave. The code may generate a predefined report based on data and added noise. The pre-defined report may be subject to audit requirements. The data may be subject to the privacy requirements. The secure enclave may generate an encryption key and a decryption key based on the code. Only the secure enclave may have access to the decryption key. And the secure enclave may allow only a verified copy of the code to access the decryption key. With the added noise, the report may satisfy a pre-defined differential privacy guarantee. Encrypting the code and ensuring that the report satisfies the differential privacy guarantee may satisfy the privacy requirements. Retaining the report, the code, the secure enclave, and the encrypted data may satisfy the audit requirements.

A method for determining third party network compliance with a host entity network is provided. The method may include generating a scanning file that includes host entity network compliance standards and transferring the scanning file to an intermediary entity network. The method may further include generating an executable file that may run a plug-in scanning file to scan hardware and software resident at the third-party network for compliance. The method may further include transferring the executable file from the intermediary entity network to the third party network. The method may further include executing the executable file, generating a log file upon the completion of the running of the plug-in scanning file and digitally signing the log file. The method may further include deciphering the log file at the intermediary entity network, generating a readable report based on the deciphering and transferring the readable report to the host entity network.

Examples associated with ransomware attack monitoring are described herein. One example includes a monitor module to monitor files stored on the system for sequences of file accesses that match a predefined pattern of file accesses. An investigation module is activated based on a sequence of file accesses that match the predefined pattern. The investigation module logs actions taken by processes to modify files. A reaction module pauses a set of processes operating on the system based on the logging performed by the investigation module, and resumes legitimate processes.

A privacy management system that is configured to process one or more data subject access requests and further configured to: (1) enable a data protection officer to submit an audit request; (2) perform an audit based on one or more parameters provided as part of the request (e.g., one or more parameters such as how long an average request takes to fulfill, one or more parameters related to logging and/or tracking data subject access requests and/or complaints from one or more particular customer advocacy groups, individuals, NGOs, etc.); and (3) provide one or more audit results to the officer (e.g., by displaying the results on a suitable display screen).