A multi-patented, real-time visualization tool for manual, fully automated or scheduled roll-outs, patches, updates, administration of devices, access control lists and the performance of tailored assessments and remediation for adherence to current and future HIPAA, PCI, SOX, ISO 27001, NIST Cybersecurity Framework, SIEM or any industry standard or government regulatory compliance.

No hardware or API or frameworks required. Full Topological Visualization can be achieved with just Nessus, Wireshark and ACL, such as PCAP, data.


Cauldron's Origins and Approach


Combating Cyber Terrorism

Cauldron is based upon more than a decade of research at the George Mason University (GMU) Center for Secure Information Systems (CSIS) and funded in part by the Department of Homeland Security (DHS), the United States Air Force Research Laboratory (AFRL), and the Federal Aviation Administration (FAA) and the Center for Secure Information Systems (CSIS)*, CyVision Technologies’ Cauldron™ is a visualization and modeling tool which allows organizations predictive and proactive defense-in-depth management of their cyber environment. The tool has an open and agnostic architecture for both the input and output of data. The technology has multiple patents awards.

Combating Cyber Terrorism:

NIST has granted an exclusive license for the Cauldron™ technology used to determine network safety against unknown attacks (zero-day attacks) to CyVision, a spin-off of George Mason University. CyVision is dedicated to combating cyber terrorism and helping government and private enterprise improve their security posture. Based on this patented technology and other inventions licensed from GMU, CyVision is commercializing cybersecurity vulnerability analysis solutions.

Citation from:
Annual Report on Technology Transfer:
Approach and Plans, Fiscal Year 2015 Activities and Achievements
U.S. Department of Commerce
Report prepared by:

National Institute of Standards and Technology
National Oceanic and Atmospheric Administration
National Telecommunications and Information Administration Institute for Telecommunication Sciences
Pursuant to the
Technology Transfer and Commercialization Act of 2000 (Pub. L. 106-404)
March 2016

Army Research Office MURI award number W911NF-09-1-0525; U. S. Patent 7,627,900, U. S. Patent 7,555,778, U. S. Patent 7,735,141, U. S. Patent 7,904,962

Cauldron™ empowers organizations to remediate in three fashions: 

  1. Through our super-accurate calibrated CVSS approach

  2. Through a threat path based on a host-to-host analysis, and

  3. Through a threat path based on connection-to-connection approach.


While the CVSS-based approach is the traditional remediation approach, the latter two approaches allow organization to more accurately understand their cyber environment and more effectively allocate remediation resources.

Cauldron™ allows organizations to visualize potential cyber threat paths and model multiple “what if” configurations in order to remediate in the most organizationally efficient and effective manner. Due to its open architecture, Cauldron™ readily integrates into existing management frameworks within the operational environment.

Cauldron puts a great deal of information into a single visualization so the cyber first responder/ cyber subject matter expert can interpret and act as quickly as possible.

CyVision is dedicated to combating cyber threats and helping business, academia, government, and non-profits around the world improve their security posture. Our Cauldron cyber solution addresses the expanding needs of those at risk of cyber attack.

CyVision’s partnership with GMU’s Center for Secure Information Systems (CSIS) is a core element of the company’s unique leadership position in enhanced cyber analytics. CSIS is a federally funded research center on par with Carnegie Mellon and MIT. The strong R&D foundation of CSIS powers CyVision’s ability to apply advanced analytics against emerging market requirements based on proven scientific method.

Organizations need help to identify and mitigate cyber threats in order to minimize risk and protect valuable assets. CyVision’s mission is to help companies materially improve their risk posture by providing analyst tools for more targeted and more effective use of resources – via use of our flagship product, Cauldron.


Visualization is the point of convergence. Different types of data have to be brought together to show the impact on each other. Unlike network monitoring – where the goal is to keep things running – the goal of cyber security is to keep things safe. By aggregating data and visualizing the impact of cyber elements upon each other, a context is created graphically. That context is situational awareness – and of great value when depicted and under the complete control of the Cauldron visual interface.

Imagine:
…Finding the needle in the haystack every hour, every day on demand
…Analysts generating more precise and efficient remediation plans
…Higher ROI on cyber remediation efforts

This is what visualization delivers. And, this is why visualization is at the heart of CyVision’s cyber security philosophy.


The Proven Science Behind Cauldron


In abstract scientific terms, the study and characterization of complex networks generally relies on simple measurements such as the average node degree, clustering coefficient and average path lengths. However, such features do not provide direct insights about several relevant properties of the analyzed networks, especially about the connectivity of the network around specific nodes or subgroups of special interest. Although such limitations have been acknowledged from time to time and complementary and compensatory measures have been proposed,less attention has been given to measurements or algorithms capable of comprehensively expressing the hierarchical (or concentric) structure of complex networks visually while interacting with their data, nodes, administrative interfaces and access controls.


Cauldron uses multiple awarded patents to implement this revolutionary scientific method as applied to data networks for the precise measurement and classification of networks of any complexity, including measurements such as the accessibility and topological symmetry of all connections. This allows for unprecedented systematic comparison of classifiers using large and diverse types of specific and agnostic data.

The efficacy of the technology used by Cauldron for the topological characterization, visible rendering and modeling of complex networks are substantiated in 300 journal articles and a book, which have motivated more than 10000 citations in Scholar and about 4000 citations in the Web of Science. Applications of the technology have appeared in journals such as Scientific American, Science, Nature Communications, Nature Neuroscience, Advances in Physics, ACM Surveys, Physical Review Letters, Neuron, eLife, and Journal of Neuroscience, among others.


 

* Established in 1990, CSIS has the distinction of being the first academic center in security at a U.S. university.  It is one of the National Security Agency’s original Centers of Academic Excellence in Information Assurance Education, a designation it continues to hold.  In 2008, NSA established a new designation – The National Centers of Academic Excellence in Information Assurance Research (CAE-Research).  CSIS has earned this new designation, and is designated for both CAEIAE and CAE-Research through 2021. Sponsors List.