Threat mitigation system and method

What is claimed is: 1. A computer-implemented method, executed on a computing device, comprising: monitoring, by a plurality of security-relevant subsystems, the activity of each respective security-relevant subsystem with respect to a computing platform, wherein the plurality of security-relevant subsystems include one or more of a CDN (i.e., Content Delivery Network) system; a DAM (i.e., Database Activity Monitoring) system; a UBA (i.e., User Behavior Analytics) system; a MDM (i.e., Mobile Device Management) system; an IAM (i.e., Identity and Access Management) system; a DNS (i.e., Domain Name Server) system, an antivirus system, an operating system, a data lake; a data log; a security-relevant software application; a security-relevant hardware system; and a resource external to the computing platform; monitoring, by a Security Information and Event Management (SIEM) system, activity of the plurality security-relevant subsystems on the computing platform and generating at least a first set of platform information; defining a threat mitigation platform for a client, by applying a probabilistic process, including artificial intelligence/machine learning, to the first set of platform information, so as to define at least one threat detection capability module for installation on the computing platform; detecting a security event by applying a probabilistic process to the first set of platform information and developing artifacts of said security event; assigning a threat level, via a probabilistic process, to the security event based in part on said artifacts; defining a security threat remedial action based in part on the threat level; defining a rollout schedule for at least a portion of the plurality of threat detection capability modules; and presenting the rollout schedule to the client. 2. The computer-implemented method of claim 1 wherein the rollout schedule is a graphical rollout schedule. 3. The computer-implemented method of claim 1 wherein the rollout schedule is a text-based rollout schedule. 4. The computer-implemented method of claim 1 wherein presenting the rollout schedule to the client includes: providing the rollout schedule to the client as a periodic platform status update. 5. The computer-implemented method of claim 1 wherein presenting the rollout schedule to the client includes: providing the rollout schedule to the client as an ad hoc platform status update. 6. The computer-implemented method of claim 1 wherein presenting the rollout schedule to the client includes: enabling the client to view the rollout schedule via a user interface. 7. The computer-implemented method of claim 1 wherein the rollout schedule defines a date for each of the plurality of threat detection capability modules. 8. The computer-implemented method of claim 1 wherein the rollout schedule defines a content for each of the plurality of threat detection capability modules. 9. A computer program product residing on a non-transitory computer readable medium having a plurality of instructions stored thereon which, when executed by a processor, cause the processor to perform operations comprising: monitoring, by a plurality of security-relevant subsystems, the activity of each respective security-relevant subsystem with respect to a computing platform, wherein the plurality of security-relevant subsystems include one or more of a CDN (i.e., Content Delivery Network) system; a DAM (i.e., Database Activity Monitoring) system; a UBA (i.e., User Behavior Analytics) system; a MDM (i.e., Mobile Device Management) system; an IAM (i.e., Identity and Access Management) system; a DNS (i.e., Domain Name Server) system, an antivirus system, an operating system, a data lake; a data log; a security-relevant software application; a security-relevant hardware system; and a resource external to the computing platform; monitoring, by a Security Information and Event Management (SIEM) system, activity of the plurality security-relevant subsystems on the computing platform and generating at least a first set of platform information; defining a threat mitigation platform for a client, by applying a probabilistic process, including artificial intelligence/machine learning, to the first set of platform information, so as to define at least one threat detection capability module for installation on the computing platform; detecting a security event by applying a probabilistic process to the first set of platform information and developing artifacts of said security event; assigning a threat level, via a probabilistic process, to the security event based in part on said artifacts; defining a security threat remedial action based in part on the threat level; defining a rollout schedule for at least a portion of the plurality of threat detection capability modules; and presenting the rollout schedule to the client. 10. The computer program product of claim 9 wherein the rollout schedule is a graphical rollout schedule. 11. The computer program product of claim 9 wherein the rollout schedule is a text-based rollout schedule. 12. The computer program product of claim 9 wherein presenting the rollout schedule to the client includes: providing the rollout schedule to the client as a periodic platform status update. 13. The computer program product of claim 9 wherein presenting the rollout schedule to the client includes: providing the rollout schedule to the client as an ad hoc platform status update. 14. The computer program product of claim 9 wherein presenting the rollout schedule to the client includes: enabling the client to view the rollout schedule via a user interface. 15. The computer program product of claim 9 wherein the rollout schedule defines a date for each of the plurality of threat detection capability modules. 16. The computer program product of claim 9 wherein the rollout schedule defines a content for each of the plurality of threat detection capability modules. 17. A computing system including a processor and memory configured to perform operations comprising: monitoring, by a plurality of security-relevant subsystems, the activity of each respective security-relevant subsystem with respect to a computing platform, wherein the plurality of security-relevant subsystems include one or more of a CDN (i.e., Content Delivery Network) system; a DAM (i.e., Database Activity Monitoring) system; a UBA (i.e., User Behavior Analytics) system; a MDM (i.e., Mobile Device Management) system; an IAM (i.e., Identity and Access Management) system; a DNS (i.e., Domain Name Server) system, an antivirus system, an operating system, a data lake; a data log; a security-relevant software application; a security-relevant hardware system; and a resource external to the computing platform; monitoring, by a Security Information and Event Management (SIEM) system, activity of the plurality security-relevant subsystems on the computing platform and generating at least a first set of platform information; defining a threat mitigation platform for a client, by applying a probabilistic process, including artificial intelligence/machine learning, to the first set of platform information, so as to define at least one threat detection capability module for installation on the computing platform; detecting a security event by applying a probabilistic process to the first set of platform information and developing artifacts of said security event; assigning a threat level, via a probabilistic process, to the security event based in part on said artifacts; defining a security threat reme