Abstract: A device that is configured to receive user activity information that includes information about user interactions with a network device for a plurality of users. The device is further configured to input the user activity information into a first machine learning model that is configured to receive user activity information and to output a set of bad actor candidates based on the user activity information. The device is further configured to filter the user activity information based on the set of bad actor candidates. The device is further configured to input the filtered user activity information into a second machine learning model that is configured to receive the filtered user activity information and to output system exposure information that identifies network security threats. The device is further configured to identify network security actions based on the network security threats and to execute the network security actions.

Abstract: A method is provided that comprises monitoring for a change in a first security configuration setting in a relay server and comparing the change in the first security configuration setting to historical data that contains validated authentication configuration settings that previously allowed for the delivery of a historical electronic mail message to an external network. The method further comprises identifying a candidate change to the first security configuration setting based on the comparison, where the candidate change to the first security configuration setting when implemented results in the delivery of a first electronic mail message to the external network. The method further comprises implementing the candidate change to the first security configuration setting such that the relay server allows the delivery of the first electronic message to the external network.

Abstract: Systems, computer program products, and methods are described herein for identifying unauthorized use of a user's authentication credentials to an electronic network based on non-public data access. The present invention is configured to receive a verified access attempt at a first time for a user account; receive an unverified access attempt at a second time for the user account; determine the unverified access attempt is a credential sharing event for the user account; determine the user account is an internal account; determine an unverified user associated with the unverified access attempt is an external user; receive unverified account access logs associated with the unverified access attempt, the unverified account access logs comprising access to non-public data; and generate an unverified data access interface component to configure a graphical user interface of a device associated with a manager of the system.

Abstract: Systems, computer program products, and methods are described herein for verifying authentication credentials in an electronic network. The present invention is configured to receive a first IP address associated with a first access attempt; determine a first geolocation data based on the first IP address; receive a second IP address associated with a second access attempt; determine a second geolocation data based on the second IP address; determine a geolocation variance between the first and the second geolocation data; determine, based on the geolocation variance, an indication of potential movement between the access attempts; apply, based on the indication of potential movement, a verification machine learning model to the account identifier; generate, by the verification machine learning model, a privacy score; and generate, based on the privacy score, an alert user interface component to configure a GUI of a device associated with the user of the account.

Abstract: A device that is configured to receive user activity information that includes information about user interactions with a network device for a plurality of users. The device is further configured to input the user activity information into a first machine learning model that is configured to receive user activity information and to output a set of bad actor candidates based on the user activity information. The device is further configured to filter the user activity information based on the set of bad actor candidates. The device is further configured to input the filtered user activity information into a second machine learning model that is configured to receive the filtered user activity information and to output system exposure information that identifies network security threats. The device is further configured to identify network security actions based on the network security threats and to execute the network security actions.

Abstract: A device that is configured to receive user activity information that includes information about user interactions with a network device for a plurality of users. The device is further configured to receive a set of bad actor candidates that identifies one or more users from among the plurality of users. The device is further configured to filter the user activity information based on the set of bad actor candidates. The device is further configured to input the filtered user activity information into a machine learning model. The machine learning model is configured to receive the filtered user activity information and to output system exposure information that identifies network security threats. The device is further configured to identify network security actions based on the network security threats and to execute the network security actions.

Abstract: A system for classifying a data item to communicate to authorized users extracts features from the data item, where the features comprise a responsibility feature and a sensitivity feature. The responsibility feature indicates a job responsibility associated with the data item. The sensitivity feature indicates a sensitivity level of the data item. The system determines, based on the responsibility feature, that the data item belongs to a particular responsibility class. The system determines, based on the sensitivity feature, that the data item belongs to a particular sensitivity class. The system determines whether a user to whom the data item is directed belongs to the particular responsibility class and sensitivity class to which the data item belongs. The system sends the data item to the user, if is it determined that the user belongs to the particular responsibility class and sensitivity class to which the data item belongs.

Abstract: A media verification device receives baseline media, which includes videos confirmed to include a target subject. The device determines, based on the baseline media for the target subject, a set of baseline features associated with the target subject. A baseline profile is determined for the target subject based on the set of baseline features. When test media which includes a video purported to include the test subject is received, test features are determined for the test media. A test profile is determined for the test media based on the set of test features. The test profile is compared to the baseline profile for the test subject. Based on this comparison, a confidence score is determined. If the confidence score is not greater than a threshold value, the test media is determined to include a synthetic video of the target subject, and an alert is provided.

Abstract: A device that is configured to receive user activity information that includes information about user interactions with a network device for a plurality of users. The device is further configured to receive a set of bad actor candidates that identifies one or more users from among the plurality of users. The device is further configured to filter the user activity information based on the set of bad actor candidates. The device is further configured to input the filtered user activity information into a machine learning model. The machine learning model is configured to receive the filtered user activity information and to output system exposure information that identifies network security threats. The device is further configured to identify network security actions based on the network security threats and to execute the network security actions.

Abstract: A device that is configured to receive user activity information that includes information about user interactions with a network device for a plurality of users. The device is further configured to input the user activity information into a first machine learning model that is configured to receive user activity information and to output a set of bad actor candidates based on the user activity information. The device is further configured to filter the user activity information based on the set of bad actor candidates. The device is further configured to input the filtered user activity information into a second machine learning model that is configured to receive the filtered user activity information and to output system exposure information that identifies network security threats. The device is further configured to identify network security actions based on the network security threats and to execute the network security actions.

Abstract: A device that is configured to receive user activity information from a network device. The user activity information includes information about user interactions with the network device for a plurality of users. The device is further configured to input the user activity information into a machine learning model. The machine learning model is configured to receive user activity information and to output a set of bad actor candidates based on the user activity information. The set of bad actor candidates identifies one or more users from among the plurality of users. The device is further configured to receive the set of bad actor candidates from the machine learning model and to output the set of bad actor candidates.

Abstract: A system for classifying a data item to communicate to authorized users extracts features from the data item, where the features comprise a responsibility feature and a sensitivity feature. The responsibility feature indicates a job responsibility associated with the data item. The sensitivity feature indicates a sensitivity level of the data item. The system determines, based on the responsibility feature, that the data item belongs to a particular responsibility class. The system determines, based on the sensitivity feature, that the data item belongs to a particular sensitivity class. The system determines whether a user to whom the data item is directed belongs to the particular responsibility class and sensitivity class to which the data item belongs. The system sends the data item to the user, if is it determined that the user belongs to the particular responsibility class and sensitivity class to which the data item belongs.

Abstract: Aspects of the disclosure relate to codebase effort tracking. A computing platform may detect accessing of a first code resource by a user of a computing device and initiate tracking of a first interaction time associated with the first code resource. Subsequently, the computing platform may detect loss of interaction with the first code resource and terminate tracking of the first interaction time. Then, the computing platform may detect accessing of a second code resource by the user of the computing device and initiate tracking of a second interaction time associated with the second code resource. Based on the tracking of the respective interaction times, the computing platform may generate and store a code complexity metric. Then, the computing platform may repeat one or more steps for a third code resource and update the code complexity metric based on a third interaction time associated with the third code resource.

Abstract: A system is configured for associating a CVE with a particular device profile is disclosed. The system receives a request from a user to associate a CVE with a particular device profile. For each device profile from a plurality of device profiles stored in a memory, the system determines feature importance values for features of each device profile. The features of each device profile include at least an operating system and a CPU architecture. The feature importance value of a corresponding feature of a device profile associated with a CVE indicates a probability of the CVE to affect the device profile with respect to that feature. The system identifies a device profile that has features with a total feature importance value above a feature importance threshold value. The system identifies a particular CVE associated with the identified device profile. The system associates the particular CVE with the particular device profile.