Abstract: A method, system and/or an apparatus to detect discrepancy in infrastructure security configurations from translated security best practice configurations in heterogeneous environments is disclosed. A method of an infrastructure security server communicatively coupled with a set of heterogeneous infrastructures translates a set of security best practice configurations of the heterogeneous infrastructures and/or a set of common vulnerabilities and exposures (CVE) of the heterogeneous infrastructures to programmatic execution. The method monitors the infrastructure security configurations associated with the heterogeneous infrastructures using a processor and a memory. The method analyzes the infrastructure security configurations based on the translated security best practice configurations and/or the translated common vulnerabilities and exposures (CVE).

Abstract: A method, a system and/or an apparatus of activity based access control in heterogeneous information technology infrastructure is disclosed. The infrastructure security server authenticates that a user is authorized to access a set of heterogeneous cloud-based services using at least one heterogeneous authorization system. The method monitors an activity of the user when accessing any of the set of heterogeneous cloud-based services over a period of time using a processor and a memory. The method dynamically adjusts access privileges to the set of heterogeneous cloud-based services. The adjustment to the access privileges includes a revocation of access to the user to a particular service of the set of heterogeneous cloud-based services and/or dynamically granting of access to the user to the particular service of the set of heterogeneous cloud-based services.