Abstract: A computer implemented method for identifying an application topology includes identifying a sandbox environment corresponding to an application of interest, analyzing the sandbox environment to identify a set of communication links between services within the sandbox environment indicating a first topology, identifying a production system corresponding to the application of interest, querying the production system to identify a set of structural dependencies indicating a second topology, and creating a complete topology of the cloud application by combining the first topology and the second topology. A computer program product and computer system for identifying an application topology are additionally disclosed herein.

Abstract: Threads of a multithreaded application may be scheduled to different cores and executed in various orders and at various frequencies. Controlling how the threads are scheduled and clock rates of processor cores enables testing multiple possible execution scenarios, which may force previously unknown timing window problems to occur. These timing window problems may then be detected.

Abstract: A technique for deploying an application in a cloud computing environment includes collecting, when a user is deploying an application, metadata and instructions on deploying the application. The metadata includes service metadata, application metadata and topology metadata, where the service metadata includes metadata on a service required for deploying the application, the application metadata includes metadata on the application, and the topology metadata includes metadata indicative of a relationship between the service and the application. The collected metadata and instructions are stored as a model for re-deploying the application.

Abstract: A mobile application privacy analysis system is described, where the system scans a mobile device to identify files associated with a particular SDK and generates a tokenized name for the SDK. The tokenized name includes tokens representing the SDK vendor and one or more functions of the SDK. Using the tokenized name, the system then determines corresponding categories for each functionality token and score for each such category. Based on the scores, the system determines the most significant category and assigns that category to the SDK for use in privacy analysis. The system may also, or instead, determine a vendor category using the vendor token and assign that category to the SDK. Weighting factors may be applied to the scores for the categories associated with the functionality tokens and vendor tokens.

Abstract: A system includes persistent storage containing data used by software applications, and a server application configured to perform operations, including identifying a subset of the data, where the subset is used to generate a full offline payload for a particular software application and that includes user interface (UI) components selected for the particular software application based on the subset of the data. The operations also include monitoring the subset of the data to identify a modification to particular data and, based on identifying the modification, generating a partial offline payload based on the particular data as modified, where the partial offline payload includes a subset of the UI components, and where each UI component of the subset is updated based on the particular data as modified. The operations further include receiving a request for the partial offline payload and, based on receiving the request, transmitting the partial offline payload.

Abstract: In particular embodiments, a computer-implemented data processing method for responding to a data subject access request comprises: (A) receiving a data subject access request from a requestor comprising one or more request parameters; (B) determining that the data subject is associated with a particular geographic location; (C) verifying that the data subject is associated with the particular geographic location; (D) in response to verifying that the data subject is associated with the particular geographic location, processing the request by identifying one or more pieces of personal data associated with the data subject; and (E) taking one or more actions based at least in part on the data subject access request, the one or more actions including one or more actions related to the one or more pieces of personal data.

Abstract: Methods, systems, and computer-readable media are disclosed herein that provide a comprehensive view that reveals all or nearly all possible method dependencies that are present in client workflows. In aspects, when computer code for a particular method is going to be edited, other methods are identified that have upstream or downstream dependencies relative to the particular method. The methods that will be affected based on the computer code editing can be presented in a user-interactive graphical user interface that facilitates exploration of upstream and downstream dependencies.

Abstract: A consent receipt management system may, for example, be configured to track data on behalf of an entity that collects and/or processes persona data related to: (1) who consented to the processing or collection of personal data; (2) when the consent was given (e.g., a date and time); (3) what information was provided to the consenter at the time of consent (e.g., a privacy policy, what personal data would be collected following the provision of the consent, for what purpose that personal data would be collected, etc.); (4) how consent was received (e.g., one or more copies of a data capture form, webform, etc. via which consent was provided by the consenter); (5) when consent was withdrawn (e.g., a date and time of consent withdrawal if the consenter withdraws consent); and/or (6) any other suitable data related to receipt or withdrawal of consent.

Abstract: A method of executing computer-readable code for interaction with one or more data resources on a data processing platform, the method performed using one or more processors, comprising: receiving a request message including an identifier identifying executable code stored in a data repository; determining, using the identifier, an execution environment of a plurality of stored execution environments mapped to the identified executable code, wherein determining the execution environment mapped to the identified executable code comprises: accessing mapping data identifying a mapping between the identifier and the execution environment of the plurality of stored execution environments, the mapping data including configuration data associated with the identifier, wherein the configuration data identifies one or more convention-based data libraries particular to the execution environment; configuring the determined execution environment to access the one or more convention-based data libraries during execution; e

Abstract: Systems and methods for building and testing software projects within a virtual computing environment of a computing resource service provider, providing for gathering, reporting, and summarization of test results generated by test runs executed as part of the build process are disclosed. A user makes requests to a build service provided by the computing resource service provider which automates building and testing of program code for software modules and software projects including such modules. The build service receives the requests and allocates physical computing resources, such as usage of processors, memory, storage drives, computer network interfaces, and other components of hardware computing devices within a virtual computing environment to attempt to build the software modules and report results of tests performed during the build attempts. The user may supply program code to be built without otherwise needing to manage the virtual computing resources allocated to complete the requested tasks.

Abstract: An example operation includes one or more of receiving a smart contract code by an analyzer node, building, by the analyzer node, a control flow-graph comprising a plurality of basic code blocks based on the smart contract code, computing, by the analyzer node, a read and write set for each of the basic code blocks from the plurality of the basic code blocks, and determining, by the analyzer node, at least two basic code blocks from the plurality of the basic code blocks that may be executed in parallel.

Abstract: Disclosed is method and system for turning existing object-oriented programming languages into smart contract languages without introducing new syntactic features. The invented method and system provide a protocol that enables storing a history of computations on a decentralized computer network, such as a UTXO-based blockchain system, for any object-oriented computer language. The invented method and system further provide for storing and updating data on blockchains, where such blockchains may be used in cryptocurrency applications and for smart contracts.

Abstract: Responding to a data subject access request includes receiving the request and identifying the requestor and source. In response to identifying the requestor and source, a computer processor determines whether the data subject access request is subject to fulfillment constraints, including whether the requestor or source is malicious. If so, then the computer processor denies the request or requests a processing fee prior to fulfillment. If not, then the computer processor fulfills the request.

Abstract: A system and method for automating test scenarios for a component or entity of a network, including defining a test case that includes multiple values for multiple parameters and generating at least one test scenario based on the test case. Test scenarios can utilize the same traffic generator files and share data files to automate test execution. The system and method can further include executing a test scenario to obtain a test result that indicates whether the component or entity of the network passed or failed the test scenario.

Abstract: A method and system for identifying and extracting independent services from a computer program are configured. The method comprises retrieving code and runtime data of the computer program, upon reception of a request to extract at least one service; performing a dynamic analysis on the retrieved code to determine code resources of the computer program; identifying, based on the code resources and runtime data, boundaries of services included in the computer program and are independent of other services; and deriving context and compile-time dependencies of the computer program using static analysis; and generating based on the context, compile-time dependencies, and code resources a service specification file for each independent service of the services included in the computer program, wherein an independent service includes all resources require for its execution independently of the computer program.

Abstract: In particular embodiments, an Orphaned Data Action System is configured to analyze one or more data systems (e.g., data assets), identify one or more pieces of personal data that are one or more pieces of personal data that are not associated with one or more privacy campaigns of the particular organization, and notify one or more individuals of the particular organization of the one or more pieces of personal data that are one or more pieces of personal data that are not associated with one or more privacy campaigns of the particular organization.

Abstract: A computing system includes a logic subsystem and memory storing instructions executable by the logic subsystem. The instructions are executable by the logic subsystem to store, in the memory, a plurality of software models that each describe aspects of a network connected device or a software service, the plurality of software models comprising a first version of a selected software model. The logic subsystem is configured to receive a second version of the selected software model and validate the second version of the selected software model via validation logic by applying one or more versioning rules to the second version of the selected software model. Based on the application of the one or more versioning rules, the logic subsystem is configured to execute a versioning action on the selected software model.

Abstract: In one example of the technology, device information associated with a device upgrade and a plurality of devices includes risk parameters including values associated with a minimum health value that is associated with a minimum acceptable number of healthy devices among the plurality of devices and a confidence value associated with a minimum acceptable probability that the number of healthy devices among the plurality of devices is at least as great as the minimum health value; and, for each device a success probability value that is associated with a probability that the device will be healthy after the device upgrade is performed on the device. A Poisson binomial distribution is iteratively used to determine a set of devices among the plurality of device for which the largest possible number of devices are included in the set of devices while meeting the risk parameters. The set of devices is then upgraded.

Abstract: Technologies related to constructing a data flow graph are described herein, where the data flow graph indicates that personal data is passed from a first computer-executable module of an organization computing system to a second computer-executable module of the organization computing system. The data flow graph is constructed based upon static analysis data pertaining to source code of the organization computing system; the data flow graph is further constructed based upon infrastructure data that provides runtime information for the organization computing system.

Abstract: Data processing systems and methods according to various embodiments are adapted for automatically detecting and documenting privacy-related aspects of computer software. Particular embodiments are adapted for: (1) automatically scanning source code to determine whether the source code include instructions for collecting personal data; and (2) facilitating the documentation of the portions of the code that collect the personal data. For example, the system may automatically prompt a user for comments regarding the code. The comments may be used, for example, to populate: (A) a privacy impact assessment; (B) system documentation; and/or (C) a privacy-related data map. The system may comprise, for example, a privacy comment plugin for use in conjunction with a code repository.