Abstract: A system for suspending a computing device suspected of being infected by a malicious code is configured to receive a signal to initiate a suspension procedure of the computing device. The system captures states of instructions that are being executed by a processor of the computing device, where the instructions comprise the malicious code. The system prioritizes the operation of a kill switch button over the instructions being executed by the processor. The system sends notification signals to servers managing a user account associated with a user currently logged in at the computing device, indicating that the computing device is suspected of having been infected by the malicious code. In response to sending the notification signals to the servers, the user account is suspended. The system terminates network connections of the computing device such that the computing device is disconnected from other devices.

Abstract: Artificial intelligence (“AI”) apparatus and methods are provided for hardening security of software applications. Under the conventional approaches, additional manual investment implementing security policies does not yield proportional increases in combating cyber security threats. Using manual approaches, it is increasingly difficult to consistently apply multiple policies covering different software applications or versions. This results in increased risk and technical debt. Over time, these undesirable consequences exacerbate the likelihood of inadvertently introducing an adverse policy omission or change. As the scale of software application deployed across and organization increases, it becomes even more difficult to ensure that security policies tracked and consistently applied. This may result in ineffective, contradictory or duplicative configuration requirements.

Abstract: Aspects of the disclosure relate to application mapping and alerting based on data dependencies in business and technology logic. In some embodiments, a computing platform may receive a request to map enterprise technology resources. Then, the computing platform may generate a business capability model. Next, the computing platform may cause a user computing device to display a graphical user interface comprising selectable graphical representations of applications associated with the enterprise technology resources. Then, the computing platform may receive a user input identifying an occurrence of a technology incident by selecting one of the graphical representations. In response to the selection, the computing platform may trace, using the generated business capability model, upstream or downstream impacts of the technology incident.

Abstract: Aspects of the disclosure relate to an automated monitoring of proximate devices. A computing platform may cause a reporting device to detect a target device in a local network, retrieve network data associated with the target device, and send, to an intermediate server, the network data. The computing platform may send, to the intermediate server, a query. The intermediate server may send the network data in response to the query. Based on the network data, the computing platform may determine an amount of time that has elapsed since network activity was previously detected for the target device, and based on a determination that the amount of time exceeds a predetermined time threshold, the computing platform may generate an alert notification indicating that the target device may need to be traced. Subsequently, the alert notification may be sent to the reporting device.

Abstract: A system for suspending a computing device suspected of being infected by a malicious code is configured to receive a signal to initiate a suspension procedure of the computing device. The system captures states of instructions that are being executed by a processor of the computing device, where the instructions comprise the malicious code. The system prioritizes the operation of a kill switch button over the instructions being executed by the processor. The system sends notification signals to servers managing a user account associated with a user currently logged in at the computing device, indicating that the computing device is suspected of having been infected by the malicious code. In response to sending the notification signals to the servers, the user account is suspended. The system terminates network connections of the computing device such that the computing device is disconnected from other devices.

Abstract: A system for suspending a computing device suspected of being infected by a malicious code is configured to receive a signal to initiate a suspension procedure of the computing device. The system captures states of instructions that are being executed by a processor of the computing device, where the instructions comprise the malicious code. The system prioritizes the operation of a kill switch button over the instructions being executed by the processor. The system sends notification signals to servers managing a user account associated with a user currently logged in at the computing device, indicating that the computing device is suspected of having been infected by the malicious code. In response to sending the notification signals to the servers, the user account is suspended. The system terminates network connections of the computing device such that the computing device is disconnected from other devices.

Abstract: Aspects of the disclosure relate to an automated monitoring of proximate devices. A computing platform may cause a reporting device to detect a target device in a local network, retrieve network data associated with the target device, and send, to an intermediate server, the network data. The computing platform may send, to the intermediate server, a query. The intermediate server may send the network data in response to the query. Based on the network data, the computing platform may determine an amount of time that has elapsed since network activity was previously detected for the target device, and based on a determination that the amount of time exceeds a predetermined time threshold, the computing platform may generate an alert notification indicating that the target device may need to be traced. Subsequently, the alert notification may be sent to the reporting device.

Abstract: A system for suspending a computing device suspected of being infected by a malicious code is configured to receive a signal to initiate a suspension procedure of the computing device. The system captures states of instructions that are being executed by a processor of the computing device, where the instructions comprise the malicious code. The system prioritizes the operation of a kill switch button over the instructions being executed by the processor. The system sends notification signals to servers managing a user account associated with a user currently logged in at the computing device, indicating that the computing device is suspected of having been infected by the malicious code. In response to sending the notification signals to the servers, the user account is suspended. The system terminates network connections of the computing device such that the computing device is disconnected from other devices.

Abstract: Systems for enhanced security using biometric controls are provided. A user may launch an application on a user device and one or more rules or instructions may be executed activating enhanced security functions for the application. As the user interacts with a touch screen display of the device, user input including biometric data may be captured. The biometric data may be compared to pre-stored biometric data of the user. If the biometric data matches the pre-stored data, the system may capture additional user input and biometric data and analyze that data to verify the user. If the biometric data does not match the pre-stored data, functionality and/or accessibility of the application may be modified. The system may continue to capture user input and/or biometric data and if the registered user's data is again recognized, the functionality and/or accessibility may again be modified to provide access to the registered user.

Abstract: Artificial intelligence (“AI”) apparatus and methods are provided for hardening security of software applications. Under the conventional approaches, additional manual investment implementing security policies does not yield proportional increases in combating cyber security threats. Using manual approaches, it is increasingly difficult to consistently apply multiple policies covering different software applications or versions. This results in increased risk and technical debt. Over time, these undesirable consequences exacerbate the likelihood of inadvertently introducing an adverse policy omission or change. As the scale of software application deployed across and organization increases, it becomes even more difficult to ensure that security policies tracked and consistently applied. This may result in ineffective, contradictory or duplicative configuration requirements.

Abstract: A device configured to receive source code for an application and analyze the source code to generate metadata for the source code. The metadata identifies operations performed within the source code. The device is further configured to generate a source code model for the source code based on the metadata for the source code and source code modeling instructions. The source code modeling instructions are configured to map the metadata associated with the source code to fields of the source code model. The device is further configured to convert the source code model into a graphical representation using visualization instructions. The visualization instructions include instructions for converting the source code model into the graphical representation. The device is further configured to output the graphical representation.

Abstract: Systems for enhanced security using biometric controls are provided. A user may launch an application on a user device and one or more rules or instructions may be executed activating enhanced security functions for the application. As the user interacts with a touch screen display of the device, user input including biometric data may be captured. The biometric data may be compared to pre-stored biometric data of the user. If the biometric data matches the pre-stored data, the system may capture additional user input and biometric data and analyze that data to verify the user. If the biometric data does not match the pre-stored data, functionality and/or accessibility of the application may be modified. The system may continue to capture user input and/or biometric data and if the registered user's data is again recognized, the functionality and/or accessibility may again be modified to provide access to the registered user.

Abstract: Systems for enhanced protection or security using eye movement tracking are provided. In some examples, a user may launch an application on a user device. If enhanced protections apply to the application, an image of a user eye may be captured and compared to pre-stored data to ensure the user is a registered user. Additional eye movement data may be captured and analyzed. Analyzing the eye movement data may include detecting a look-away by a user. If a look-away is detected, the application may be closed, data within the application may be obscured, or the like. Eye movement data may also be analyzed to identify portions of an application the user viewed for more than a threshold time period, less than a threshold time period, and the like. This data may be analyzed (e.g., using machine learning) to generate one or more heat maps.

Abstract: Systems for enhanced protection or security using eye movement tracking are provided. In some examples, a user may launch an application on a user device. If enhanced protections apply to the application, an image of a user eye may be captured and compared to pre-stored data to ensure the user is a registered user. Additional eye movement data may be captured and analyzed. Analyzing the eye movement data may include detecting a look-away by a user. If a look-away is detected, the application may be closed, data within the application may be obscured, or the like. Eye movement data may also be analyzed to identify portions of an application the user viewed for more than a threshold time period, less than a threshold time period, and the like. This data may be analyzed (e.g., using machine learning) to generate one or more heat maps.

Abstract: Aspects of the disclosure relate to enhanced network security based on inter-application data flows. A computing platform may monitor, via application programming interfaces, data transmissions between applications. Subsequently, the computing platform may retrieve one or more of a time of the data transmission, a source of the data transmission, and a destination of the data transmission. Then, the computing platform may generate a structured database where a pair of components of the database are dynamically linked to one another when the pair of components corresponds to a source and a destination for a data transmission. Subsequently, the computing platform may train a machine learning model to detect structural patterns within the structured database. Then, the computing platform may generate clusters indicative of similar application profiles. Then, the computing platform may predict an impact of a change in an application profile of an application of the plurality of applications.

Abstract: Aspects of the disclosure relate to an automated monitoring of proximate devices. A computing platform may cause a reporting device to detect a target device in a local network, retrieve network data associated with the target device, and send, to an intermediate server, the network data. The computing platform may send, to the intermediate server, a query. The intermediate server may send the network data in response to the query. Based on the network data, the computing platform may determine an amount of time that has elapsed since network activity was previously detected for the target device, and based on a determination that the amount of time exceeds a predetermined time threshold, the computing platform may generate an alert notification indicating that the target device may need to be traced. Subsequently, the alert notification may be sent to the reporting device.

Abstract: Aspects of the disclosure relate to application mapping and alerting based on data dependencies in business and technology logic. In some embodiments, a computing platform may receive a request to map enterprise technology resources. Then, the computing platform may generate a business capability model. Next, the computing platform may cause a user computing device to display a graphical user interface comprising selectable graphical representations of applications associated with the enterprise technology resources. Then, the computing platform may receive a user input identifying an occurrence of a technology incident by selecting one of the graphical representations. In response to the selection, the computing platform may trace, using the generated business capability model, upstream or downstream impacts of the technology incident.

Abstract: A device configured to receive source code for an application and analyze the source code to generate metadata for the source code. The metadata identifies operations performed within the source code. The device is further configured to generate a source code model for the source code based on the metadata for the source code and source code modeling instructions. The source code modeling instructions are configured to map the metadata associated with the source code to fields of the source code model. The device is further configured to convert the source code model into a graphical representation using visualization instructions. The visualization instructions include instructions for converting the source code model into the graphical representation. The device is further configured to output the graphical representation.

Abstract: Aspects of the disclosure relate to application mapping and alerting based on data dependencies in business and technology logic. In some embodiments, a computing platform may receive a request to map enterprise technology resources. Then, the computing platform may generate a business capability model. Next, the computing platform may cause a user computing device to display a graphical user interface comprising selectable graphical representations of applications associated with the enterprise technology resources. Then, the computing platform may receive a user input identifying an occurrence of a technology incident by selecting one of the graphical representations. In response to the selection, the computing platform may trace, using the generated business capability model, upstream or downstream impacts of the technology incident.

Abstract: Methods, systems, and computer program products for facilitating user choices among complex alternatives utilize conjoint analysis to simplify choices to be made by the user. A selector tool presents a user with a first and second series of choices relating to attributes of products or services available to the user. A utilities calculation engine calculates the relative utility of each of the products or services to the user and presents output to the user, which indicates the relative utility of each of the products or services. The user can then select the product or service that has the highest utility value for the user based on the calculated relative utility values.