Abstract: Detecting malware attacks is described herein. A computer-implemented method may include receiving, via a processor, events from a plurality of activity monitors. The method also include extracting, via the processor, a plurality of behavioral features from the received events. The method may further include detecting, via the processor, a malware attack based on the extracted behavioral features using a malware identification model trained on private data and public data using a machine learning technique, wherein the private data includes private enterprise attack findings. The method may also include executing, via the processor, an ad hoc protection improvement based on the detected malware attack.

Abstract: Examples of techniques for generating streaming analytics applications are described herein. An example computer-implemented method includes receiving, via a processor, subject matter requirements in a semi-structured format. The method includes classifying, via the processor, the subject matter requirements based on a predefined taxonomy. The method includes extracting, via the processor, a list of entities from the subject matter requirements based on grammar. The method includes generating a solution based on a glossary and the list of extracted entities. The method includes generating, via the processor, a streaming analytics application based on the solution.

Abstract: Detecting malware attacks is described herein. A computer-implemented method may include receiving, via a processor, events from a plurality of activity monitors. The method also include extracting, via the processor, a plurality of behavioral features from the received events. The method may further include detecting, via the processor, a malware attack based on the extracted behavioral features using a malware identification model trained on private data and public data using a machine learning technique, wherein the private data includes private enterprise attack findings. The method may also include executing, via the processor, an ad hoc protection improvement based on the detected malware attack.

Abstract: Detecting malware attacks is described herein. A computer-implemented method may include receiving, via a processor, events from a plurality of activity monitors. The method also include extracting, via the processor, a plurality of behavioral features from the received events. The method may further include detecting, via the processor, a malware attack based on the extracted behavioral features using a malware identification model trained on private data and public data. The method may also include executing, via the processor, an ad hoc protection improvement based on the detected malware attack.

Abstract: Detecting malware attacks is described herein. A computer-implemented method may include receiving, via a processor, events from a plurality of activity monitors. The method also include extracting, via the processor, a plurality of behavioral features from the received events. The method may further include detecting, via the processor, a malware attack based on the extracted behavioral features using a malware identification model trained on private data and public data. The method may also include executing, via the processor, an ad hoc protection improvement based on the detected malware attack.

Abstract: Aspects include detecting that an extract transform load (ETL) job in an ETL system has been submitted for execution. The ETL job can include an input data storage location and an output data storage location. The ETL job is analyzed to predict whether execution of the ETL job will result in sensitive information being made accessible to an unauthorized user. The analyzing can be based on a sensitivity status of contents of the input data storage location and a data lineage of contents of the output data storage location. The ETL job is prevented from executing based on predicting that execution of the ETL job will result in sensitive information being made accessible to an unauthorized user. Execution of the ETL job is initiated based on predicting that execution of the ETL job will not result in sensitive information being made accessible to an unauthorized user.

Abstract: Techniques for informing a user about an agreement including agreement terms and trustworthiness of data source are described herein. In some examples, a processor receives agreement document data while the data is in route to a client device. A system receives network sources and content data of the agreement document. The network sources are to be processed by the processor with traffic analytics, and the content data is to be processed with text analytics. The output of these analytics is used to generate an agreement risk event for delivery to the client device with the original agreement document data.

Abstract: Techniques for informing a user about an agreement including agreement terms and trustworthiness of data source are described herein. In some examples, a processor receives agreement document data while the data is in route to a client device. A system receives network sources and content data of the agreement document. The network sources are to be processed by the processor with traffic analytics, and the content data is to be processed with text analytics. The output of these analytics is used to generate an agreement risk event for delivery to the client device with the original agreement document data.

Abstract: A computer-implemented method includes receiving data representing pre-existing instances of an analytics model developed over time; detecting changes in state of the analytics model over time to detect trends; generating a new instance of the analytics model that has been modified based on detected trends in the analytics model; generating new training data based on discovered trends of the analytics model over time; comparing a coverage of the new instance of the analytics model and coverages of the pre-existing instances of the analytics model with the new training data; and determining whether new instance of the analytics model have better coverage than the pre-existing instances of the analytics model with the new training data. A corresponding computer program product and system are also disclosed.

Abstract: Examples of techniques for detecting and preventing sensitive information leaks are described herein. In one example, a method for detection of sensitive information leaks comprises computing, via a processor, a set of rules that identify sensitive information, and sending, via the processor, the set of rules to a dispatcher application using a protocol. The method can also include detecting, via the processor, that at least one data block of the transmitted data matches the set of rules, and executing, via the processor, a corrective action in response to detecting that at least one of the transmitted data blocks matches the set of rules.

Abstract: Aspects include detecting that an extract transform load (ETL) job in an ETL system has been submitted for execution. The ETL job can include an input data storage location and an output data storage location. The ETL job is analyzed to predict whether execution of the ETL job will result in sensitive information being made accessible to an unauthorized user. The analyzing can be based on a sensitivity status of contents of the input data storage location and a data lineage of contents of the output data storage location. The ETL job is prevented from executing based on predicting that execution of the ETL job will result in sensitive information being made accessible to an unauthorized user. Execution of the ETL job is initiated based on predicting that execution of the ETL job will not result in sensitive information being made accessible to an unauthorized user.

Abstract: Examples of techniques for detecting and preventing sensitive information leaks are described herein. In one example, a method for detection of sensitive information leaks includes computing, via a processor, a set of rules that identify sensitive information, and sending, via the processor, the set of rules to a dispatcher application using a protocol. The method can also include detecting, via the processor, that at least one data block of the transmitted data matches the set of rules, and executing, via the processor, a corrective action in response to detecting that at least one of the transmitted data blocks matches the set of rules.

Abstract: Examples of techniques for generating streaming analytics applications are described herein. An example computer-implemented method includes receiving, via a processor, subject matter requirements in a semi-structured format. The method includes classifying, via the processor, the subject matter requirements based on a predefined taxonomy. The method includes extracting, via the processor, a list of entities from the subject matter requirements based on grammar. The method includes generating a solution based on a glossary and the list of extracted entities. The method includes generating, via the processor, a streaming analytics application based on the solution.

Abstract: Examples of techniques for generating streaming analytics applications are described herein. An example computer-implemented method includes receiving, via a processor, subject matter requirements in a semi-structured format. The method includes classifying, via the processor, the subject matter requirements based on a predefined taxonomy. The method includes extracting, via the processor, a list of entities from the subject matter requirements based on grammar. The method includes generating a solution based on a glossary and the list of extracted entities. The method includes generating, via the processor, a streaming analytics application based on the solution.

Abstract: Techniques for informing a user about an agreement including agreement terms and trustworthiness of data source are described herein. In some examples, a processor receives agreement document data while the data is in route to a client device. A system receives network sources and content data of the agreement document. The network sources are to be processed by the processor with traffic analytics, and the content data is to be processed with text analytics. The output of these analytics is used to generate an agreement risk event for delivery to the client device with the original agreement document data.

Abstract: Techniques for informing a user about an agreement including agreement terms and trustworthiness of data source are described herein. In some examples, a processor receives agreement document data While the data is in route to a client device. A system receives network sources and content data of the agreement document. The network sources are to be processed by the processor with traffic analytics, and the content data is to be processed with text analytics. The output of these analytics is used to generate an agreement risk event for delivery to the client device with the original agreement document data.

Abstract: Examples of techniques for detecting and preventing sensitive information leaks are described herein. In one example, a method for detection of sensitive information leaks includes computing, via a processor, a set of rules that identify sensitive information, and sending, via the processor, the set of rules to a dispatcher application using a protocol. The method can also include detecting, via the processor, that at least one data block of the transmitted data matches the set of rules, and executing, via the processor, a corrective action in response to detecting that at least one of the transmitted data blocks matches the set of rules.

Abstract: Examples of techniques for detecting and preventing sensitive information leaks are described herein. In one example, a method for detection of sensitive information leaks comprises computing, via a processor, a set of rules that identify sensitive information, and sending, via the processor, the set of rules to a dispatcher application using a protocol. The method can also include detecting, via the processor, that at least one data block of the transmitted data matches the set of rules, and executing, via the processor, a corrective action in response to detecting that at least one of the transmitted data blocks matches the set of rules.

Abstract: Techniques are provided for enabling communications between a business process and an external entity, by a) receiving notification data from a business process of a computer-based business process management system, b) applying a set of rules to any of the notification data to select an external entity to whom a communication will be sent, select a communications channel from among a plurality of communications channels associated with the external entity, and generate the communication from any of the notification data in a manner that conforms to the selected communications channel, and c) sending the communication to the external entity via the selected communications channel.