Abstract: A system includes a memory and processor. The memory stores code segment vulnerability findings that were generated through static application security testing (SAST). The processor generates a code fingerprint for each code segment, which corresponds to an abstract syntax tree that has been augmented by data flow information and flattened. The processor applies a machine learning clustering algorithm to group the code fingerprints into clusters of fingerprints that share one or more features. The processor additionally determines that both the fingerprint corresponding to the first source code segment and the fingerprint corresponding to a second source code segment belong to the same cluster. In response, the processor transmits an alert to a device of an administrator, identifying the second code segment as vulnerable to a real vulnerability, where a vulnerability finding for the first code segment has been classified as the real vulnerability through external review.

Abstract: A system includes a memory and processor. The memory stores code segment vulnerability findings that were generated through static application security testing (SAST). For a first code segment, a first vulnerability finding has been classified as a real vulnerability, and a second vulnerability finding has been classified as a false positive by external review. The processor generates a code fingerprint for each code segment, which corresponds to an abstract syntax tree that has been augmented by data flow information and flattened. The processor determines that the fingerprint for the first code segment matches the fingerprint for a second code segment and that the vulnerability findings for the first code segment match those for the second. In response, the processor automatically classifies a matching first vulnerability finding for the second code segment as the real vulnerability, and a matching second vulnerability finding for the second code segment as the false positive.

Abstract: A system includes a memory and processor. The memory stores code segment vulnerability findings that were generated through static application security testing (SAST). For a first code segment, a first vulnerability finding has been classified as a real vulnerability, and a second vulnerability finding has been classified as a false positive by external review. The processor generates a code fingerprint for each code segment, which corresponds to an abstract syntax tree that has been augmented by data flow information and flattened. The processor determines that the fingerprint for the first code segment matches the fingerprint for a second code segment and that the vulnerability findings for the first code segment match those for the second. In response, the processor automatically classifies a matching first vulnerability finding for the second code segment as the real vulnerability, and a matching second vulnerability finding for the second code segment as the false positive.

Abstract: A system includes a memory and processor. The memory stores code segment vulnerability findings that were generated through static application security testing (SAST). The processor generates a code fingerprint for each code segment, which corresponds to an abstract syntax tree that has been augmented by data flow information and flattened. The processor applies a machine learning clustering algorithm to group the code fingerprints into clusters of fingerprints that share one or more features. The processor additionally determines that both the fingerprint corresponding to the first source code segment and the fingerprint corresponding to a second source code segment belong to the same cluster. In response, the processor transmits an alert to a device of an administrator, identifying the second code segment as vulnerable to a real vulnerability, where a vulnerability finding for the first code segment has been classified as the real vulnerability through external review.

Abstract: A resource management system receives a set of application priorities. The resource management system determines, based at least in part on the received set of application priorities, a resource allocation corresponding to a proposed distribution of the computing applications and the users amongst the computing devices of a computing infrastructure. The resource management system determines, using the resource allocation, a recommended device configuration for each of the computing devices. The resource management system automatically implements the determined resource allocation using the device configuration determined for each of the computing devices.

Abstract: A prioritization system includes a memory that stores an access record with, for each of the users, an indication of a previous usage of computing applications. The memory stores a permission record with, for each of the users, an indication of the computing applications that the user is permitted to access. The memory stores user affinities that include, for each of the users, an affinity score corresponding to a predetermined ability level of the user to engage in an activity associated with one or more of the computing applications. The prioritization system determines a priority score for each of the users. In response to receiving a request for a priority of a first user of the users, the prioritization system provides a response with the priority score determined for the first user of the users.

Abstract: A system includes a computing infrastructure and an application prioritization system. The computing infrastructure includes a plurality of computing devices configured to implement computing applications. The application prioritization system receives application data associated with the computing applications. A request is received for a priority of a first computing application of the computing applications compared to a second computing application of the computing applications. The application prioritization system determines, using a feedback-based machine learning model, a first priority of the first computing application and a second priority of the second computing application and an explanation of the first and second priorities. A response is provided with an indication of the larger of the first priority and second priority and the explanation.

Abstract: A document handling system includes a memory and a processor, in communication with the memory, to receive first information from a first document, determine that the first document includes a first topic based on the first information, determine a first classification level of the first document, determine a first grouping of the first document, associate the first classification level and the first grouping with the first topic, receive second information from a second document, determine that the second document includes the first topic based on the second information, and modify the second document to ascribe the first classification level and the first grouping to the second document.

Abstract: Methods for preventing the transmission of sensitive information to locations outside of a secure network by a person who has legitimate access to the sensitive information are described. In some embodiments, in order for an end user of a computing device to establish a secure connection with a secure network and access data stored on the secure network, a client application running on the computing device may be required by the secure network. The client application may monitor visual cues (e.g., facial expressions and gestures) associated with the end user, detect suspicious activity performed by the end user based on the visual cues, and in response to detecting suspicious activity may perform mitigating actions to prevent the transmission of sensitive information such as alerting human resources personnel or requiring authorization prior to sending information to locations outside of the secure network.

Abstract: A wearable display presents information to an end user as visual images having restricted access to other viewers, such as at an eyeglass worn by the end user. Sensitive information that an end user selects for viewing is precluded from presentation at a primary information handling system display and is instead presented at the wearable display, such as with an overlay of the primary display that has the sensitive information presented by the wearable display over the location of the primary display at which the sensitive information would otherwise be presented.

Abstract: Methods for automatically generating help desk tickets in response to detecting performance and/or availability issues that occur throughout multiple layers of a networked computing environment are described. In some embodiments, in response to detecting an alert corresponding with a performance issue affecting the networked computing environment, a root cause identification tool may aggregate a plurality of alarms from a plurality of performance management tools monitoring the networked computing environment, generate a failure graph associated with the performance issue, identify a first leaf node of the failure graph, determine a first remedy associated with the first leaf node, and automatically generate a help desk ticket corresponding with the first leaf node and the first remedy. The automatically generated help desk ticket may specify the failure associated with the first leaf node, the first remedy, a location associated with the first remedy, and an estimated time to fix the failure.

Abstract: A document handling system includes a memory and a processor, in communication with the memory, to receive first information from a first document, determine that the first document includes a first topic based on the first information, determine a first classification level of the first document, determine a first grouping of the first document, associate the first classification level and the first grouping with the first topic, receive second information from a second document, determine that the second document includes the first topic based on the second information, and modify the second document to ascribe the first classification level and the first grouping to the second document.

Abstract: Methods for monitoring a networked computing environment and for identifying root causes of performance and availability issues that occur throughout multiple layers of the networked computing environment are described. In some embodiments, a software service provided by a networked computing environment may experience a service-related performance or availability issue. In response to detecting the service-related issue affecting the service, a root cause identification tool may aggregate data from a plurality of information technology management software tools monitoring the networked computing environment, identify causal relationships between a plurality of failures associated with the service-related issue based on the aggregated data, determine a chain of failures of the plurality of failures based on the causal relationships, identify a root cause of the service-related issue based on the chain of failures, and transmit an alarm corresponding with the root cause.

Abstract: Methods for monitoring a networked computing environment and for consolidating multiple alarms under a single root cause are described. In some embodiments, in response to detecting an alert corresponding with a performance issue in a networked computing environment, a root cause identification tool may aggregate a plurality of alarms from a plurality of performance management tools monitoring the networked computing environment. The root cause identification tool may then generate a failure graph associated with the performance issue based on the plurality of alarms, determine a first set of leaf nodes of the failure graph, determine a first chain of failures based on the first set of leaf nodes, suppress (or hide) alarms that are not associated with the first chain of failures, and output a consolidated alarm associated with the first chain of failures.

Abstract: Systems and methods include receiving data corresponding to a request to access a resource by an identity provided with authority to access the resource. Systems and methods include determining whether the identity is a member of a community based on associating data. The community includes identities as members thereof. Systems and methods include determining a risk level associated with the request. The risk level is determined using a history of access of the resource by a particular member the community if the identity is a member of the community. The risk level is determined using a history of access of the resource by the identity if the identity is not a member of the community. Systems and methods include determining an access policy based on the risk level associated with the request. The access policy indicates whether access to the resource by the identity is to be restricted.

Abstract: A system and method for managing information in an enterprise is disclosed. In one embodiment, the method comprises receiving a document from a component of an enterprise network, determining one or more characteristics associated with the document, assigning a priority score to a user associated with the document, assigning a business value rating to the document, and performing an operation with the document based on the business value rating. In another embodiment, the system includes a processor operable to receive a document, determine one or more characteristics associated with the document, determine a priority score to a user associated with the document, assign a business value rating to the document, and perform an operation with the document based on the business value rating.

Abstract: A method comprises extracting one or more document identifiers from a document currently displayed on the user's computer screen. The method further comprises searching an enterprise network, using the one or more document identifiers, for one or more related documents that are related to the document currently displayed on the user's computer screen. The one or more related documents may then be filtered, and the user may be notified of the one or more filtered related documents.

Abstract: An apparatus, system, and method for identifying related content based on eye movements are disclosed. The system, apparatus, and method display content to a user concurrently in two or more windows, identify areas in each of the windows where a user's eyes focus, extract keywords from the areas where the user's eyes focus in each of the windows, search a communications network for related content using the keywords, and notify the user of the related content by displaying it concurrently with the two or more windows. The keywords are extracted from one or more locations in the two or more windows in which the user's eyes pause for a predetermined amount of time or, when the user's eyes pause on an image, from at least one of the text adjacent to and the metadata associated with that image.

Abstract: Methods for automatically generating a report in response to detecting performance and/or availability issues that occur throughout multiple layers of a networked computing environment based on a role of a target recipient of the report are described. In some embodiments, a failure graph may be generated by a root cause identification tool that aggregates data from a plurality of performance management tools monitoring the networked computing environment. The root cause identification tool may acquire a plurality of report templates, determine a first report template of the plurality of report templates based on the role associated with the target recipient, identify a set of variables or an ontology associated with the first report template, assign values to the set of variables using the failure graph, generate a first report based on the first report template, and output the first report to the target recipient.

Abstract: Methods for preventing the transmission of sensitive information to locations outside of a secure network by a person who has legitimate access to the sensitive information are described. In some embodiments, in order for an end user of a computing device to establish a secure connection with a secure network and access data stored on the secure network, a client application running on the computing device may be required by the secure network. The client application may monitor visual cues (e.g., facial expressions and gestures) associated with the end user, detect suspicious activity performed by the end user based on the visual cues, and in response to detecting suspicious activity may perform mitigating actions to prevent the transmission of sensitive information such as alerting human resources personnel or requiring authorization prior to sending information to locations outside of the secure network.