Abstract: An example computer system for providing a maturity model can include: one or more processors; and non-transitory computer-readable storage media encoding instructions which, when executed by the one or more processors, causes the computer system to: use a cloud computing cybersecurity matrix that organizes a suite of cybersecurity capabilities associated with a cloud computing environment; overlay the maturity model onto the cloud computing cybersecurity matrix, the maturity model measuring a maturity level of technologies associated with the cloud computing environment; and display a dashboard showing the cloud computing cybersecurity matrix with the maturity model overlaid thereon.

Abstract: Aspects of the disclosure relate to enhanced network security based on inter-application data flows. A computing platform may monitor, via application programming interfaces, data transmissions between applications. Subsequently, the computing platform may retrieve one or more of a time of the data transmission, a source of the data transmission, and a destination of the data transmission. Then, the computing platform may generate a structured database where a pair of components of the database are dynamically linked to one another when the pair of components corresponds to a source and a destination for a data transmission. Subsequently, the computing platform may train a machine learning model to detect structural patterns within the structured database. Then, the computing platform may generate clusters indicative of similar application profiles. Then, the computing platform may predict an impact of a change in an application profile of an application of the plurality of applications.

Abstract: Aspects of the disclosure relate to conducting software testing using dynamically masked data. In some embodiments, a computing platform may receive, from a developer computing platform, a test execution request that includes a test code for execution. Subsequently, the computing platform may establish a secure connection to an enterprise data storage database. Upon establishing the secure connection, the computing platform may request confidential data from the enterprise data storage database in connection the test execution request. Thereafter, the computing platform mat execute the test code, which may include receiving encrypted confidential data from the enterprise data storage, decrypting the confidential data, and plugging the confidential data into the test code.

Abstract: Aspects of the disclosure relate to conducting software testing using dynamically masked data. In some embodiments, a computing platform may receive, from a developer computing platform, a test execution request that includes a test code for execution. Subsequently, the computing platform may establish a secure connection to an enterprise data storage database. Upon establishing the secure connection, the computing platform may request confidential data from the enterprise data storage database in connection the test execution request. Thereafter, the computing platform mat execute the test code, which may include receiving encrypted confidential data from the enterprise data storage, decrypting the confidential data, and plugging the confidential data into the test code.

Abstract: Embodiments of the invention are directed to systems, methods, and computer program products for rapid assessment of cloud frameworks to evaluate those considered for use in an enterprise context. The invention may quickly and consistently identify gaps or weaknesses of cloud frameworks or resources, assess the potential negative impact of such gaps or weaknesses, and facilitate the communication of quantifiable data to responsible parties in order to facilitate the implementation of necessary controls or actions. Embodiments of the invention are highly adaptable and dynamic in fashion such that they can be quickly and easily updated based on the changing needs of the enterprise.

Abstract: Aspects of the disclosure relate to conducting software testing using dynamically masked data. In some embodiments, a computing platform may receive, from a developer computing platform, a test execution request that includes a test code for execution. Subsequently, the computing platform may establish a secure connection to an enterprise data storage database. Upon establishing the secure connection, the computing platform may request confidential data from the enterprise data storage database in connection the test execution request. Thereafter, the computing platform mat execute the test code, which may include receiving encrypted confidential data from the enterprise data storage, decrypting the confidential data, and plugging the confidential data into the test code.

Abstract: Systems for enhanced security using biometric controls are provided. A user may launch an application on a user device and one or more rules or instructions may be executed activating enhanced security functions for the application. As the user interacts with a touch screen display of the device, user input including biometric data may be captured. The biometric data may be compared to pre-stored biometric data of the user. If the biometric data matches the pre-stored data, the system may capture additional user input and biometric data and analyze that data to verify the user. If the biometric data does not match the pre-stored data, functionality and/or accessibility of the application may be modified. The system may continue to capture user input and/or biometric data and if the registered user's data is again recognized, the functionality and/or accessibility may again be modified to provide access to the registered user.

Abstract: Embodiments of the invention are directed to systems, methods, and computer program products for rapid assessment of cloud frameworks to evaluate those considered for use in an enterprise context. The invention may quickly and consistently identify gaps or weaknesses of cloud frameworks or resources, assess the potential negative impact of such gaps or weaknesses, and facilitate the communication of quantifiable data to responsible parties in order to facilitate the implementation of necessary controls or actions. Embodiments of the invention are highly adaptable and dynamic in fashion such that they can be quickly and easily updated based on the changing needs of the enterprise.

Abstract: Systems for enhanced security using biometric controls are provided. A user may launch an application on a user device and one or more rules or instructions may be executed activating enhanced security functions for the application. As the user interacts with a touch screen display of the device, user input including biometric data may be captured. The biometric data may be compared to pre-stored biometric data of the user. If the biometric data matches the pre-stored data, the system may capture additional user input and biometric data and analyze that data to verify the user. If the biometric data does not match the pre-stored data, functionality and/or accessibility of the application may be modified. The system may continue to capture user input and/or biometric data and if the registered user's data is again recognized, the functionality and/or accessibility may again be modified to provide access to the registered user.

Abstract: Aspects of the disclosure relate to conducting software testing using dynamically masked data. In some embodiments, a computing platform may receive, from a developer computing platform, a test execution request that includes a test code for execution. Subsequently, the computing platform may establish a secure connection to an enterprise data storage database. Upon establishing the secure connection, the computing platform may request confidential data from the enterprise data storage database in connection the test execution request. Thereafter, the computing platform mat execute the test code, which may include receiving encrypted confidential data from the enterprise data storage, decrypting the confidential data, and plugging the confidential data into the test code.

Abstract: Aspects of the disclosure relate to providing augmented reality user interfaces for ATM transactions. In some embodiments, a computing platform may receive presence information indicating that a mobile computing device is within a predetermined distance of a first ATM at a first location, authenticate a user of the mobile computing device to an online banking account, and generate a transaction-specific device identifier that uniquely identifies the first ATM at the first location. Thereafter, the computing platform may generate and send an augmented reality user interface to the mobile computing device, prompting the user to use the mobile computing device to capture the transaction-specific device identifier. Based on verifying that the user is authorized to perform a transaction at the first ATM, the computing platform may cause an NFC connection to be established between the mobile computing device and the first ATM, via which the transaction may be conducted.

Abstract: Systems for enhanced protection or security using eye movement tracking are provided. In some examples, a user may launch an application on a user device. If enhanced protections apply to the application, an image of a user eye may be captured and compared to pre-stored data to ensure the user is a registered user. Additional eye movement data may be captured and analyzed. Analyzing the eye movement data may include detecting a look-away by a user. If a look-away is detected, the application may be closed, data within the application may be obscured, or the like. Eye movement data may also be analyzed to identify portions of an application the user viewed for more than a threshold time period, less than a threshold time period, and the like. This data may be analyzed (e.g., using machine learning) to generate one or more heat maps.

Abstract: Systems for enhanced protection or security using eye movement tracking are provided. In some examples, a user may launch an application on a user device. If enhanced protections apply to the application, an image of a user eye may be captured and compared to pre-stored data to ensure the user is a registered user. Additional eye movement data may be captured and analyzed. Analyzing the eye movement data may include detecting a look-away by a user. If a look-away is detected, the application may be closed, data within the application may be obscured, or the like. Eye movement data may also be analyzed to identify portions of an application the user viewed for more than a threshold time period, less than a threshold time period, and the like. This data may be analyzed (e.g., using machine learning) to generate one or more heat maps.

Abstract: Aspects of the disclosure relate to enhanced network security based on inter-application data flows. A computing platform may monitor, via application programming interfaces, data transmissions between applications. Subsequently, the computing platform may retrieve one or more of a time of the data transmission, a source of the data transmission, and a destination of the data transmission. Then, the computing platform may generate a structured database where a pair of components of the database are dynamically linked to one another when the pair of components corresponds to a source and a destination for a data transmission. Subsequently, the computing platform may train a machine learning model to detect structural patterns within the structured database. Then, the computing platform may generate clusters indicative of similar application profiles. Then, the computing platform may predict an impact of a change in an application profile of an application of the plurality of applications.

Abstract: Aspects of the disclosure relate to providing augmented reality user interfaces for ATM transactions. In some embodiments, a computing platform may receive presence information indicating that a mobile computing device is within a predetermined distance of a first ATM at a first location, authenticate a user of the mobile computing device to an online banking account, and generate a transaction-specific device identifier that uniquely identifies the first ATM at the first location. Thereafter, the computing platform may generate and send an augmented reality user interface to the mobile computing device, prompting the user to use the mobile computing device to capture the transaction-specific device identifier. Based on verifying that the user is authorized to perform a transaction at the first ATM, the computing platform may cause an NFC connection to be established between the mobile computing device and the first ATM, via which the transaction may be conducted.

Abstract: Systems, computer program products, and methods are described herein for implementing a resource evaluation engine within a technical environment. The present invention is configured to establish a communication link with a technology platform of a third party system; electronically receive, via the communication link, one or more resources associated with the technology platform of the third party system; determine one or more supervisory requirements associated with the entity; determine whether the one or more resources associated with the technology platform meets the one or more supervisory requirements associated with the entity; and validate the technology platform of the third party based on at least determining that the one or more resources associated with the technology platform meets the one or more supervisory requirements associated with the entity.

Abstract: A system, method, and computer-readable medium are disclosed for performing a cloud environment governance policy operation which provides a governance policy framework for use within cloud environments. In various embodiments, the cloud environment governance policy operation expands identify access management (IAM) systems to understand not only users but also resources. Additionally, in various embodiments, the cloud environment governance policy operation provides governance packs to abstract cloud resources and compliance/governance/regulatory regimes via a common open language.

Abstract: In one embodiment, a method includes receiving a trigger to deploy a particular container on cloud resources accessible thereto such that the cloud resources are provided by a plurality of cloud providers and such that the computer system and the plurality of cloud providers are configured to negotiate container deployment using an information exchange protocol. The information exchange protocol includes a preconfigured inquiry format and a preconfigured inquiry-response format. The method further includes generating a performance inquiry in relation to the particular container. In addition, the method includes transmitting the performance inquiry to the plurality of cloud providers. Moreover, the method includes receiving inquiry responses from at least some of the plurality of cloud providers. Additionally, the method includes causing the particular container to be deployed on resources of the particular cloud provider.

Abstract: In one embodiment, a method is performed by a computer system. The method includes determining a base state of a particular container, wherein the base state is represented by a base image. The method further includes determining a target state of the particular container, wherein the target state is represented by a deployment of the particular container. In addition, the method includes determining a set of commands to transition from the base state to the target state. Further, the method includes generating a manifest for the target state of the particular container, the manifest comprising the determined set of commands to reach the target state.

Abstract: In one embodiment, a method is performed by a computer system. The method includes receiving a request to execute a particular container. The method further includes retrieving a manifest of the particular container from a data store, the manifest indicating a plurality of items included in the particular container. In addition, the method includes validating one or more signatures of the container that are associated with the items indicated in the manifest. Also, the method includes determining an execution context of the request. Further, the method includes accessing an applicable execution policy for the determined execution context. Additionally, the method includes, responsive to a determination that the applicable execution policy is satisfied, causing the particular container to be installed on a target resource.