Abstract: A method, computer program product and system for generating false data for suspicious users. A suspicious user is identified. Actions of the user are then tracked. The user attempting to access sensitive information is detected. Relevant false sensitive information corresponding to the sensitive information is then detected. The relevant false sensitive information is then mapped to the sensitive information. The relevant false sensitive information is provided to the suspicious user. In response to user input, at least one command is executed, where the at least one command includes the relevant false sensitive information and not the sensitive information.

Abstract: An embodiment for recursively adapting a sensitive content masking technique is provided. The embodiment may include receiving a request from a primary user to share an original document. The embodiment may also include receiving an identity of a secondary user who needs access to a masked version of the original document. The embodiment may further include scanning the original document for sensitive information and identifying sensitive information in the original document. The identified sensitive information may be displayed to the primary user. The embodiment may also include generating a masked value for each piece of identified sensitive information. The embodiment may further include suggesting one or more groups of secondary users if there are additional secondary users. The embodiment may also include presenting the masked version of the original document to the secondary user. The embodiment may further include indexing the masked version of the original document.

Abstract: The capture and search of application properties for applications installed on virtual machines, includes obtaining a plurality of logs on a plurality of virtual machine images coupled to a network. For each given virtual machine image of the plurality of virtual machine images, the method includes: obtaining one or more logs on the given virtual machine image of the plurality of virtual machine images; analyzing each given log of the one or more logs to identify one or more concepts related to a set of application properties for one or more applications installed on the given virtual machine image; associating the one or more concepts and the set of application properties with an identity of the given virtual machine image; and storing the association of the one or more concepts and the set of application properties with the identity of the given virtual machine image in a virtual machine catalogue.

Abstract: Embodiments herein disclose computer-implemented methods, computer program products and computer systems for efficiently scheduling referral appointments. The computer-implemented method may include receiving text data corresponding to a referral request; determining patient data based on the text data comprising patient demographic data, patient complaint data, patient medication data, and patient history data; determining doctor data based on the text data comprising sending doctor data and receiving doctor; determining a patient treatment time based on the patient data and the receiving doctor data; sending an appointment request including the patient treatment time to a receiving doctor computing device; and receiving an appointment confirmation including the patient treatment time, wherein the appointment confirmation indicates acceptance of the appointment request by the receiving doctor.

Abstract: A method, computer program product and system for preventing unauthorized access of confidential information. The transmission of data from a first user to a second user is detected. An authorization level corresponding to the second user is then determined. Furthermore, a probability that the authorization level corresponding to the second user and the data is accurate is generated. Additionally, a determination is made that the data includes sensitive information that the second user is not authorized to access based on the authorization level. Moreover, the data can be modified based on the probability, where the data is to be redacted if the probability is within a range of a threshold value or the data is to be blocked from transmission if the probability is above the range.

Abstract: Client side code of a web application can be received by a mobile device. The mobile device can automatically inject mobile aware code into the client side code of the web application. The mobile aware code can modify the client side code of the web application for use by the mobile device, wherein the client side code of the web application is not modified for use by the mobile device prior to the mobile aware code being injected. The client side code of the web application modified by the mobile aware code can be executed by the mobile device.

Abstract: Client side code of a web application can be received by a mobile device. The mobile device can automatically inject mobile aware code into the client side code of the web application. The mobile aware code can modify the client side code of the web application for use by the mobile device, wherein the client side code of the web application is not modified for use by the mobile device prior to the mobile aware code being injected. The client side code of the web application modified by the mobile aware code can be executed by the mobile device.

Abstract: The capture and search of application properties for applications installed on virtual machines, includes obtaining a plurality of logs on a plurality of virtual machine images coupled to a network. For each given virtual machine image of the plurality of virtual machine images, the method includes: obtaining one or more logs on the given virtual machine image of the plurality of virtual machine images; analyzing each given log of the one or more logs to identify one or more concepts related to a set of application properties for one or more applications installed on the given virtual machine image; associating the one or more concepts and the set of application properties with an identity of the given virtual machine image; and storing the association of the one or more concepts and the set of application properties with the identity of the given virtual machine image in a virtual machine catalogue.

Abstract: A computer-implemented method is provided. The method may include determining a behavioral pattern of a user based on historical data access events and historical data access conditions corresponding to the historical data access events, wherein the data access events are associated with a computer enterprise system. A data access request from the user with respect to a secure resource may be received from a computing node connected to the computer enterprise system. A behavioral state of the user may be determined with respect to the data access request and data access conditions corresponding to the data access request. A discrepancy between the behavioral pattern and the behavioral state of the user may be detected. A security risk level may be determined based on the discrepancy. In response to determining that the security risk level exceeds a predetermined threshold, a security action may be performed with respect to the secure resource.

Abstract: Detecting malware attacks is described herein. A computer-implemented method may include receiving, via a processor, events from a plurality of activity monitors. The method also include extracting, via the processor, a plurality of behavioral features from the received events. The method may further include detecting, via the processor, a malware attack based on the extracted behavioral features using a malware identification model trained on private data and public data using a machine learning technique, wherein the private data includes private enterprise attack findings. The method may also include executing, via the processor, an ad hoc protection improvement based on the detected malware attack.

Abstract: In an approach for promoting collaborative marketing, a processor registers a user for a social IoT platform. A processor registers an IoT device associated with the registered user into the social IoT platform. A processor identifies social contacts of the registered user in the social IoT platform. A processor detects a plurality of IoT devices which are associated with the social contacts of the registered user. A processor monitors the IoT device associated with the registered user and the plurality of IoT devices associated with the social contacts of the registered user. A processor analyzes social IoT feed among the IoT device associated with the registered user and the plurality of IoT devices associated with the social contacts of the registered user. A processor recognizes a collaborative need for a plurality of registered users. A processor recommends a collaborative marketing plan based on the collaborative need.

Abstract: Data lineage including a plurality of levels can be received. A configuration also can be received. A three dimensional (3D) virtual reality (VR) model can be built, the 3D VR model including a plurality of floors based on data lineage content corresponding to the plurality of levels and the configuration. The 3D VR model can depict, on at least a first of the plurality of floors, a plurality of rooms of a virtual building representing data elements and hallways of the building representing data flows between data elements. A view of the 3D VR model can be displayed on a display device, wherein the 3D VR model is configured for a user to navigate the plurality of the rooms and hallways of the virtual building to determine lineage of data.

Abstract: A method, computer program product and system for generating false data for suspicious users. A suspicious user is identified. Actions of the user are then tracked. The user attempting to access sensitive information is detected. Relevant false sensitive information corresponding to the sensitive information is then detected. The relevant false sensitive information is then mapped to the sensitive information. The relevant false sensitive information is provided to the suspicious user. In response to user input, at least one command is executed, where the at least one command includes the relevant false sensitive information and not the sensitive information.

Abstract: A method, computer program product and system for generating false data for suspicious users. A suspicious user is identified. Actions of the user are then tracked. The user attempting to access sensitive information is detected. Relevant false sensitive information corresponding to the sensitive information is then detected. The relevant false sensitive information is then mapped to the sensitive information. The relevant false sensitive information is provided to the suspicious user. In response to user input, at least one command is executed, where the at least one command includes the relevant false sensitive information and not the sensitive information.

Abstract: Receiving contextual data including a facial movement associated with an active document. A response associated with the active document is detected and associated with the received contextual data. A contextual metadata tag is generated based on the detected response to the active document. A contextual keyword is created that corresponds to the contextual metadata tag. Search results received in response to the query are filtered based on the contextual metadata tag.

Abstract: Disclosed embodiments provide techniques for accessing a document from a cloud storage system and controlling the display of sensitive data within the document based on user permissions. One or more restricted information segments are identified within a document to be stored on the cloud storage system. Restricted information segments can include anything within an electronic file for which it is desired to provide multiple levels of access. In some embodiments, the restricted information segments are automatically identified via computer-implemented natural language processing (NLP) techniques. For each restricted information segment, one or more alternative data sequences are generated. The alternative data sequences are encrypted using various keys residing on a client device associated with a user. The keys can be used to decrypt data stored within a multiple-value encrypted field structure.

Abstract: Embodiments of the present invention disclose methods and systems which receive a user credential corresponding to a user, a task to be performed by the user, a security policy including a user role, and sensitive information. These methods and systems dynamically provision virtual machines including un-redacted information from received sensitive information. Furthermore, a set of tools process the redacted information, based on the user credential, the task to be performed, and the security policy.

Abstract: A developer is monitored by at least one sensor, and developer data is gathered from the at least one sensor. Code change data is gathered for changes made by the monitored developer to at least one area of code, and the code change data is mapped to the developer data. Test cases are run to test the at least one area of code, and to identify failed test cases. Code change data corresponding to the failed test cases is also identified, as well as developer data mapped to the corresponding code change data. Further, a prediction model that correlates test case failure with the developer data is generated. The prediction model is used to generate probabilities of failure for test cases based on a new developer data mapped to new code test data.

Abstract: An example system includes a processor to monitor a data asset and associated access policies to be synchronized to detect a trigger. The processor is to also request and receive data lineage information on the monitored data asset in response to detecting the trigger. The processor is to further detect a source system and a target system based on the data lineage information. The processor is also to query an access policy of the source system and an access policy of the target system. The processor is to merge the access policy of the source system and the access policy of the target system based on a predetermined merger configuration to generate a merged access policy. The processor is to update a monitoring system based on the merged access policy.

Abstract: Disclosed aspects relate to information presentation management by an electronic presentation device. With respect to a set of information for presentation, a set of information profile data is detected. Using a set of sensors linked to the electronic presentation device, a set of device sensor data of the electronic presentation device is collected. Based on both the set of device sensor data and the set of information profile data, a determination of a security configuration for presentation of the set of information on the electronic presentation device is made. Based on the security configuration, the set of information is presented by the electronic presentation device.