Abstract: A resource management system receives a set of application priorities. The resource management system determines, based at least in part on the received set of application priorities, a resource allocation corresponding to a proposed distribution of the computing applications and the users amongst the computing devices of a computing infrastructure. The resource management system determines, using the resource allocation, a recommended device configuration for each of the computing devices. The resource management system automatically implements the determined resource allocation using the device configuration determined for each of the computing devices.

Abstract: A prioritization system includes a memory that stores an access record with, for each of the users, an indication of a previous usage of computing applications. The memory stores a permission record with, for each of the users, an indication of the computing applications that the user is permitted to access. The memory stores user affinities that include, for each of the users, an affinity score corresponding to a predetermined ability level of the user to engage in an activity associated with one or more of the computing applications. The prioritization system determines a priority score for each of the users. In response to receiving a request for a priority of a first user of the users, the prioritization system provides a response with the priority score determined for the first user of the users.

Abstract: A system includes a database, a memory, and a processor. The database stores data associated with a known security threat. The memory includes a threat model associated with a software application. The processor identifies, based on natural language processing of the data associated with the known security threat, one or more attributes of software susceptible to the known security threat. The processor also identifies, based on natural language processing of the threat model, one or more attributes of the software application. The processor additionally determines, based on a comparison between the one or more attributes of software susceptible to the known security threat and the one or more attributes of the software application, that the software application is susceptible to the known security threat. In response, the processor updates the threat model to reflect the susceptibility of the software application to the known security threat.

Abstract: A system configured for identifying unpermitted data in source code receives a search query comprising particular keywords related to the unpermitted data. The system labels the source code with vulnerability factors and categories of those vulnerability factors, where the vulnerability factors indicate a security vulnerability and the categories provide information about the security vulnerability of the source code. The system performs a static analysis on the source code to identify instances of the particular keyword in a data flow and control flow of the source code. The system performs a vulnerability analysis on the source code to determine a vulnerability level of the source code, in which factor weights and category weights for each code portion of the source code are determined. The system calculates a weighted sum of the factor weights and category weights for each code portion, thereby detecting instances of unpermitted data in source code.

Abstract: A code repository stores source code. An insider threat detection system stores instructions for detecting code defects and criteria indicating predetermined types of code defects that, when present, are associated with intentional obfuscation of one or more functions of the source code. The insider threat detection system receives an entry of source code and detects, using the model, a set of code defects in the entry of source code. A defect type is determined for each code defect, thereby determining a set of defect types included in the entry of source code. If it is determined that each of the predetermined types of code defects indicated by the criteria is included in the determined set of defect types, the entry of source code is determined to include an insider threat.

Abstract: A resource management system receives a set of application priorities. The resource management system determines, based at least in part on the received set of application priorities, a resource allocation corresponding to a proposed distribution of the computing applications and the users amongst the computing devices of a computing infrastructure. The resource management system determines, using the resource allocation, a recommended device configuration for each of the computing devices. The resource management system automatically implements the determined resource allocation using the device configuration determined for each of the computing devices.

Abstract: A prioritization system includes a memory that stores an access record with, for each of the users, an indication of a previous usage of computing applications. The memory stores a permission record with, for each of the users, an indication of the computing applications that the user is permitted to access. The memory stores user affinities that include, for each of the users, an affinity score corresponding to a predetermined ability level of the user to engage in an activity associated with one or more of the computing applications. The prioritization system determines a priority score for each of the users. In response to receiving a request for a priority of a first user of the users, the prioritization system provides a response with the priority score determined for the first user of the users.

Abstract: A system includes a computing infrastructure and an application prioritization system. The computing infrastructure includes a plurality of computing devices configured to implement computing applications. The application prioritization system receives application data associated with the computing applications. A request is received for a priority of a first computing application of the computing applications compared to a second computing application of the computing applications. The application prioritization system determines, using a feedback-based machine learning model, a first priority of the first computing application and a second priority of the second computing application and an explanation of the first and second priorities. A response is provided with an indication of the larger of the first priority and second priority and the explanation.

Abstract: A system configured for identifying insider threats in source code conducts an automated analysis designed to identify instances of insider threats. The system performs a static analysis on results from the automated analysis to identify instances of keywords related to methods and targets of insider threats, external data being used, code layering is used to obfuscate a content. The system identifies points of correlations between instances found by performing the static analysis and assigns weight values to code portions based on the number of points of correlations found in the code portions. The system identifies code portions having weight values above a threshold value, thereby detecting instances of insider threats in source code.

Abstract: Email metadata, and in some embodiments other secondary data, is analyzed to identify users of interest defined as having knowledge or expertise in a subject matter. Specifically, a corpus of email metadata is analyzed to determine, at least, which subject matters are associated with users, which users received or transmitted subject matter-specific emails, the distribution groups to which users, and any other relevant email metadata. In additional embodiments, secondary data other than email metadata is also analyzed and used to identify the users of interest. The analyzed email metadate, and in some embodiments the secondary data, is used to render reputation indicator(s) for each user that indicate a level of knowledge/expertise that the user possesses on subject matter(s). A requester provides input criteria including the subject matter, and, in response, is presented a ranked user listing that is ranked based on the level of reputation indictor.

Abstract: A system configured for identifying unpermitted data in source code receives a search query comprising particular keywords related to the unpermitted data. The system labels the source code with vulnerability factors and categories of those vulnerability factors, where the vulnerability factors indicate a security vulnerability and the categories provide information about the security vulnerability of the source code. The system performs a static analysis on the source code to identify instances of the particular keyword in a data flow and control flow of the source code. The system performs a vulnerability analysis on the source code to determine a vulnerability level of the source code, in which factor weights and category weights for each code portion of the source code are determined. The system calculates a weighted sum of the factor weights and category weights for each code portion, thereby detecting instances of unpermitted data in source code.

Abstract: A system configured for identifying insider threats in source code conducts an automated analysis designed to identify instances of insider threats. The system performs a static analysis on results from the automated analysis to identify instances of keywords related to methods and targets of insider threats, external data being used, code layering is used to obfuscate a content. The system identifies points of correlations between instances found by performing the static analysis and assigns weight values to code portions based on the number of points of correlations found in the code portions.