Abstract: Systems and methods for cloud federated token just in time authorization are disclosed. A method may include: (1) receiving, by a cloud authentication services computer program, authenticating information for a user from an active directory federation service computer program; (2) querying, by the cloud authentication services computer program, a plurality of backend services to validate the authenticating information; (3) communicating, by the cloud authentication services computer program, validation to the active directory federation service computer program, wherein the active directory federation service computer program is configured to generate a security token comprising one or more assertion, wherein the assertion comprises a limit on a session with the user at a cloud platform, and wherein the cloud platform is configured to receive the security token and a trusted federated endpoint executed by the cloud platform is configured to enforce the limit on the session.

Abstract: In one embodiment, in access gateway comprising at least one computer processor, a method for real-time data protection may include: (1) receiving a user login comprising a user identifier; (2) retrieving, using an in-memory entitlements graph, a role definition for the user identifier, wherein the role definition comprises allowed actions, entitled assets, and a system account; (3) receiving a selection of a requested asset from the entitled assets and a requested action from the allowed actions; (4) verifying the user's entitlement to access the requested asset and perform the requested action with the system account using the in-memory entitlement graph based on the user identifier, the system account, the requested asset, and the requested action; and (5) authorizing the user's entitlement to access the requested asset and perform the requested action with the system account substantially at a time of requested access.

Abstract: Systems and methods for cloud federated token just in time authorization are disclosed. A method may include: (1) receiving, by a cloud authentication services computer program, authenticating information for a user from an active directory federation service computer program; (2) querying, by the cloud authentication services computer program, a plurality of backend services to validate the authenticating information; (3) communicating, by the cloud authentication services computer program, validation to the active directory federation service computer program, wherein the active directory federation service computer program is configured to generate a security token comprising one or more assertion, wherein the assertion comprises a limit on a session with the user at a cloud platform, and wherein the cloud platform is configured to receive the security token and a trusted federated endpoint executed by the cloud platform is configured to enforce the limit on the session.

Abstract: Systems and methods for data-driven infrastructure controls are disclosed. According to one embodiment, in an information processing apparatus comprising at least one computer processor, a computer-implemented method for automatically detecting anomalous user behavior within a unified entitlement framework may include: (1) receiving an access request for a technology asset from a user on a computing device, the access request comprising session data comprising one or more of user identification, user location, key strokes, and user computing device identification; (2) applying an entitlement-specific machine learning algorithm to the session data to generate an anomaly score; (3) storing the session data and associated anomaly score; (4) sending a review request to a manager; (5) receiving review results from the manager; and (6) updating the entitlement-specific machine learning algorithm based on the anomaly score and the review results from the manager.

Abstract: An embodiment of the present invention may be directed to large scale screen capturing on operating systems across global data center deployments. The system performs monitoring and recording activities, reporting and auditing the activities and further implementing an autonomous (agentless) deployment model. The system may orchestrate a number of agents to execute on an asynchronous basis to capture and aggregate screen data as well as identify associated metadata in real time. The system may also publish the aggregated screen data.

Abstract: An embodiment of the present invention may be directed to performing monitoring and recording activities, reporting and auditing the activities and further implementing an autonomous (agentless) deployment model.

Abstract: In one embodiment, in access gateway comprising at least one computer processor, a method for real-time data protection may include: (1) receiving a user login comprising a user identifier; (2) retrieving, using an in-memory entitlements graph, a role definition for the user identifier, wherein the role definition comprises allowed actions, entitled assets, and a system account; (3) receiving a selection of a requested asset from the entitled assets and a requested action from the allowed actions; (4) verifying the user's entitlement to access the requested asset and perform the requested action with the system account using the in-memory entitlement graph based on the user identifier, the system account, the requested asset, and the requested action; and (5) authorizing the user's entitlement to access the requested asset and perform the requested action with the system account substantially at a time of requested access.

Abstract: In one embodiment, in access gateway comprising at least one computer processor, a method for real-time data protection may include: (1) receiving a user login comprising a user identifier; (2) retrieving, using an in-memory entitlements graph, a role definition for the user identifier, wherein the role definition comprises allowed actions, entitled assets, and a system account; (3) receiving a selection of a requested asset from the entitled assets and a requested action from the allowed actions; (4) verifying the user's entitlement to access the requested asset and perform the requested action with the system account using the in-memory entitlement graph based on the user identifier, the system account, the requested asset, and the requested action; and (5) authorizing the user's entitlement to access the requested asset and perform the requested action with the system account substantially at a time of requested access.

Abstract: Systems and methods for data-driven infrastructure controls are disclosed. According to one embodiment, in an information processing apparatus comprising at least one computer processor, a computer-implemented method for automatically detecting anomalous user behavior within a unified entitlement framework may include: (1) receiving an access request for a technology asset from a user on a computing device, the access request comprising session data comprising one or more of user identification, user location, key strokes, and user computing device identification; (2) applying an entitlement-specific machine learning algorithm to the session data to generate an anomaly score; (3) storing the session data and associated anomaly score; (4) sending a review request to a manager; (5) receiving review results from the manager; and (6) updating the entitlement-specific machine learning algorithm based on the anomaly score and the review results from the manager.

Abstract: In one embodiment, in access gateway comprising at least one computer processor, a method for real-time data protection may include: (1) receiving a user login comprising a user identifier; (2) retrieving, using an in-memory entitlements graph, a role definition for the user identifier, wherein the role definition comprises allowed actions, entitled assets, and a system account; (3) receiving a selection of a requested asset from the entitled assets and a requested action from the allowed actions; (4) verifying the user's entitlement to access the requested asset and perform the requested action with the system account using the in-memory entitlement graph based on the user identifier, the system account, the requested asset, and the requested action; and (5) authorizing the user's entitlement to access the requested asset and perform the requested action with the system account substantially at a time of requested access.

Abstract: Apparatuses, computer readable media, methods, and systems are described for automatic deployment of applications and infrastructure components, which may include processing selection of an operating system, processing selection of a stack, creating a stencil based on the operating system and the stack, and publishing the stencil.

Abstract: Apparatuses, computer readable media, methods, and systems are described for automatic deployment of applications and infrastructure components, which may include processing selection of an operating system, processing selection of a stack, creating a stencil based on the operating system and the stack, and publishing the stencil.

Abstract: Apparatuses, computer readable media, methods, and systems are described for automatic deployment of applications and infrastructure components, which may include processing selection of an operating system, processing selection of a stack, creating a stencil based on the operating system and the stack, and publishing the stencil.

Abstract: Embodiments disclosed herein relate to systems, methods, and computer program products for a dual precision compute system for determining a price of a financial instrument using a Monte Carlo simulation. The system, method, and computer program product are configured to determine a model for calculating a price for a financial instrument using a Monte Carlo simulation; determine variables associated with the financial instrument; conduct a first portion of the Monte Carlo simulation with the variables using a first level precision; conduct a second portion of the Monte Carlo simulation with the variables using a second level precision, wherein the second level precision is higher than the first level precision; and determine the price of the financial instrument from the model. The first level precision may be a single precision floating point format and the second level precision may be a double precision floating point format.

Abstract: Apparatuses, computer readable media, methods, and systems are described for automatic deployment of applications and infrastructure components, which may include processing selection of an operating system, processing selection of a stack, creating a stencil based on the operating system and the stack, and publishing the stencil.