Abstract: Various embodiments of the present technology generally relate to the characterization and improvement of software applications. More specifically, some embodiments relate to systems and methods for modeling code behavior and generating new versions of the code based on the code behavior models. In some embodiments, a method of improving a codebase includes recording a run of the existing code, characterizing the code behavior via one or more models, prototyping new code according to a target language and target environment, deploying the new code to the target environment, and comparing the behavior of the new code to the behavior of the existing code. In some implementations, generating new code based on the behavior models includes using one or more machine learning techniques for code generation based on the target language and environment.

Abstract: Techniques include receiving an access notification identifying a request by an identity for access to an access-protected network resource; identifying a configurable and multi-dimensional policy defining rights of the identity to access the access-protected network resource with respect to the operation of the access-protected network resource; automatically determining, based on the configurable and multi-dimensional policy, whether to perform at least one of: permitting the identity to access the access-protected network resource; denying the identity to access the access-protected network resource; or rotating a secret associated with the identity.

Abstract: Various embodiments of the present technology generally relate to the characterization and improvement of software applications. More specifically, some embodiments relate to systems and methods for modeling code behavior and generating new versions of the code based on the code behavior models. In some embodiments, a method of improving a codebase includes recording a run of the existing code, characterizing the code behavior via one or more models, prototyping new code according to a target language and target environment, deploying the new code to the target environment, and comparing the behavior of the new code to the behavior of the existing code. In some implementations, generating new code based on the behavior models includes using one or more machine learning techniques for code generation based on the target language and environment.

Abstract: Various embodiments of the present technology generally relate to the characterization and improvement of software applications. More specifically, some embodiments relate to systems and methods for modeling code behavior and generating new versions of the code based on the code behavior models. In some embodiments, a method of improving a codebase includes recording a run of the existing code, characterizing the code behavior via one or more models, prototyping new code according to a target language and target environment, deploying the new code to the target environment, and comparing the behavior of the new code to the behavior of the existing code. In some implementations, generating new code based on the behavior models includes using one or more machine learning techniques for code generation based on the target language and environment.

Abstract: Various embodiments of the present technology generally relate to the characterization and improvement of software applications. More specifically, some embodiments relate to systems and methods for modeling code behavior and generating new versions of the code based on the code behavior models. In some embodiments, a method of improving a codebase includes recording a run of the existing code, characterizing the code behavior via one or more models, prototyping new code according to a target language and target environment, deploying the new code to the target environment, and comparing the behavior of the new code to the behavior of the existing code. In some implementations, generating new code based on the behavior models includes using one or more machine learning techniques for code generation based on the target language and environment.

Abstract: Various embodiments of the present technology generally relate to the characterization and improvement of software applications. More specifically, some embodiments relate to systems and methods for modeling code behavior and generating new versions of the code based on the code behavior models. In some embodiments, a method of improving a codebase includes recording a run of the existing code, characterizing the code behavior via one or more models, prototyping new code according to a target language and target environment, deploying the new code to the target environment, and comparing the behavior of the new code to the behavior of the existing code. In some implementations, generating new code based on the behavior models includes using one or more machine learning techniques for code generation based on the target language and environment.

Abstract: Various embodiments of the present technology generally relate to the characterization and improvement of software applications. More specifically, some embodiments relate to systems and methods for modeling code behavior and generating characterizations of the code behavior and interrelations based on the code models. Some embodiments include user interfaces that provide views into the characterizations and interrelations of the application features and components that can give developers insights quickly and efficiently into applications which may be used for future developments and modifications to the application and to avoid introducing bugs into the application.

Abstract: Various embodiments of the present technology generally relate to the characterization and improvement of software applications. More specifically, some embodiments relate to systems and methods for modeling code behavior and generating new versions of the code based on the code behavior models. In some embodiments, a method of improving a codebase includes recording a run of the existing code, characterizing the code behavior via one or more models, prototyping new code according to a target language and target environment, deploying the new code to the target environment, and comparing the behavior of the new code to the behavior of the existing code. In some implementations, generating new code based on the behavior models includes using one or more machine learning techniques for code generation based on the target language and environment.

Abstract: Various embodiments of the present technology generally relate to the characterization and improvement of software applications. More specifically, some embodiments relate to systems and methods for modeling code behavior and generating new versions of the code based on the code behavior models. In some embodiments, a method of improving a codebase includes recording a run of the existing code, characterizing the code behavior via one or more models, prototyping new code according to a target language and target environment, deploying the new code to the target environment, and comparing the behavior of the new code to the behavior of the existing code. In some implementations, generating new code based on the behavior models includes using one or more machine learning techniques for code generation based on the target language and environment.

Abstract: Disclosed embodiments relate to secretless and secure communications with access-protected network resources. Techniques include identifying a request from a client service to access an access-protected network resource; automatically identifying an identity token uniquely associated with the client service for enabling autonomous authentication of the client service using the identity token; providing, from a secretless connection broker to an authentication credential provider, the identity token uniquely associated with the client service; receiving, from the authentication credential provider, based on the identity token and conditional on successful authentication of the client service, a connection credential; establishing a secure connection with the access-protected network resource using the connection credential; and exchanging secure communications with the access-protected network resource.

Abstract: An access control service to provide access control for operations between resources and/or between resources and users in a cloud computing environment. The access control service receives a request to perform an operation. The requested operation could be initiated by a resource with respect to another resource. The requested operation could also be initiated by a user with respect to a resource. The access control service determines whether the requested operation is permitted. If the requested operation is permitted, the access control service provides the credentials required to perform the requested operation.

Abstract: Examples provided herein enhance the management of permissions based on error reporting in a computing environment. Enhanced permission allocation in a computing environment includes obtaining an error report for an application operating within the computing environment. Based on the error report, permission changes are identified to assist in addressing one or more reported errors. Permission changes can include new, temporary, suspended, updated, modified and/or other permissions for new and/or existing members. Some or all of the identified permission changes can then be allocated to new and/or existing members of the computing environment. Some permission changes may include temporary permissions that provide changed permissions for a limited time period. If an error is not fully addressed, additional evaluation and identification of permission changes can be conducted. Based on this further evaluation, the permission changes can then be updated.

Abstract: Techniques include receiving an access notification identifying a request by an identity for access to an access-protected network resource; identifying a configurable and multi-dimensional policy defining rights of the identity to access the access-protected network resource with respect to the operation of the access-protected network resource; automatically determining, based on the configurable and multi-dimensional policy, whether to perform at least one of: permitting the identity to access the access-protected network resource; denying the identity to access the access-protected network resource; or rotating a secret associated with the identity.

Abstract: Dynamic computing resource access authorization is utilized to manage access to computing resources in a computing environment. A user obtains a digital credential such as a token from an access authority and includes the digital credential in an access request transmitted to a computing resource. The computing resource includes a protective gatekeeper access layer that receives the user request and transmits a user confirmation request to the access authority. The user confirmation request includes the digital credential, which can be used by the access authority to link the users identity to a permission set or the like. The access authority then transmits a status confirmation to the computing resources access layer. The status confirmation may approve or deny the users access request and/or may include permission(s) used by the access layer in allowing or denying the users access request.

Abstract: Network visualization of access controls is utilized to manage computing resources in a computing environment. Host computing systems, virtual nodes executing on the host computing systems, end users associated with each host computing system and virtual node, and permissions for each 5 end user are identified. A display of the computing environment is then generated and comprises interconnections between visual representations of the host computing systems, the virtual nodes, the end users, and the secrets. Modifying data can update, simplify and alter the display.

Abstract: To provide enhanced operation of computing systems to control access to audit logging resources by virtual machines, various systems, apparatuses, methods, and software are provided herein. In a first example, a method of operating a computing system is provided. The method includes receiving requests for audit credentials from virtual machines, and responsively providing individualized audit credentials to the virtual machines based at least on identities of the virtual machines. The method also includes, in the audit system, authorizing storage of audit data transferred by the virtual machines based at least on the individualized audit credentials accompanying the audit data. The method also includes, in the authorization system, selectively de-authorizing one or more of the virtual machines and reporting information regarding the de-authorized one or more of the virtual machines to the one or more audit systems.

Abstract: To provide enhanced operation of virtualized computing systems, various systems, apparatuses, methods, and software are provided herein. In a first example, a method of operating a computing system to control access to data resources by virtual machines is provided. The method includes receiving an access token and an instantiation command from an end user system. Responsive to the instantiation command, the method includes instantiating a virtual machine identified by the instantiation command using the access token as user data for the virtual machine during instantiation. The method also includes, in the virtual machine, executing a security module responsive to instantiation that transfers the access token for delivery to an authorization system, receiving credentials responsive to the access token, and accessing a data resource using the credentials.

Abstract: Systems, methods, apparatus, computer readable media and other implementations provide host directory synchronization and management in which a master host directory system constructs, maintains and updates a master host list of all hosts that are identified and managed by constituent host directory systems in a computing environment. The master host directory system obtains host data from the constituent host directory systems through encrypted file transfers between the master and constituent host directory systems. In addition to creating and maintaining the master list of host identities, the master host directory system can also assist in defining and enforcing security measures affecting host creation, operation, updating and termination.

Abstract: Implementations providing permissions to spawned computing resources within a computing environment include initiating a first computing resource whose operation is limited by a first set of permissions, for example, user-credential-based permissions. Permissions can be based on credentials of a user interfacing within the computing environment. A second computing resource spawned from the first computing resource is then identified and a second set of permissions is provided to the second computing resource. The second set of permissions is at least as restrictive in scope as the first permission set.

Abstract: To provide enhanced operation of virtualized computing systems, various systems, apparatuses, methods, and software are provided herein. In a first example, a method of operating a computing system to control access to data resources by virtual machines is provided. The method includes receiving an access token and an instantiation command from an end user system. Responsive to the instantiation command, the method includes instantiating a virtual machine identified by the instantiation command using the access token as user data for the virtual machine during instantiation. The method also includes, in the virtual machine, executing a security module responsive to instantiation that transfers the access token for delivery to an authorization system, receiving credentials responsive to the access token, and accessing a data resource using the credentials.