Abstract: Analyzing communications to determine appropriateness and provide recommendations based on prior communications. Prior communications may create a baseline tone based on the sentiment, words, or phrases used in previous communications between the user and the intended recipient and/or other user recipient pairs. Machine learning techniques may be used to continuously update a baseline tone.

Abstract: Systems, methods, and computer-readable storage media for providing communication recommendations to users. The system receives electronic transcripts associated with a first user and generates, based on the transcripts, a communication profile of the user. The system also receives additional user transcripts associated with a plurality of additional users and generates additional communication profiles for those additional users based on the additional transcripts. The system receives a request to communicate with at least one user within the plurality of additional users regarding a specified topic, identifies a second user from within the plurality of additional users, and generates a communication initiation recommendation for the first user to communicate with the second user. The system then transmits the communication initiation recommendation to a first user computing device associated with the first user.

Abstract: Aspects described herein may provide determination of a pedestrian route for a user to reach a seating area inside of a venue. Financial transaction data of the user may be reviewed to determine the user purchased one or more tickets to an event at the venue. Information regarding the event or the venue may be determined including seating charts for the venue and whether the tickets are for assigned or unassigned seats. Crowd densities inside and outside of the venue may be determined. The pedestrian route may be determined based on the crowd densities, number of tickets, and type of seating. The route may be updated as conditions change including any change to the crowd densities or change to seating availability. The route may increase a likelihood that the user reaches the seating area prior to a start of the event, and in a less stressful manner.

Abstract: Disclosed herein are system, method, and computer program product embodiments for securing ATM transactions based on facial detection. The approach contemplates performing facial detection on an image of a user of an ATM when the user authenticates themselves, and comparing the user's detected face to facial detection results of subsequent images taken at the ATM. Based on this comparison, various security events may be detected and, for any given security event, a particular action may be taken.

Abstract: A configured application for authorizing a credit card by a user and a method that may include receiving an electronic request to pair a mobile device associated with a user with a credit card of the user. The credit card may include a location tracking circuitry to remotely communicate a location of the credit card to a remote electronic recipient. The location of the credit card may be received by a processor from the remote electronic recipient. A proximity multi-factor authentication may verify that the user is an authorized user of the credit card. The mobile device associated with the user may be paired with the credit card of the user after verifying that the user is the authorized user. The processor may receive the location of the credit card paired with the mobile device from the remote electronic recipient. The location of the credit card may be displayed on a display of the mobile device associated with the user.

Abstract: Methods and systems are disclosed for improvements in cloud services by sharing estimated and actual usage data of cloud services recipients with the cloud services provider. The sharing of this data allows the cloud services provider to better apportion cloud resources between multiple cloud services recipients. By analyzing information included in the shared data (e.g., information about one or more applications that use the cloud resources), the cloud services provider may categorize the applications and/or the functions of those applications into authorized and unauthorized uses, the determination of which, is used to further efficiently apportion the cloud services resources.

Abstract: Methods and systems are described for matching contributor skills to required skills in source code programming projects in order to provide more agility for the project team. For example, to provide more agility, the methods and system track contributor skills and assign contributors to contributions based on one or more of a plurality of skills of a contributor not corresponding to a skill required for the project. The methods and system may nonetheless maintain workflow velocity in the source code programming projects.

Abstract: In certain embodiments, training data may be generated for training a prediction model. Training data including first datasets may be obtained, where the first datasets include a plurality of feature types. A determination, via a relevancy model, based on the training data, of whether a feature type satisfies a first condition may be made. If the first condition is satisfied, one or more second datasets may be obtained to update the training data, where the second datasets include the plurality of feature types. A determination, via the relevancy model, based on the updated training data, may be made as to whether the feature type satisfies a second condition. The first and second conditions may relate to whether the feature type has a threshold amount of influence on the prediction model. If the second condition is satisfied, the updated training data may be provided to the prediction model.

Abstract: To facilitate improved email and device security, embodiments of systems and methods include intercepting, by a processor associated with an entity, an internet request, where the internet request is produced by a link received in an email at a first computing device. The processor determines that the link is externally bound relative to an entity network. The processor determines an existence of a sandbox environment instance in a set of existing sandbox environment instances. The processor routes the link through the sandbox environment instance. The processor updates the sandbox log in the database based on the sandbox environment instance and the link. The processor causes to display on a screen of the first computing device a user interface for interacting with the link in the sandbox environment instance, and the processor logs activities associated with interacting with the link in a security log.

Abstract: Disclosed herein are system, method, and computer program product embodiments for securing ATM transactions based on facial detection. The approach contemplates performing facial detection on an image of a user of an ATM when the user authenticates themselves, and comparing the user's detected face to facial detection results of subsequent images taken at the ATM. Based on this comparison, various security events may be detected and, for any given security event, a particular action may be taken.

Abstract: A system for generating a map with spots. The system includes processors and storage devices storing instructions that, when executed, configure the processors to perform operations. The operations may include receiving a map request of a venue, the map request comprising first location data associated with the venue, and transmitting a map data file for the venue, the map data file comprising a presentation of a plurality of spots in the venue and the spots being associated with confidence levels. The operations may also include receiving an add-spot request, the add-spot including data of an additional spot to be added, second location data associated with the additional spot, and verification data. The operations may also include determining a confidence level for the additional spot, modifying the map data file to include a representation of the additional spot, and transmitting the modified map data file.

Abstract: Implementations are directed to methods for detecting and identifying advanced persistent threats (APTs) in networks, including receiving first domain activity data from a first network domain and second domain activity data from a second network domain, including multiple alerts from the respective first and second network domains and where each alert of the multiple alerts results from one or more detected events in the respective first or second network domains. A classification determined for each alert of the multiple alerts with respect to a cyber kill chain. A dependency is then determined for each of one or more pairs of alerts and a graphical visualization of the multiple alerts is generated, where the graphical visualization includes multiple nodes and edges between the nodes, each node corresponding to the cyber kill chain and representing at least one alert, and each edge representing a dependency between alerts.

Abstract: Examples of malware detection are provided. In an example, to detect malwares, a first subset of features may be determined from a binary file. The binary file may be analyzed based on machine learning model to determine a category of malware, which is based on a degree of detectability of the category. A first category may have a lower detectability of malware in the binary file and a second category may have a higher detectability than the first. A model may then be created to analyze the first category of malware and an analysis of the binary may be performed. The analysis may be performed using the model. Thereafter, a confidence score may be generated for the binary file. The confidence score may be indicative of certainty of determining whether the binary file is goodware or includes malware. Malware may be detected upon the confidence score exceeding a threshold value.

Abstract: In certain embodiments, training data may be generated for training a prediction model. Training data including first datasets may be obtained, where the first datasets include a plurality of feature types. A determination, via a relevancy model, based on the training data, of whether a feature type satisfies a first condition may be made. If the first condition is satisfied, one or more second datasets may be obtained to update the training data, where the second datasets include the plurality of feature types. A determination, via the relevancy model, based on the updated training data, may be made as to whether the feature type satisfies a second condition. The first and second conditions may relate to whether the feature type has a threshold amount of influence on the prediction model. If the second condition is satisfied, the updated training data may be provided to the prediction model.

Abstract: Implementations are directed to methods for detecting and identifying advanced persistent threats (APTs) in networks, including receiving first domain activity data from a first network domain and second domain activity data from a second network domain, including multiple alerts from the respective first and second network domains and where each alert of the multiple alerts results from one or more detected events in the respective first or second network domains. A classification determined for each alert of the multiple alerts with respect to a cyber kill chain. A dependency is then determined for each of one or more pairs of alerts and a graphical visualization of the multiple alerts is generated, where the graphical visualization includes multiple nodes and edges between the nodes, each node corresponding to the cyber kill chain and representing at least one alert, and each edge representing a dependency between alerts.

Abstract: To facilitate improved email and device security, embodiments of systems and methods include intercepting, by a processor associated with an entity, an internet request, where the internet request is produced by a link received in an email at a first computing device. The processor determines that the link is externally bound relative to an entity network. The processor determines an existence of a sandbox environment instance in a set of existing sandbox environment instances. The processor routes the link through the sandbox environment instance. The processor updates the sandbox log in the database based on the sandbox environment instance and the link. The processor causes to display on a screen of the first computing device a user interface for interacting with the link in the sandbox environment instance, and the processor logs activities associated with interacting with the link in a security log.

Abstract: The present specification is related to analysis of digital circuits for assessing a fault sensitivity of a digital logic circuit. An example method includes: obtaining a set of input vectors that represent possible inputs to the digital logic circuit; for each output gate of the plurality of digital logic gates: (i) for each input vector of the set of input vectors, determining a cumulative output delay for the output gate, and (ii) determining an averaged cumulative output delay for the output gate by averaging the cumulative output delays for the output gate that were determined for multiple input vectors of the set of input vectors; generating a fault sensitivity score for the digital logic circuit based on the averaged cumulative output delays for the output gates of the digital logic circuit; and providing the fault sensitivity score.

Abstract: Methods and systems are disclosed for improvements in cloud services by sharing estimated and actual usage data of cloud services recipients with the cloud services provider. The sharing of this data allows the cloud services provider to better apportion cloud resources between multiple cloud services recipients. By analyzing information included in the shared data (e.g., information about one or more applications that use the cloud resources), the cloud services provider may categorize the applications and/or the functions of those applications into authorized and unauthorized uses, the determination of which, is used to further efficiently apportion the cloud services resources.

Abstract: Examples of malware detection are provided. In an example, to detect malwares, a first subset of features may be determined from a binary file. The binary file may be analyzed based on machine learning model to determine a category of malware, which is based on a degree of detectability of the category. A first category may have a lower detectability of malware in the binary file and a second category may have a higher detectability than the first. A model may then be created to analyze the first category of malware and an analysis of the binary may be performed. The analysis may be performed using the model. Thereafter, a confidence score may be generated for the binary file. The confidence score may be indicative of certainty of determining whether the binary file is goodware or includes malware. Malware may be detected upon the confidence score exceeding a threshold value.

Abstract: A separable or split transaction card may be a transaction card that is separable into multiple parts. The transaction card may be separable into multiple portions through an axis that extends through one or more pieces of personal identification information. The transaction card may transition between two or more configurations. A first configuration may be one in which the multiple card portions are not connected, all of the separated pieces of personal identification information are disabled, and the transaction card is disabled. A second configuration may be one in which the multiple card portions are connected, one or more of the separated pieces of personal identification information are enabled, and the transaction card is enabled and may be read when inserted into a card reading machine.