Abstract: A method, computer program product and/or system receives information pertaining to network data traffic from and/or to a network accessible resource, analyzes the information to determine whether a user is engaged in potential hacking transaction(s) with respect to the resource. On condition that the user is determined to be engaged in potential hacking transaction(s), a “scarecrow” message designed for display to the user, is generated and sent to the user.

Abstract: Examples of techniques for detecting and preventing sensitive information leaks are described herein. In one example, a method for detection of sensitive information leaks includes computing, via a processor, a set of rules that identify sensitive information, and sending, via the processor, the set of rules to a dispatcher application using a protocol. The method can also include detecting, via the processor, that at least one data block of the transmitted data matches the set of rules, and executing, via the processor, a corrective action in response to detecting that at least one of the transmitted data blocks matches the set of rules.

Abstract: Methods, computing systems and computer program products implement embodiments of the present invention that include assigning, to multiple users, respective sets of original roles for accessing data stored on a computer system, and performing, in response to requests from the users, multiple operations on the data. While performing the multiple operations on the data, a transaction log is generated that includes a plurality of entries, each of the entries storing attributes of a given operation. Based on the entries in the log file, a respective set of learned roles for respective users is identified, and the respective sets of the learned roles are assigned to the respective users.

Abstract: Embodiments are directed to a computer-based system for tuning roles. The system includes a memory and a processor system communicatively coupled to the memory. The processor system is configured to receive at least one database access log file and existing role definitions of the system. For each role, the processor system is further configured to create an existing user to permission assignment (EUPA) based at least in part on the existing role definitions of the system. For each role, the processor system is further configured to identify logical sessions in the at least one database access log file and create a demonstrated user to permission assignment (DUPA) formed at least in part from data of the identified logical sessions. For each role, the processor system is further configured to create a final user to permission assignment (FUPA) including a function of the EUPA and the DUPA.

Abstract: Examples of techniques for detecting and preventing sensitive information leaks are described herein. In one example, a method for detection of sensitive information leaks includes computing, via a processor, a set of rules that identify sensitive information, and sending, via the processor, the set of rules to a dispatcher application using a protocol. The method can also include detecting, via the processor, that at least one data block of the transmitted data matches the set of rules, and executing, via the processor, a corrective action in response to detecting that at least one of the transmitted data blocks matches the set of rules.

Abstract: Examples of techniques for detecting and preventing sensitive information leaks are described herein. In one example, a method for detection of sensitive information leaks comprises computing, via a processor, a set of rules that identify sensitive information, and sending, via the processor, the set of rules to a dispatcher application using a protocol. The method can also include detecting, via the processor, that at least one data block of the transmitted data matches the set of rules, and executing, via the processor, a corrective action in response to detecting that at least one of the transmitted data blocks matches the set of rules.

Abstract: A system for defining communities and matching users into said communities, said matched users thereby gaining access to one or more elements associated with said communities; the system comprising a host connected to a network being for communication with a plurality of users, said host being configured for: creating at least one community by defining attributes for each of said communities; and defining one or more elements associated with each of said communities; and assigning attributes to a user, said attributes extracted from information associated with the user; and matching said attributes of at least one user to attributes of at least one community; assigning said user to said community based on the result of said matching; said user thereby gaining access to at least one element associated with said community.