Abstract: Systems, apparatus, articles of manufacture, and methods are disclosed to tag cloud resources. An example apparatus includes interface circuitry, machine readable instructions, and programmable circuitry to at least one of instantiate or execute the machine readable instructions to obtain first accesses of a cloud resource, the first accesses defining a first usage pattern associated with the cloud resource, associate the cloud resource with a business environment based on the first accesses, compare the first usage pattern to a second usage pattern corresponding to historical accesses of reference cloud resources associated with the business environment, and when the first usage pattern is different from the second usage pattern, limit second accesses of the cloud resource based on the second usage pattern.

Abstract: Systems, apparatus, articles of manufacture, and methods are disclosed to test an automated query language by interfacing with a query endpoint, generating a first test suite based on a plurality of combinations of a plurality of attributes corresponding to an API specification, transmitting the first test suite to be executed on the query endpoint, the first test suite to include instructions to cause the query endpoint to access data stored in a database accessible to a plurality of secondary endpoints, obtaining a response time corresponding to the access of the data, comparing the response time corresponding to the access of the data with a service level agreement required response time, and in response to the response time corresponding to the access of the data being longer than the service level agreement required response time, notifying a developer of the plurality of secondary endpoints.

Abstract: Techniques associated with security orchestration for on-premises infrastructure are disclosed. A policy definition associated with on-premises infrastructure that defines a desired state can be received. From the policy definition, a target of the on-premises infrastructure can be identified. A management service associated with the target can be determined, and a plugin for the management service can be identified. The policy definition can be communicated to the management service through the plugin, and the management service sets the state of the target to the desired state. The state of the target can be monitored. If the state differs from the desired state, a remediation workflow is initiated to set the state to the desired state specified by the policy definition.

Abstract: Techniques associated with adaptive infrastructure security are disclosed. Information regarding a plurality of threat events from one or more source systems is received. For each of the plurality of threat events, a probability of a target system being exploited can be computed. A threat event can be selected at a first time from the plurality of threat events associated with a first probability that meets a threshold. Remedial actions performed to address the threat event at a respective source system can be received, and a guardrail to apply to the target system can be determined based on the remedial actions. The guardrail can then be applied to the target system.

Abstract: Techniques associated with adaptive privilege adjustment are disclosed. A least privilege access role for an entity can be received from an access control system that provides the entity a plurality of privileges to access a plurality of resources in a data center. Access by the entity to one or more resources of the data center can be monitored, and based on the access by the entity, it can be determined that the entity does not access at least one resource of the plurality of resources. The least privilege access role can be updated subsequently for the entity to remove at least one privilege of the plurality of privileges for accessing the at least one resource. The least privilege access role for the entity can be applied to the access control system to remove access to the at least one resource for the entity.