-
公开(公告)号:US20190129705A1
公开(公告)日:2019-05-02
申请号:US15800612
申请日:2017-11-01
发明人: Muhammed Fatih Bulut , Lisa M. Chavez , Jinho Hwang , Virginia Mayo , Vugranam C. Sreedhar , Sai Zeng
摘要: Techniques that facilitate group patching recommendation and/or remediation with risk assessment are provided. In one example, a system includes a vertical stack component, a horizontal stack component and a risk classification component. The vertical stack component identifies a first patch profile from a software system associated with a computer system environment. The horizontal stack component identifies a second patch profile from a hardware system associated with network nodes of the computer system environment. The system learns over time to identify repetitive patterns using machine learning techniques. Then, the risk classification component performs a machine learning process to determine a risk classification for the computer system environment based on the first patch profile and the second patch profile.
-
公开(公告)号:US11972255B2
公开(公告)日:2024-04-30
申请号:US17358166
申请日:2021-06-25
摘要: A content generation method includes receiving a control document comprising one or more control clauses, identifying actionable content for the one or more control clauses, generating a programming language template for the one or more control clauses, identifying a closest existing control clause from a database for each of the one or more control clause, identifying a programming language implementation of the closest existing control clause, identifying similarities and differences between the programming language implementation and the generated programming language template, and annotating the programming language implementation for the closest existing control clause based on the identified similarities and differences. The method may additionally include determining whether a closest existing control clause exists, providing the generated programming language template to a user responsive to determining that a closest existing control clause does not exist, and receiving feedback from the user regarding the generated programming language template.
-
公开(公告)号:US11522819B2
公开(公告)日:2022-12-06
申请号:US16679440
申请日:2019-11-11
发明人: Constantin Mircea Adam , Muhammed Fatih Bulut , Richard Baxter Hull , Anup Kalia , Maja Vukovic , Jin Xiao
IPC分类号: G06F40/30 , H04L51/046 , G06N5/02 , G06Q10/10 , G06F16/332 , H04L51/56
摘要: Techniques facilitating maintenance of tribal knowledge for accelerated compliance control deployment are provided. In one example, a system includes a memory that stores computer executable components and a processor that executes computer executable components stored in the memory, wherein the computer executable components include a knowledge base generation component that generates a knowledge graph corresponding to respective commitments created via tribal exchanges, the knowledge graph comprising a semantic level and an operational level; a semantic graph population component that populates the semantic level of the knowledge graph based on identified parties to the respective commitments; and an operational graph population component that populates the operational level of the knowledge graph based on tracked status changes associated with the respective commitments.
-
公开(公告)号:US11411979B2
公开(公告)日:2022-08-09
申请号:US16563504
申请日:2019-09-06
发明人: Muhammed Fatih Bulut , Milton H. Hernandez , Jinho Hwang , Constantin Mircea Adam , Daniel S. Riley
摘要: Systems, computer-implemented methods, and computer program products that can facilitate compliance process risk assessment are provided. According to an embodiment, a system can comprise a memory that stores computer executable components and a processor that executes the computer executable components stored in the memory. The computer executable components can comprise a metric assignment component that assigns one or more risk assessment metrics based on vulnerability data of a compliance process. The computer executable components can further comprise a risk assignment component that assigns a risk score of the compliance process based on the one or more risk assessment metrics.
-
25.发明申请公开(公告)号:US20220156631A1
公开(公告)日:2022-05-19
申请号:US16950228
申请日:2020-11-17
发明人: ALI KANSO , Jinho HWANG , Muhammed Fatih Bulut , SHRIPAD NADGOWDA , Chen Lin
摘要: Systems and methods are provided that integrate a machine-learning model, and more specifically, utilizing a platform as a service (PaaS) cloud to predict probability of success for an operator in an environment. An embodiment comprises a system having: a processor that executes computer executable components stored in memory, trained machine-learning model that predicts probability of success for deployment of an operator in an environment with a namespace of a platform as a service (PaaS) cloud, and a deployment component that receives a first operator and a first namespace and employs the trained machine-learning model to predict success of deployment of the first operator in a first environment.
-
公开(公告)号:US20220131887A1
公开(公告)日:2022-04-28
申请号:US17078455
申请日:2020-10-23
发明人: Lilian Mathias Ngweta , Steven Ocepek , Constantin Mircea Adam , Sai Zeng , Muhammed Fatih Bulut , Milton H. Hernandez
摘要: Systems, computer-implemented methods, and computer program products that facilitate vulnerability and attack technique association are provided. According to an embodiment, a system can comprise a memory that stores computer executable components and a processor that executes the computer executable components stored in the memory. The computer executable components can comprise a map component that defines mappings between vulnerability data representing a vulnerability of a computing resource and attack data representing at least one attack technique. The computer executable components can further comprise an estimation component that analyzes the mappings to estimate a probability that the vulnerability will be exploited to attack the computing resource.
-
公开(公告)号:US20210357392A1
公开(公告)日:2021-11-18
申请号:US15930273
申请日:2020-05-12
IPC分类号: G06F16/242 , G06F40/30 , G06F40/284 , G06F16/28 , G06F16/23 , G06N20/00
摘要: Computer implemented reconstruction of compliance mapping due to an update in a regulation in the compliance mapping by a computing device includes comparing a first version of a regulation in the compliance mapping to a second, updated version of the first regulation. A change in the second version with respect to the first version is identified. The change may be an added control description, a deleted control description, or an updated control description. Upon determining that the change is an updated control description, the updated control description is analyzed to determine a type of update. The mapping of the regulation is reconstructed based on the change and, if the change is an updated control description, the type of update, using at least one of natural language processing and/or machine learning. The risk of the reconstructed mapping is assessed, and a service owner is notified about the risk of the changes.
-
公开(公告)号:US11178110B2
公开(公告)日:2021-11-16
申请号:US16545977
申请日:2019-08-20
发明人: Constantin M. Adam , Jeffrey E. Lammers , Muhammed Fatih Bulut , Milton H. Hernandez , Maja Vukovic
摘要: A method provides for controlling compliance remediation that includes performing compliance inspection runs by account nodes for multiple accounts. Inspection results of the inspection runs from each account node are aggregated by an account cognitive policy advisory (CPA) service. The inspection results from each account are aggregated. It is determined whether remediations are required by analyzing the inspection results combined with a current compliance mode of a server. Upon a determination that the current compliance mode of the server is a first mode, the account CPA service determines whether a policy fingerprint has changed. Upon a change to the policy fingerprint, compliance enforcement runs on the account nodes are temporarily suspended.
-
公开(公告)号:US11144289B1
公开(公告)日:2021-10-12
申请号:US16877599
申请日:2020-05-19
发明人: Jinho Hwang , Muhammed Fatih Bulut , Ali Kanso , Shripad Nadgowda
摘要: An artificial intelligence (AI) platform to support a continuous integration and deployment (CI/CD) pipeline for software development and operations (DevOps). One or more dependency graphs are generated based on application artifacts. A machine learning (ML) model is leveraged to capture a relationship between components in the dependency graph(s) and one or more pipeline artifacts. Responsive a change of an application artifact, the captured relationship is leveraged to identify an impact of the detected change on the pipeline artifact(s). The CI/CD pipeline is selectively optimized and executed based on the identified impact to improve the efficiency of the pipeline and the deployment time.
-
公开(公告)号:US10977366B2
公开(公告)日:2021-04-13
申请号:US16703200
申请日:2019-12-04
摘要: Techniques for dynamic server groups that can be patched together using stream clustering algorithms, and learning components in order to reuse the repeatable patterns using machine learning are provided herein. In one example, in response to a first risk associated with a first server device, a risk assessment component patches a server group to mitigate a vulnerability of the first server device and a second server device, wherein the server group is comprised of the first server device and the second server device. Additionally, a monitoring component monitors data associated with a second risk to the server group to mitigate the second risk to the server group.
-
-
-
-
-
-
-
-
-
搜索结果
65 条记录 (耗时 0.029 秒)
