Abstract: A security vulnerability analysis mechanism is provided that ingests content from a plurality of content source computing devices to identify instances of security vulnerability content in the ingested content. The mechanism performs a security trend analysis on the instances of security vulnerability content to identify a relative ranking of security vulnerabilities. The mechanism identifies computing resources of a specified computing infrastructure and a criticality of the computing resources to an operation of the computing infrastructure. The mechanism generates a prioritized listing of security vulnerabilities associated with the computing infrastructure based on the relative ranking of security vulnerabilities and the criticality of the computing resources in the computing infrastructure. The mechanism outputs a notification to a user via a user computing device, indicating the prioritized listing of security vulnerabilities.

Abstract: A security vulnerability analysis mechanism is provided that ingests content from a plurality of content source computing devices to identify instances of security vulnerability content in the ingested content. The mechanism performs a security trend analysis on the instances of security vulnerability content to identify a relative ranking of security vulnerabilities. The mechanism identifies computing resources of a specified computing infrastructure and a criticality of the computing resources to an operation of the computing infrastructure. The mechanism generates a prioritized listing of security vulnerabilities associated with the computing infrastructure based on the relative ranking of security vulnerabilities and the criticality of the computing resources in the computing infrastructure. The mechanism outputs a notification to a user via a user computing device, indicating the prioritized listing of security vulnerabilities.

Abstract: Training a random forest model to relate settings of a network security device to undesirable behavior of the network security device is provided. A determination of a corresponding set of settings associated with each region of lowest incident probability is made using a random forest. The plurality of identified desired settings are presented as options for changing the network security device from the as-is settings to the identified desired settings. A choice is received from the plurality of options. The choice informs the random forest model. The random forest model ranks for a new problematic network security device the plurality of options for changing the new problematic network security device from as-is settings to desired settings by aggregating an identified cost of individual configuration changes, thereby identifying a most cost-effective setting for the network security device to achieve a desired output of the network security device.

Abstract: Training a random forest model to relate settings of a network security device to undesirable behavior of the network security device is provided. A determination of a corresponding set of settings associated with each region of lowest incident probability is made using a random forest. The plurality of identified desired settings are presented as options for changing the network security device from the as-is settings to the identified desired settings. A choice is received from the plurality of options. The choice informs the random forest model. The random forest model ranks for a new problematic network security device the plurality of options for changing the new problematic network security device from as-is settings to desired settings by aggregating an identified cost of individual configuration changes, thereby identifying a most cost-effective setting for the network security device to achieve a desired output of the network security device.

Abstract: A computer-implemented method of increasing reliability of an information technology environment comprising a plurality of hardware devices. Training data is received and a random forest is built from the training data using machine learning. A particular hardware device in the plurality of hardware devices is determined to be strange. Strange is defined as the particular hardware device having a proximity value lower than a predetermined threshold value for the random forest. A preventative action is determined to lower a risk of failure of the particular hardware device. The preventative action is reported. Reporting includes at least one of displaying a report on a display device, printing the report onto paper, and storing the report in a non-transitory computer recordable storage medium.