Abstract: An example network security and threat assessment system is configured to determine, based on one or more events that have occurred during execution of one or more applications, a potential security vulnerability of a target computing system, where the one or more events correspond to a node represented in the hierarchical risk model. The system is further configured to identify, based on a mapping of the node represented in the hierarchical risk model to a node represented in a hierarchical game tree model, one or more actions that are associated with the potential security vulnerability and that correspond to the node represented in the hierarchical game tree model, and to output, for display in a graphical user interface, a graphical representation of the potential security vulnerability and the one or more actions associated with the potential security vulnerability.

Abstract: An example network security and threat assessment system is configured to determine, based on one or more events that have occurred during execution of one or more applications, a potential security vulnerability of a target computing system, where the one or more events correspond to a node represented in the hierarchical risk model. The system is further configured to identify, based on a mapping of the node represented in the hierarchical risk model to a node represented in a hierarchical game tree model, one or more actions that are associated with the potential security vulnerability and that correspond to the node represented in the hierarchical game tree model, and to output, for display in a graphical user interface, a graphical representation of the potential security vulnerability and the one or more actions associated with the potential security vulnerability.

Abstract: A risk model for a distributed computing system comprises a plurality of tree nodes organized as a tree. For each tree node of the risk model, the tree node corresponds to a respective event that may befall a distributed computing system. An analysis computing system generates data associating a test agent with a target and also generates data associating the test agent with a tree node in the risk model. The test agent performs a data gathering routine that gathers data from the target associated with the test agent. The gathered data may indicate whether the event corresponding to the tree node is occurring. Furthermore, the analysis computing system may perform the data gathering routine according to a recurrence pattern of the data gathering routine. The analysis computing system may output a graphical representation of the data indicating whether the event corresponding to the tree node is occurring.