Abstract: Data security across data residency restriction boundaries is provided by obtaining and profiling a dataset on which a desired analysis is to be performed, with some results of the desired analysis to be transferred from one location to another, the dataset subject to data residency restrictions that restrict transfer of the dataset across a boundary to the another location, and the profiling identifying a profile level for the dataset, then automatically generating a container image based on the profile level and the data residency restrictions that restrict the transfer of the dataset across the boundary, the container image configured for instantiation and execution to process the dataset into a reformatted dataset not restricted by the data residency restrictions for transfer across the boundary, and storing the container image to a container registry.

Abstract: Data security across data residency restriction boundaries is provided by obtaining and profiling a dataset on which a desired analysis is to be performed, with some results of the desired analysis to be transferred from one location to another, the dataset subject to data residency restrictions that restrict transfer of the dataset across a boundary to the another location, and the profiling identifying a profile level for the dataset, then automatically generating a container image based on the profile level and the data residency restrictions that restrict the transfer of the dataset across the boundary, the container image configured for instantiation and execution to process the dataset into a reformatted dataset not restricted by the data residency restrictions for transfer across the boundary, and storing the container image to a container registry.

Abstract: A method, computer system, and a computer program product for estimating the probability of invoking information technology (IT) disaster recovery at a location based on an incident risk is provided. The present invention may include receiving a piece of data associated with an incident at the location. The present invention may also include estimating a similarity value associated with the incident based on a plurality of past incidents from a knowledge base. The present invention may then include receiving a plurality of mined data based on the location. The present invention may further include predicting the incident risk to the location based on the received plurality of mined data and the estimated similarity value to the plurality of past incidents.

Abstract: A system to provide end users with recommendations on improving the quality of the incident management process is provided. A computer device identifies a set of historical incident reports, wherein the historical incident reports identify: (i) incident tickets, (ii) one or more skills associated with personnel assigned to the incident tickets, and (iii) whether the incident tickets were resolved within threshold periods of time to resolve. The computing device trains a machine learning model to predict sets of skills associated with resolving incident tickets within the threshold periods of time to resolve based, at least in part, on the identified set of historical incident reports. The computing device assigns a set of personnel to the new incident ticket based, at least in part, on the predicted set of skills associated with resolving the new incident ticket within the threshold period of time to resolve.

Abstract: Data security across data residency restriction boundaries is provided by obtaining and profiling a dataset on which a desired analysis is to be performed, with some results of the desired analysis to be transferred from one location to another, the dataset subject to data residency restrictions that restrict transfer of the dataset across a boundary to the another location, and the profiling identifying a profile level for the dataset, then automatically generating a container image based on the profile level and the data residency restrictions that restrict the transfer of the dataset across the boundary, the container image configured for instantiation and execution to process the dataset into a reformatted dataset not restricted by the data residency restrictions for transfer across the boundary, and storing the container image to a container registry.

Abstract: Systems, computer-implemented methods, and computer program products that can facilitate compliance process risk assessment are provided. According to an embodiment, a system can comprise a memory that stores computer executable components and a processor that executes the computer executable components stored in the memory. The computer executable components can comprise a metric assignment component that assigns one or more risk assessment metrics based on vulnerability data of a compliance process. The computer executable components can further comprise a risk assignment component that assigns a risk score of the compliance process based on the one or more risk assessment metrics.

Abstract: A method of identifying an incident root cause probability that includes identifying, using a monitoring system, a first incident/incident class and generating, using a change management application, a first change request and change class. The method also includes generating, from the change management application, a second change request from a second incident, and where the first and second incidents are in a set of incidents, and where the first and second change requests are in a set of changes, mapping, by a cause analysis application, the set of incidents to the set of changes to identify a root cause probability, where the probability is formed by from a Galois linkage chain between the two sets, and developing, from the cause analysis application, a root cause probability value of the first incident, and executing, using a parameter management application, a mitigation process.

Abstract: Systems and techniques that facilitate automated health-check risk assessment of computing assets are provided. In various embodiments, a system can comprise a baseline component that can generate a baseline health-check risk score that corresponds to non-compliance of a computing asset with a stipulated control. In various aspects, the system can further comprise an adjustment component that can adjust the baseline health-check risk score based on a weakness factor of the stipulated control. In some cases, the weakness factor can be based on a magnitude by which a state of the computing asset deviates from the stipulated control. In various embodiments, the adjustment component can further adjust the baseline health-check risk score based on an environmental factor of the computing asset. In various cases, the environmental factor can be based on security mechanisms or security protocols associated with the computing asset.

Abstract: Using a processor and a memory of a testing system, a set of vulnerability testing instructions is executed relative to an application, causing an output of a set of vulnerabilities from the testing system. By executing a probability model, a first probability of adverse impact corresponding to a first vulnerability in the set of vulnerabilities is computed. The first vulnerability and the first probability of adverse impact are added to a vulnerability repository. Using the first probability of adverse impact and a second probability of adverse impact, a first cumulative probability of adverse impact is calculated. Using the first cumulative probability and a first level of organizational impact corresponding to the application, a first risk category is assigned to the application. Responsive to the first risk category being lower than a second risk category, a system management application is caused to install the application in the computer system.

Abstract: A system to provide end users with recommendations on improving the quality of the incident management process is provided. A computer device identifies a set of historical incident reports, wherein the historical incident reports identify: (i) incident tickets, (ii) one or more skills associated with personnel assigned to the incident tickets, and (iii) whether the incident tickets were resolved within threshold periods of time to resolve. The computing device trains a machine learning model to predict sets of skills associated with resolving incident tickets within the threshold periods of time to resolve based, at least in part, on the identified set of historical incident reports. The computing device assigns a set of personnel to the new incident ticket based, at least in part, on the predicted set of skills associated with resolving the new incident ticket within the threshold period of time to resolve.

Abstract: Mechanisms are provided for modifying response of cognitive systems to user requests based on a determined knowledge level of the user and knowledge level of the concepts referenced in the cognitive system responses. The mechanisms receive a response to a user submitted request received from a client computing system and determine a first knowledge level of the user for a domain of the user submitted request. The mechanisms determine a second knowledge level associated with concepts referenced in the response and whether the first knowledge level is different from the second knowledge level. The mechanism, in response to the first knowledge level being different than the second knowledge level, modify content of the response to include concepts associated with the first knowledge level, to thereby generate a modified response. The modified response is then output to the client computing system associated with the user.

Abstract: A method of identifying an incident root cause probability that includes identifying, using a monitoring system, a first incident/incident class and generating, using a change management application, a first change request and change class. The method also includes generating, from the change management application, a second change request from a second incident, and where the first and second incidents are in a set of incidents, and where the first and second change requests are in a set of changes, mapping, by a cause analysis application, the set of incidents to the set of changes to identify a root cause probability, where the probability is formed by from a Galois linkage chain between the two sets, and developing, from the cause analysis application, a root cause probability value of the first incident, and executing, using a parameter management application, a mitigation process.

Abstract: Using a processor and a memory of a testing system, a set of vulnerability testing instructions is executed relative to an application, causing an output of a set of vulnerabilities from the testing system. By executing a probability model, a first probability of adverse impact corresponding to a first vulnerability in the set of vulnerabilities is computed. The first vulnerability and the first probability of adverse impact are added to a vulnerability repository. Using the first probability of adverse impact and a second probability of adverse impact, a first cumulative probability of adverse impact is calculated. Using the first cumulative probability and a first level of organizational impact corresponding to the application, a first risk category is assigned to the application. Responsive to the first risk category being lower than a second risk category, a system management application is caused to install the application in the computer system.

Abstract: A computer-implemented method includes: receiving, by a computing device, a container from a data requester server for processing data as part of an inference analysis; attaching, by the computing device, an input data volume and an output data volume associated with the container; processing, by the computing device, input data stored in the input data volume to produce output data; attaching, by the computing device, the output data in the output data volume; detaching, by the computing device, the input data volume based on attaching the output data to the output data volume; determining, by the computing device, whether sensitive data exists in the output data volume; and providing, by the computing device, the output data volume to the data requester server based on the determining that sensitive data does not exist in the output data volume.

Abstract: Data security across data residency restriction boundaries is provided by obtaining and profiling a dataset on which a desired analysis is to be performed, with some results of the desired analysis to be transferred from one location to another, the dataset subject to data residency restrictions that restrict transfer of the dataset across a boundary to the another location, and the profiling identifying a profile level for the dataset, then automatically generating a container image based on the profile level and the data residency restrictions that restrict the transfer of the dataset across the boundary, the container image configured for instantiation and execution to process the dataset into a reformatted dataset not restricted by the data residency restrictions for transfer across the boundary, and storing the container image to a container registry.

Abstract: Data security across data residency restriction boundaries is provided by profiling a dataset on which a desired analysis is to be performed, with some results of the desired analysis to be transferred from one location to another, the dataset subject to data residency restrictions that restrict transfer of the dataset across a boundary to the another location, and the profiling identifying a profile level for the dataset, automatically generating, based on the profile level and the data residency restrictions that restrict the transfer of the dataset across the boundary, a container for processing the dataset into a reformatted dataset not restricted by the data residency restrictions for transfer across the boundary, instantiating the generated container on a data processing system at the one location, and processing the dataset into the reformatted dataset using the instantiated generated container, and transferring the reformatted dataset to the another location.

Abstract: Systems, computer-implemented methods, and computer program products that can facilitate compliance process risk assessment are provided. According to an embodiment, a system can comprise a memory that stores computer executable components and a processor that executes the computer executable components stored in the memory. The computer executable components can comprise a metric assignment component that assigns one or more risk assessment metrics based on vulnerability data of a compliance process. The computer executable components can further comprise a risk assignment component that assigns a risk score of the compliance process based on the one or more risk assessment metrics.

Abstract: A method, computer system, and a computer program product for estimating the probability of invoking information technology (IT) disaster recovery at a location based on an incident risk is provided. The present invention may include receiving a piece of data associated with an incident at the location. The present invention may also include estimating a similarity value associated with the incident based on a plurality of past incidents from a knowledge base. The present invention may then include receiving a plurality of mined data based on the location. The present invention may further include predicting the incident risk to the location based on the received plurality of mined data and the estimated similarity value to the plurality of past incidents.

Abstract: A computer-implemented method includes: receiving, by a computing device, a container from a data requester server for processing data as part of an inference analysis; attaching, by the computing device, an input data volume and an output data volume associated with the container; processing, by the computing device, input data stored in the input data volume to produce output data; attaching, by the computing device, the output data in the output data volume; detaching, by the computing device, the input data volume based on attaching the output data to the output data volume; determining, by the computing device, whether sensitive data exists in the output data volume; and providing, by the computing device, the output data volume to the data requester server based on the determining that sensitive data does not exist in the output data volume.

Abstract: Data security across data residency restriction boundaries is provided by profiling a dataset on which a desired analysis is to be performed, with some results of the desired analysis to be transferred from one location to another, the dataset subject to data residency restrictions that restrict transfer of the dataset across a boundary to the another location, and the profiling identifying a profile level for the dataset, automatically generating, based on the profile level and the data residency restrictions that restrict the transfer of the dataset across the boundary, a container for processing the dataset into a reformatted dataset not restricted by the data residency restrictions for transfer across the boundary, instantiating the generated container on a data processing system at the one location, and processing the dataset into the reformatted dataset using the instantiated generated container, and transferring the reformatted dataset to the another location.