Abstract: According to an example, an event management system determines context for received events. The event management system generates a context query for an event including event data and transmits the context query to a context determination service. Context may be determined from query results provided by the context determination service.

Abstract: A device, method, and program product are disclosed which are configured to receive, at a risk analysis engine, one or more business service models from a configuration management database, wherein the one or more business service models each comprises a set of configuration items, and wherein the one or more business service models each indicate a type of configuration item and a connectivity of the configuration item; send the set of configuration items to a vulnerability assessment tool; receive, from the vulnerability assessment tool, one or more vulnerability assessment scores for each configuration item within the set of configuration items; determine an overall business service vulnerability score for each of one or more business services based on the one or more business service models and the vulnerability assessment scores received from the vulnerability assessment tool; and output electronically the overall business service vulnerability score.

Abstract: A business service model includes a description of a topology of interconnections between configuration items that implement a business service. Each of the configuration items is associated with a respective vulnerability score and a respective type classification. Based on the vulnerability scores and the type classifications, the following values are determined for each of the configuration items: a respective activity level value indicating a probability of the configuration item being active in the business process, a respective vulnerability probability value indicating a probability of the configuration items being compromised and damaged in the business process, and a respective business process risk value indicating a probability of a failure of the business process resulting from damage of the configuration item. The business process is scored based on the activity level values, the vulnerability values, and the business process risk values.

Abstract: A device, method, and program product for prioritizing security flaw mitigation tasks is provided. The device, method, and program product are configured to receive, at a risk analysis engine, one or more business service models from a configuration management database, wherein the one or more business service models each comprises a set of configuration items, and wherein the one or more business service models each indicate a type of configuration item and a connectivity of the configuration item. The set of configuration items are sent to a vulnerability assessment tool to obtain one or more vulnerability assessment scores for each configuration item within the set of configuration items. A risk score for each configuration item is then determined. In turn, a prioritized list of configuration items is output based on the risk score of each configuration item.

Abstract: A device, method, and program product are disclosed which are configured to receive, at a risk analysis engine, one or more business service models from a configuration management database, wherein the one or more business service models each comprises a set of configuration items, and wherein the one or more business service models each indicate a type of configuration item and a connectivity of the configuration item; send the set of configuration items to a vulnerability assessment tool; receive, from the vulnerability assessment tool, one or more vulnerability assessment scores for each configuration item within the set of configuration items; determine an overall business service vulnerability score for each of one or more business services based on the one or more business service models and the vulnerability assessment scores received from the vulnerability assessment tool; and output electronically the overall business service vulnerability score.