Abstract: An orchestration system is described that is configured to receive a request to monitor compliance of an enterprise infrastructure and generate an infrastructure change that is associated with the compliance of the enterprise infrastructure, based at least in part on a set of predetermined criteria. In doing so, the orchestration system may further generate one or more infrastructure change events based at least in part on instances of the infrastructure change within the enterprise infrastructure. The orchestration system may further generate a verification report for the enterprise infrastructure, based at least in part on the one or more infrastructure change events, and transmit the verification report to a registered user associated with the request.

Abstract: Event metadata may be received at an audit function of an orchestration system for an infrastructure change event associated with an infrastructure change to an enterprise infrastructure of an enterprise. A blockchain instance of a particular decentralized secure ledger is requested from a decentralized secure ledger service via the audit function. A user identifier of a user that is responsible for the infrastructure change event is provided to the decentralized secure ledger service by the audit function. In response to the decentralized secure ledger service authenticating the user identifier, the event metadata for the infrastructure change event is sent to the blockchain instance for storage with the decentralized secure ledger service by the audit function.

Abstract: A continuous security delivery fabric is disclosed. One or more security functions, comprising one or more tasks to be performed by a security tool, utility or service is encapsulated in a componentized security policy. A target list comprising of one or more items in an information technology installation is received. One or more security functions capable of being performed on at least one item in the received target list are selected. A componentized security policy encapsulating one or more security routines orchestrating the performance of at least one of the selected security functions is then created.

Abstract: A continuous security delivery fabric is disclosed. One or more security functions, comprising one or more tasks to be performed by a security tool, utility or service is encapsulated in a componentized security policy. A target list comprising of one or more items in an information technology installation is received. One or more security functions capable of being performed on at least one item in the received target list are selected. A componentized security policy encapsulating one or more security routines orchestrating the performance of at least one of the selected security functions is then created.

Abstract: A continuous security delivery fabric is disclosed. One or more security functions, comprising one or more tasks to be performed by a security tool, utility or service is encapsulated in a componentized security policy. The componentized security policies may be scheduled to run against one or more shadow environments, which are substantive copies of an information technology installation. One or more componentized security policies are scheduled as to run substantively continuously with results of the execution of the componentized security policies against the shadow aggregated. Based on automated analysis which may include machine learning, security issues in the actual information technology installation are inferred, and remediation either recommended or automatically executed. Various embodiments, including a microservices infrastructure embodiment are disclosed.

Abstract: An orchestration system is described that is configured to receive a request to monitor compliance of an enterprise infrastructure and generate an infrastructure change that is associated with the compliance of the enterprise infrastructure, based at least in part on a set of predetermined criteria. In doing so, the orchestration system may further generate one or more infrastructure change events based at least in part on instances of the infrastructure change within the enterprise infrastructure. The orchestration system may further generate a verification report for the enterprise infrastructure, based at least in part on the one or more infrastructure change events, and transmit the verification report to a registered user associated with the request.

Abstract: Event metadata may be received at an audit function of an orchestration system for an infrastructure change event associated with an infrastructure change to an enterprise infrastructure of an enterprise. A blockchain instance of a particular decentralized secure ledger is requested from a decentralized secure ledger service via the audit function. A user identifier of a user that is responsible for the infrastructure change event is provided to the decentralized secure ledger service by the audit function. In response to the decentralized secure ledger service authenticating the user identifier, the event metadata for the infrastructure change event is sent to the blockchain instance for storage with the decentralized secure ledger service by the audit function.

Abstract: Automatic detection and remediation of cybersecurity threats to an information technology installation is disclosed. An information technology installation receives at an orchestration system a requested update which may include a configuration change, a code change, a change to a binary, or other change to the installation. A mirror instance of the installation is instantiated on a cloud infrastructure where the requested updated is applied and scanned for cybersecurity threats. Where cybersecurity threats are detected, a remediation response is identified. The update and the remediation response may either be sent to an administrator for acceptance prior to deployment to production, or may be deployed automatically, with rollback information generated in the event the administrator desires to undo the deployment.

Abstract: Enterprise level security orchestration coordinates the safeguarding functions of safeguard software packages with respect to an installation. Multiple safeguard software packages may be deployed on an installation at a storage location. The multiple safeguard software packages may provide different safeguarding functions to applications or application data on the installation. An orchestration tool on the installation may interface with the multiple safeguard software packages. Accordingly, the orchestration tool may execute an orchestration routine that calls the individual safeguard software packages to perform the different safeguarding functions.

Abstract: Enterprise level security orchestration coordinates the safeguarding functions of safeguard software packages with respect to an installation. Multiple safeguard software packages may be deployed on an installation at a storage location. The multiple safeguard software packages may provide different safeguarding functions to applications or application data on the installation. An orchestration tool on the installation may interface with the multiple safeguard software packages. Accordingly, the orchestration tool may execute an orchestration routine that calls the individual safeguard software packages to perform the different safeguarding functions.

Abstract: Automatic detection and remediation of cybersecurity threats to an information technology installation is disclosed. An information technology installation receives at an orchestration system a requested update which may include a configuration change, a code change, a change to a binary, or other change to the installation. A mirror instance of the installation is instantiated on a cloud infrastructure where the requested updated is applied and scanned for cybersecurity threats. Where cybersecurity threats are detected, a remediation response is identified. The update and the remediation response may either be sent to an administrator for acceptance prior to deployment to production, or may be deployed automatically, with rollback information generated in the event the administrator desires to undo the deployment.

Abstract: A continuous security delivery fabric is disclosed. One or more security functions, comprising one or more tasks to be performed by a security tool, utility or service is encapsulated in a componentized security policy. The componentized security policies may be scheduled to run against one or more shadow environments, which are substantive copies of an information technology installation. One or more componentized security policies are scheduled as to run substantively continuously with results of the execution of the componentized security policies against the shadow aggregated. Based on automated analysis which may include machine learning, security issues in the actual information technology installation are inferred, and remediation either recommended or automatically executed. Various embodiments, including a microservices infrastructure embodiment are disclosed.

Abstract: Enterprise level security orchestration coordinates the safeguarding functions of safeguard software packages with respect to an installation. Multiple safeguard software packages may be deployed on an installation at a storage location. The multiple safeguard software packages may provide different safeguarding functions to applications or application data on the installation. An orchestration tool on the installation may interface with the multiple safeguard software packages. Accordingly, the orchestration tool may execute an orchestration routine that calls the individual safeguard software packages to perform the different safeguarding functions.

Abstract: A method and computer program product for candidate-position matching may comprise defining for a candidate, via at least one of a client electronic device and a server computer, a candidate skill level for a predefined skill A skill match metric for the candidate may be determined, based upon, at least in part, the candidate skill level and a desired candidate skill level. The skill match metric for the candidate may be outputted.