Abstract: Systems, computer-implemented methods, and computer program products that can facilitate compliance process risk assessment are provided. According to an embodiment, a system can comprise a memory that stores computer executable components and a processor that executes the computer executable components stored in the memory. The computer executable components can comprise a metric assignment component that assigns one or more risk assessment metrics based on vulnerability data of a compliance process. The computer executable components can further comprise a risk assignment component that assigns a risk score of the compliance process based on the one or more risk assessment metrics.

Abstract: Systems and methods are provided that integrate a machine-learning model, and more specifically, utilizing a platform as a service (PaaS) cloud to predict probability of success for an operator in an environment. An embodiment comprises a system having: a processor that executes computer executable components stored in memory, trained machine-learning model that predicts probability of success for deployment of an operator in an environment with a namespace of a platform as a service (PaaS) cloud, and a deployment component that receives a first operator and a first namespace and employs the trained machine-learning model to predict success of deployment of the first operator in a first environment.

Abstract: Systems, computer-implemented methods, and computer program products that facilitate vulnerability and attack technique association are provided. According to an embodiment, a system can comprise a memory that stores computer executable components and a processor that executes the computer executable components stored in the memory. The computer executable components can comprise a map component that defines mappings between vulnerability data representing a vulnerability of a computing resource and attack data representing at least one attack technique. The computer executable components can further comprise an estimation component that analyzes the mappings to estimate a probability that the vulnerability will be exploited to attack the computing resource.

Abstract: Systems and techniques that facilitate automated health-check risk assessment of computing assets are provided. In various embodiments, a system can comprise a baseline component that can generate a baseline health-check risk score that corresponds to non-compliance of a computing asset with a stipulated control. In various aspects, the system can further comprise an adjustment component that can adjust the baseline health-check risk score based on a weakness factor of the stipulated control. In some cases, the weakness factor can be based on a magnitude by which a state of the computing asset deviates from the stipulated control. In various embodiments, the adjustment component can further adjust the baseline health-check risk score based on an environmental factor of the computing asset. In various cases, the environmental factor can be based on security mechanisms or security protocols associated with the computing asset.

Abstract: According to an embodiment, a computer-implemented method can comprise: inspecting, using a processor, a set of container images respectively associated with pods; identifying, using the processor, a first subset of the pods that contain a vulnerability; classifying, using the processor, the first subset of the pods as primary-infected pods; generating, using the processor, a first list of namespaces in which the primary-infected pods are deployed within a network; checking, using the processor, network policies in connection with the first list of namespaces to determine secondary-suspect pods that have ability to communicate with the primary-infected pods; generating, using the processor, a list of secondary-suspect namespaces in which the secondary-suspect pods are deployed within the network; identifying, using the processor, one or more secondary-suspect pods that communicated with one or more primary-infected pods; and generating, using the processor, a list of secondary-infected pods.

Abstract: A computer system, computer program product, and computer-implemented method to identify one or more re-factoring operations directed at micro-service identification for source code. A genetic algorithm is leveraged to produce an offspring population of re-factoring operations from a parent set. The offspring population is subject to an assessment utilizing one or more objective measures. Responsive to the assessment, one or more identified re-factoring operations are selectively applied to the source code to produce one or more corresponding micro-service candidates.

Abstract: Streamlining compliance reporting and remediation through clustering compliance deviations by receiving inspection scan compliance deviation report data, analyzing the inspection scan compliance deviation report data, in response to the analysis, creating normalized deviation report documents, comparing the normalized deviation report documents, in response to the comparisons, clustering the normalized deviation report documents, creating a common cluster deviation profile comprising clustered deviation reports, and generating a summary system asset compliance report comprising the common cluster deviation profile.

Abstract: Embodiments relate to a system, a program product, and a method to support a migration operation. Risk factors associated with a migration operation are assessed. The assessment includes assigning respective risk score values to the identified risk factors, assigning respective weight values to the identified risk factors, and calculating a composite risk score based on the assigned risk score values and the assigned weight values. At least one remediation action is recommended to reduce risk to the migration operation. The at least one recommended remediation action is implemented prior to execution of the migration operation. A migration plan incorporating the remediation action for the migration operation is generated. At least one machine learning (ML) model is employed in connection with (a) the subjecting of the identified risk factors to the assessment and/or (b) the recommending of at least one remediation action to reduce risk to the migration operation.

Abstract: Systems, computer-implemented methods, and computer program products that can facilitate creating and querying a knowledge base of identified topics, computer code actions, and parameters, are provided. According to an embodiment, a system can comprise a memory that stores computer executable components and a processor that executes the computer executable components stored in the memory. The computer executable components can comprise a parameter component that can identify a result parameter in ones of one or more results, wherein the one or more results comprise topics and computer code actions. The computer executable components can further comprise a result component that can select a result of the one or more results based on a mapping of a query to the one or more results, the mapping being based on the result parameter identified in the result and a criterion.

Abstract: Computer implemented reconstruction of compliance mapping due to an update in a regulation in the compliance mapping by a computing device includes comparing a first version of a regulation in the compliance mapping to a second, updated version of the first regulation. A change in the second version with respect to the first version is identified. The change may be an added control description, a deleted control description, or an updated control description. Upon determining that the change is an updated control description, the updated control description is analyzed to determine a type of update. The mapping of the regulation is reconstructed based on the change and, if the change is an updated control description, the type of update, using at least one of natural language processing and/or machine learning. The risk of the reconstructed mapping is assessed, and a service owner is notified about the risk of the changes.

Abstract: Embodiments relate to an intelligent computer platform to utilize machine learning techniques to minimize compliance risk. Data, collected from a plurality of sources is subject to analysis and correlation to assess impact across data points. The assessment measures impact between at least two different compliance domains, facilitates understanding of cross-impact between compliance domains, and provides an estimation of compliance risk. A recommendation plan for one or more new compliance activities is created and dynamically subject to a machine learning reinforcement algorithm.

Abstract: A method provides for controlling compliance remediation that includes performing compliance inspection runs by account nodes for multiple accounts. Inspection results of the inspection runs from each account node are aggregated by an account cognitive policy advisory (CPA) service. The inspection results from each account are aggregated. It is determined whether remediations are required by analyzing the inspection results combined with a current compliance mode of a server. Upon a determination that the current compliance mode of the server is a first mode, the account CPA service determines whether a policy fingerprint has changed. Upon a change to the policy fingerprint, compliance enforcement runs on the account nodes are temporarily suspended.

Abstract: A method and system of identifying a computing device vulnerability is provided. Social media communication is monitored. Social media threads that are related to a vulnerability, based on the monitored social media communication, are identified, filtered, and categorized into one or more predetermined categories of computing device vulnerabilities. Upon determining that a number of social media posts related to the vulnerability is above a first predetermined threshold, one or more dependable social media threads in a same one or more categories as the vulnerability are searched. One or more possible root causes of the vulnerability are determined from the searched dependable social media threads. A validity score for each of the one or more possible root causes is assigned. A possible root cause from that has a highest validity score that is above a second predetermined threshold is selected to be the root cause of the vulnerability.

Abstract: An artificial intelligence (AI) platform to support a continuous integration and deployment (CI/CD) pipeline for software development and operations (DevOps). One or more dependency graphs are generated based on application artifacts. A machine learning (ML) model is leveraged to capture a relationship between components in the dependency graph(s) and one or more pipeline artifacts. Responsive a change of an application artifact, the captured relationship is leveraged to identify an impact of the detected change on the pipeline artifact(s). The CI/CD pipeline is selectively optimized and executed based on the identified impact to improve the efficiency of the pipeline and the deployment time.

Abstract: Embodiments relate to a computer system, computer program product, and computer-implemented method to train a machine learning (ML) model using artificial intelligence to learn an association between (regulatory) compliance requirements and features of micro-service training datasets. The trained ML model is leveraged to determine the compliance requirements of a micro-service requiring classification. In an exemplary embodiment, once the micro-service has been classified with respect to applicable compliance requirements, the classified micro-service may be used as an additional micro-service training dataset to further train the ML model and thereby improve its performance.

Abstract: A compliance of a system is managed. Internal parameters of the system are received. One or more compliance control documents that relate to the system are identified. Each compliance control document is decomposed into one or more auditable units. Auditable units that are relevant to the system, are identified. Relevant auditable units are mapped to a corresponding available executable code. Each mapped executable code is executed. A risk associated with each relevant auditable unit that is deemed to be not compliant is identified. For each compliance control document, a compliance risk is calculated based on the identified risk. A report of compliance risk for each document is created to be displayed on a user interface of a computing device.

Abstract: Methods, systems and computer program products for providing automated script review utilizing crowdsourced inputs are provided. Aspects include receiving a new script including a script text and a script description. Aspects include comparing the new script to each of a plurality of previously classified scripts to determine a degree of similarity. Each of the previously classified scripts and the new script have an associated set of attributes. Responsive to determining that the degree of similarity is below a predetermined threshold, aspects include mapping the new script to a crowdsourcing platform to identify a similar script. Aspects also include receiving information indicative of one or more features from the crowdsourcing platform. Responsive to inputting the one or more features into an acceptance model, aspects include generating an acceptance recommendation associated with the new script.

Abstract: Techniques for dynamic server groups that can be patched together using stream clustering algorithms, and learning components in order to reuse the repeatable patterns using machine learning are provided herein. In one example, in response to a first risk associated with a first server device, a risk assessment component patches a server group to mitigate a vulnerability of the first server device and a second server device, wherein the server group is comprised of the first server device and the second server device. Additionally, a monitoring component monitors data associated with a second risk to the server group to mitigate the second risk to the server group.

Abstract: Streamlining compliance reporting and remediation through clustering compliance deviations by receiving inspection scan compliance deviation report data, analyzing the inspection scan compliance deviation report data, in response to the analysis, creating normalized deviation report documents, comparing the normalized deviation report documents, in response to the comparisons, clustering the normalized deviation report documents, creating a common cluster deviation profile comprising clustered deviation reports, and generating a summary system asset compliance report comprising the common cluster deviation profile.

Abstract: Techniques for dynamic server groups that can be patched together using stream clustering algorithms, and learning components in order to reuse the repeatable patterns using machine learning are provided herein. In one example, in response to a first risk associated with a first server device, a risk assessment component patches a server group to mitigate a vulnerability of the first server device and a second server device, wherein the server group is comprised of the first server device and the second server device. Additionally, a monitoring component monitors data associated with a second risk to the server group to mitigate the second risk to the server group.