Abstract: A method, system, and computer program product for estimating propagation time for an injected fault are configured to: determine normal execution times of respective services in a call graph of an application; determine normal execution times of respective network communications between ones of the services; determine faulty execution times of respective ones of the services; and generate a propagation time for a particular type of fault injected at a particular fault injection location in the call graph based on the determined normal execution times of respective services, the determined normal execution times of respective network communications, and the determined faulty execution times of respective ones of the services.

Abstract: Mechanisms are provided that detect an anomaly in performance of a hybrid application based on a specification of required performance and collected passive monitoring data, and that generate a causal generative model based on relationships between hybrid application components and computing system architecture components extracted from the passive monitoring data. Root cause identification (RCI) logic is executed on the causal generative model to identify a set of candidate root causes of the detected anomaly. One or more probes are identified for active monitoring data collection targeting the identified set of candidate root causes, which are then executed to collect probe data. Reinforcement learning is performed of the RCI logic to update the RCI logic based on the probe data. The set of candidate root causes is updated based on the reinforcement learning.

Abstract: A computer implemented method determines a compliance of an application. A number of processor units determines compliance scores resulting from compliance checks performed at each layer in layers in an edge computing network for components for the application running in the layers. The compliance checks performed at each layer are determined using a compliance profile identifying a set of the compliance checks for each component in the application. The number of processor units transmit the compliance scores determined in each layer in the layers upward to a top layer in the layers. The number of processor units aggregate compliance scores received from the components in a lower layer for transmission upward in the layers to the top layer as aggregated compliance scores. The number of processor units determine the compliance for the application using an overall aggregate score determined at the top layer.

Abstract: Systems and techniques that facilitate automated health-check risk assessment of computing assets are provided that can generate a baseline health-check risk score that corresponds to non-compliance of a computing asset with a stipulated control, and can adjust the baseline health-check risk score based on a weakness factor of the stipulated control, an environmental factor of the computing asset, a criticality factor of the computing asset, and a maturity factor of the computing asset.

Abstract: A method for unifying battery-status observability across a plurality of heterogeneous devices includes identifying a plurality of heterogeneous devices where each device includes a battery to power the device. The method monitors battery status of each device of the heterogeneous devices. The method may also access crowdsourced data to determine battery life associated with at least one device of the heterogeneous devices. Using the battery status and potentially the crowdsourced data, the method predicts the remaining battery life for each device of the heterogeneous devices. The method presents the remaining battery life of each of the heterogeneous devices on a unified dashboard. In certain embodiments, a user may be alerted in the event the remaining battery life of a device of the heterogeneous devices falls below a selected threshold. A corresponding system and computer program product are also disclosed.

Abstract: Users of an endpoint remediation system can be assigned to different roles, from which they can request exceptions, approve exceptions, and/or enable remediation on endpoint devices. The compliance scanning and enforcing process can be automated, while allowing entities to request and/or approve certain exceptions. Therefore, security compliance for customers can be actively managed to provide visibility to the endpoint device compliance state at any time.

Abstract: Users of an endpoint remediation system can be assigned to different roles, from which they can request exceptions, approve exceptions, and/or enable remediation on endpoint devices. The compliance scanning and enforcing process can be automated, while allowing entities to request and/or approve certain exceptions. Therefore, security compliance for customers can be actively managed to provide visibility to the endpoint device compliance state at any time.

Abstract: Users of an endpoint remediation system can be assigned to different roles, from which they can request exceptions, approve exceptions, and/or enable remediation on endpoint devices. The compliance scanning and enforcing process can be automated, while allowing entities to request and/or approve certain exceptions. Therefore, security compliance for customers can be actively managed to provide visibility to the endpoint device compliance state at any time.

Abstract: Users of an endpoint remediation system can be assigned to different roles, from which they can request exceptions, approve exceptions, and/or enable remediation on endpoint devices. The compliance scanning and enforcing process can be automated, while allowing entities to request and/or approve certain exceptions. Therefore, security compliance for customers can be actively managed to provide visibility to the endpoint device compliance state at any time.

Abstract: Systems and techniques that facilitate automated health-check risk assessment of computing assets are provided. In various embodiments, a system can comprise a baseline component that can generate a baseline health-check risk score that corresponds to non-compliance of a computing asset with a stipulated control. In various aspects, the system can further comprise an adjustment component that can adjust the baseline health-check risk score based on a weakness factor of the stipulated control. In some cases, the weakness factor can be based on a magnitude by which a state of the computing asset deviates from the stipulated control. In various embodiments, the adjustment component can further adjust the baseline health-check risk score based on an environmental factor of the computing asset. In various cases, the environmental factor can be based on security mechanisms or security protocols associated with the computing asset.

Abstract: A method of checking file system compliance including receiving a plurality of compliance rules corresponding to a file system of a production system, collecting, by a collector, file system meta data from the file system, analyzing, by an analyzer, the file system meta data using the plurality of compliance rules to determine at least one compliance deviation of the file system, and throttling the collector and the analyzer independently of one-another, wherein the collector and the analyzer are configured according to a model of performance for the production system and a schedule for the collection and analyzing.

Abstract: Users of an endpoint remediation system can be assigned to different roles, from which they can request exceptions, approve exceptions, and/or enable remediation on endpoint devices. The compliance scanning and enforcing process can be automated, while allowing entities to request and/or approve certain exceptions. Therefore, security compliance for customers can be actively managed to provide visibility to the endpoint device compliance state at any time.

Abstract: Users of an endpoint remediation system can be assigned to different roles, from which they can request exceptions, approve exceptions, and/or enable remediation on endpoint devices. The compliance scanning and enforcing process can be automated, while allowing entities to request and/or approve certain exceptions. Therefore, security compliance for customers can be actively managed to provide visibility to the endpoint device compliance state at any time.

Abstract: A method to perform server provisioning on a plurality of computer systems to generate a plurality of target virtual machines includes: obtaining configurations from a pool comprising at least one existing candidate virtual server or server image through a discovery process; performing a clustering analysis on the configurations to group the configurations into at least two groups; and for each group, selecting a configuration from among the configurations of the group as a candidate virtual machine image; determining a cost of actions required to be performed on the candidate virtual image to result in target virtual machines with a same configuration as the configurations of the group; and selecting the candidate virtual image with the lowest cost.

Abstract: Systems and methods for computer automated validation of server configurations are provided. A method for validation of a target environment, comprises assembling a validation script from a plurality of script fragments, inserting the assembled validation script into the target environment, executing the validation script in the target environment, gathering results of the executing, and reporting the results to at least one user.

Abstract: A method of checking file system compliance including receiving a plurality of compliance rules corresponding to a file system of a production system, collecting, by a collector, file system meta data from the file system, analyzing, by an analyzer, the file system meta data using the plurality of compliance rules to determine at least one compliance deviation of the file system, and throttling the collector and the analyzer independently of one-another, wherein the collector and the analyzer are configured according to a model of performance for the production system and a schedule for the collection and analyzing.

Abstract: Systems and methods for computer automated validation of server configurations are provided. A method for validation of a target environment, comprises assembling a validation script from a plurality of script fragments, inserting the assembled validation script into the target environment, executing the validation script in the target environment, gathering results of the executing, and reporting the results to at least one user.

Abstract: The present invention describes a method and system for preparing a migration and consolidation of at least one source application to be migrated to or consolidated in at least one heterogeneous server device. A computing system selects at least one prospective target platform component based on an evaluation of at least one source platform component, a requirement of the at least one source application, and a compatibility and an affinity of the at least one prospective target platform component. The computing system collects first metadata of the at least one source platform component and the at least one prospective target platform component. The computing system collects second metadata associated with the migration and consolidation. The computing system groups the first metadata and the second metadata into a RFM (Request For Migration). The computing system prepares and configures a final target platform in accordance with the RFM.

Abstract: A method for dynamically converting electronically encoded HTML document from a text format to an image format. The method includes receiving a request for the content from a client, obtaining the content in text format, determining a content creation preference, and converting the content in text format to content in the image format according to the content creation preference. The method includes replying to the request, wherein the reply includes the content in the image format. The method applies a watermark to the content in the image format according to a watermarking preference. The method generates an image map in accordance with a mapping preference, wherein the image map relates selectable spatial display coordinates to external document identifiers.

Abstract: Disclosed is a computer-implemented method, system and computer program(s) for migration of a source machine instance to a target machine instance of least one heterogeneous virtual server device managed within a cloud computing environment. The method includes discovering machine images of a cloud service provider and storing results in a computer-readable catalog containing cloud metadata comprised of machine image identifiers and information discovered about the machine images. The method further includes, in response to a request for migration document in a computer-readable form that comprises a specification of a required migration target machine instance, specifying weight/priority information for components to be included in the target machine instance, where the weight information indicates weights for operations comprising component installation, component removal and component upgrade in the target machine instance.