Abstract: A content generation method includes receiving a control document comprising one or more control clauses, identifying actionable content for the one or more control clauses, generating a programming language template for the one or more control clauses, identifying a closest existing control clause from a database for each of the one or more control clause, identifying a programming language implementation of the closest existing control clause, identifying similarities and differences between the programming language implementation and the generated programming language template, and annotating the programming language implementation for the closest existing control clause based on the identified similarities and differences.

Abstract: A method for scheduling services in a computing environment includes receiving a service scheduling request corresponding to the computing environment and identifying a resource pool and a set of compliance requirements corresponding to the computing environment. The method continues by identifying target resources within the resource pool, wherein target resources are resources which meet the set of compliance requirements, and subsequently identifying a set of available target resources, wherein available target resources are target resources with scheduling availability. The method further includes analyzing the set of available target resources to determine a risk score for each available target resource and selecting one or more of the set of available target resources according to the determined risk scores. The method continues by scheduling a service corresponding to the service scheduling request on the selected one or more available target resources.

Abstract: Systems, computer-implemented methods, and computer program products that facilitate vulnerability and attack technique association are provided. According to an embodiment, a system can comprise a memory that stores computer executable components and a processor that executes the computer executable components stored in the memory. The computer executable components can comprise a map component that defines mappings between vulnerability data representing a vulnerability of a computing resource and attack data representing at least one attack technique. The computer executable components can further comprise an estimation component that analyzes the mappings to estimate a probability that the vulnerability will be exploited to attack the computing resource.

Abstract: Aspects of the present disclosure relate to converting between structured and tabular data formats. Data can be received in a tabular format. An array can be built for each of a plurality of objects within the data in the tabular format, each object corresponding to at least one identified header of the identified headers. A data row can be parsed using at least one of the built arrays and data within the data row can be added to the structured format in a specific location based characteristics indicated in the at least one array. Data can also be converted from the structured format into the tabular format using the built arrays.

Abstract: An assessment component that facilitates assessment and enforcement of policies within a computer environment can comprise a compliance component that determines whether a policy, that defines one or more requirements associated with usage of one or more enterprise components of an enterprise computing system, is in compliance with a plurality of standardized policies that govern operation of the one or more enterprise components of the enterprise computing system. The assessment component can also comprise a policy optimization component that determines one or more changes to the policy that achieve the compliance with the plurality of standardized polices based on a determination that the policy complies with a first standardized policy of the plurality of standardized policies and fails to comply with a second standardized policy of the plurality of standardized policies.

Abstract: A computer-implemented method for managing one or more operations of a workload includes selecting a resource type for workload management on a platform. One or more operations of the selected resource to be managed are identified. A reconciliation time for execution of each of the identified operations is determined. A reconciliation period between two consecutive reconciliations is determined for each of the identified operations. A minimum number of processes for workload management of a given set of the operations on resources is calculated, and the determined minimum number of processes is deployed to manage the workload.

Abstract: Techniques for dynamic server groups that can be patched together using stream clustering algorithms, and learning components in order to reuse the repeatable patterns using machine learning are provided herein. In one example, in response to a first risk associated with a first server device, a risk assessment component patches a server group to mitigate a vulnerability of the first server device and a second server device, wherein the server group is comprised of the first server device and the second server device. Additionally, a monitoring component monitors data associated with a second risk to the server group to mitigate the second risk to the server group.

Abstract: Users of an endpoint remediation system can be assigned to different roles, from which they can request exceptions, approve exceptions, and/or enable remediation on endpoint devices. The compliance scanning and enforcing process can be automated, while allowing entities to request and/or approve certain exceptions. Therefore, security compliance for customers can be actively managed to provide visibility to the endpoint device compliance state at any time.

Abstract: A machine learning assessment system is provided. The system identifies multiple datasets and multiple machine learning (ML) modeling algorithms based on the client profile. The system assesses a cost of data collection for each dataset of the multiple datasets. The system assesses a performance metric for each ML modeling algorithm of the multiple modeling algorithms. The system recommends a dataset from the multiple datasets and an ML modeling algorithm from the multiple ML modeling algorithm based on the assessed costs of data collection for the multiple datasets and the assessed performance metrics for the multiple ML modeling algorithms.

Abstract: A content generation method includes receiving a control document comprising one or more control clauses, identifying actionable content for the one or more control clauses, generating a programming language template for the one or more control clauses, identifying a closest existing control clause from a database for each of the one or more control clause, identifying a programming language implementation of the closest existing control clause, identifying similarities and differences between the programming language implementation and the generated programming language template, and annotating the programming language implementation for the closest existing control clause based on the identified similarities and differences.

Abstract: A system, computer program product, and method to deriving a cost model and dynamic adjustment of the derived model responsive to dynamic modification of one or more of the resources in a hybrid shared resource environment. Resources and corresponding configuration information are collected while monitoring runtime utilization of resource performance. As changes to the resources are discovered, the changes are subject to an assessment. A hybrid cost model is derived and configured to account for the one or more resources. The derived hybrid cost model is leveraged to conduct a multi-dimensional resource evaluation of the assessed changed configuration information. Responsive to the multi-dimensional evaluation, a generated resource utilization optimization of the one or more resources is selectively implemented.

Abstract: Users of an endpoint remediation system can be assigned to different roles, from which they can request exceptions, approve exceptions, and/or enable remediation on endpoint devices. The compliance scanning and enforcing process can be automated, while allowing entities to request and/or approve certain exceptions. Therefore, security compliance for customers can be actively managed to provide visibility to the endpoint device compliance state at any time.

Abstract: A computer system, program code, and a method are provided to leverage an AI model with respect to a target specification for a target standard. The AI model is configured to identify at least one candidate control associated with a corresponding standard. A map is subject to traversal to identify the candidate control in the map. Source and destination controls of the map are leveraged to identify at least one mapped control associated with the target standard. The AI model is selectively subject to training with the mapped control and the target standard.

Abstract: A method for scheduling services in a computing environment includes receiving a service scheduling request corresponding to the computing environment and identifying a resource pool and a set of compliance requirements corresponding to the computing environment. The method continues by identifying target resources within the resource pool, wherein target resources are resources which meet the set of compliance requirements, and subsequently identifying a set of available target resources, wherein available target resources are target resources with scheduling availability. The method further includes analyzing the set of available target resources to determine a risk score for each available target resource and selecting one or more of the set of available target resources according to the determined risk scores. The method continues by scheduling a service corresponding to the service scheduling request on the selected one or more available target resources.

Abstract: A vulnerability management method includes analyzing a system environment to uncover one or more vulnerabilities. The method includes subsequently identifying one or more system weaknesses corresponding to the one or more uncovered vulnerabilities and analyzing a set of historical data to identify similar past vulnerabilities. The method further includes analyzing available information to extract one or more impacts of the identified similar past vulnerabilities and determining one or more impacts to the present system environment that would correspond to the extracted one or more impacts of the identified similar past vulnerabilities. The method additionally includes recommending one or more actions to remediate the uncovered vulnerabilities.

Abstract: Users of an endpoint remediation system can be assigned to different roles, from which they can request exceptions, approve exceptions, and/or enable remediation on endpoint devices. The compliance scanning and enforcing process can be automated, while allowing entities to request and/or approve certain exceptions. Therefore, security compliance for customers can be actively managed to provide visibility to the endpoint device compliance state at any time.

Abstract: A system, computer program product, and method to deriving a cost model and dynamic adjustment of the derived model responsive to dynamic modification of one or more of the resources in a hybrid shared resource environment. Resources and corresponding configuration information are collected while monitoring runtime utilization of resource performance. As changes to the resources are discovered, the changes are subject to an assessment. A hybrid cost model is derived and configured to account for the one or more resources. The derived hybrid cost model is leveraged to conduct a multi-dimensional resource evaluation of the assessed changed configuration information. Responsive to the multi-dimensional evaluation, a generated resource utilization optimization of the one or more resources is selectively implemented.

Abstract: Systems, computer-implemented methods, and computer program products that facilitate vulnerability and attack technique association are provided. According to an embodiment, a system can comprise a memory that stores computer executable components and a processor that executes the computer executable components stored in the memory. The computer executable components can comprise a map component that defines mappings between vulnerability data representing a vulnerability of a computing resource and attack data representing at least one attack technique. The computer executable components can further comprise an estimation component that analyzes the mappings to estimate a probability that the vulnerability will be exploited to attack the computing resource.

Abstract: Systems and techniques that facilitate automated health-check risk assessment of computing assets are provided. In various embodiments, a system can comprise a baseline component that can generate a baseline health-check risk score that corresponds to non-compliance of a computing asset with a stipulated control. In various aspects, the system can further comprise an adjustment component that can adjust the baseline health-check risk score based on a weakness factor of the stipulated control. In some cases, the weakness factor can be based on a magnitude by which a state of the computing asset deviates from the stipulated control. In various embodiments, the adjustment component can further adjust the baseline health-check risk score based on an environmental factor of the computing asset. In various cases, the environmental factor can be based on security mechanisms or security protocols associated with the computing asset.

Abstract: An artificial intelligence (AI) platform to support workflow version process control. One or more workflows corresponding to one or more workflow engines are monitored. A neural network is employed to capture a relationship associated with a detected change in the monitored workflows. The neural network is leveraged to identify and assess an impact of the detected change to one or more additional workflows. Responsive to the assessment, the impacted workflow engines are optimized. The optimization includes automatically mapping and encoding changes corresponding to the impacted workflow. The one or more workflows containing the encoded changes are then executed.