IDENTIFYING AND REMEDIATING AT-RISK RESOURCES IN A COMPUTING ENVIRONMENT
First Claim
1. A method of identifying and remediating at-risk resources in a computing environment, comprising:
- periodically determining respective infrastructure topologies of a computing environment that changes over time, wherein the determining is performed by a computer system communicating with the computing environment;
identifying, by the computer system, an intrusion event in the computing environment;
determining, by the computer system, at-risk resources in the computing environment based on the determined intrusion event and a corresponding one of the infrastructure topologies; and
performing, by the computer system, remediation action for the at-risk resources.
1 Assignment
0 Petitions
Accused Products
Abstract
Methods and systems of identifying and remediating at-risk resources in a computing environment are provided. A method includes periodically determining respective infrastructure topologies of a computing environment that changes over time, wherein the determining is performed by a computer system communicating with the computing environment. The method also includes: identifying, by the computer system, an intrusion event in the computing environment; determining, by the computer system, at-risk resources in the computing environment based on the determined intrusion event and a corresponding one of the infrastructure topologies; and performing, by the computer system, remediation action for the at-risk resources.
-
Citations
20 Claims
-
1. A method of identifying and remediating at-risk resources in a computing environment, comprising:
-
periodically determining respective infrastructure topologies of a computing environment that changes over time, wherein the determining is performed by a computer system communicating with the computing environment; identifying, by the computer system, an intrusion event in the computing environment; determining, by the computer system, at-risk resources in the computing environment based on the determined intrusion event and a corresponding one of the infrastructure topologies; and performing, by the computer system, remediation action for the at-risk resources. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A system, comprising:
-
a computing environment comprising resources that are re-arranged into different topologies over time; and a server connected to the computing environment and configured to; periodically determine a respective topology of the computing environment; identify an intrusion event in the computing environment; determine at-risk resources in the computing environment based on the determined intrusion event and a corresponding one of the determined topologies; and perform remediation action for the determined at-risk resources. - View Dependent Claims (12, 13, 14, 15)
-
-
16. A computer program product for identifying and remediating at-risk resources in a computing environment, the computer program product comprising a computer readable storage medium having program instructions embodied therewith, the program instructions being executable by a computer device to cause the computer device to:
-
periodically determine a respective topology of a computing environment comprising a number of reconfigurable resources, wherein the topology defines which of the resources have access to one another within the computing environment at a given time; identify an intrusion event including an intrusion time and an intrusion location in the computing environment; determine at-risk resources in the computing environment based on the determined intrusion event and a corresponding one of the determined topologies; and perform remediation action for the determined at-risk resources including at least one of;
transmitting a message to an administrator identifying the determined at-risk resources;and altering the computing environment to isolate the determined at-risk resources. - View Dependent Claims (17, 18, 19, 20)
-
Specification