AUTOMATED RESPONSE TO DETECTION OF THREAT TO CLOUD VIRTUAL MACHINE

摘要

An approach for responding to a threat in a networked computing environment (e.g., a cloud computing environment) is provided. In an embodiment, a set of associations to a virtual machine (VM) instance are established, each association indicating a relationship between the VM instance and a related VM instance. Each of the associations in the set of associations is assigned a strength attribute. When a threat is detected in a VM instance, a first preventative measure is performed on a first related VM instance, the strength of which is determined based on the strength attribute that corresponds to the association between the VM instance and the first related VM instance. A second preventative measure is performed on a second related VM instance, the strength of which is based on the strength attribute that corresponds to the association between the VM instance and the second related VM instance.

主权项

1. A method for responding to a threat in a networked computing environment, the method comprising the computer-implemented processes of:
establishing a set of associations to a virtual machine (VM) instance, each association of the set of associations indicating a relationship between the VM instance and a related VM instance; assigning a strength attribute to each association of the set of associations; performing, in response to a detection of a threat, a first preventative measure on a first related VM instance, a strength of the first preventative measure being based on the strength attribute that corresponds to the association between the VM instance and the first related VM instance; and performing, in response to the detection of the threat, a second preventative measure on a second related VM instance, a strength of the second preventative measure being based on the strength attribute that corresponds to the association between the VM instance and the second related VM instance.