Patent attributes
A computer implemented method to determine a security configuration for a target virtual machine (VM) in a virtualized computing environment, the method including training a machine learning algorithm to determine a vector of security vulnerabilities for the target VM based on a vector of configuration characteristics for the target VM, the machine learning algorithm being trained using training examples each including a configuration for a training VM and an associated vulnerability vector based on an observed security occurrence at the training VM, wherein each training example further includes an identification of one of set of security configurations for the training VM; selecting at least a subset of the set of security configurations and, for each security configuration in the subset, executing the machine learning algorithm with the vector of configuration characteristics for the target VM and an identification of the security configuration, so as to generate a set of vulnerability vectors including a vulnerability vector for each security configuration in the selected subset; and selecting a security configuration for the target VM based on the set of vulnerability vectors.
