An example apparatus includes memory, and at least one processor to execute instructions to assign first containers to a first cluster and second containers to a second cluster based on the first containers including first allocated resources that satisfy a first threshold number of allocated resources and the second containers including second allocated resources that satisfy a second threshold number of allocated resources, determine a representative interaction count value for a first one of the first containers, the representative interaction count value based on a first network interaction metric corresponding to an interaction between the first one of the first containers and a combination of at least one of the first containers and at least one of the second containers, and generate a priority class for the first one of the first containers based on the representative interaction count value.

Systems and methods for supporting dynamic power management states for virtual machine (VM) migration are disclosed. In one implementation, a processing device may generate, by a host computer system, a host power management data structure specifying a plurality of power management states of the host computer system. The processing device may also detect that a VM has been migrated to the host computer system. The processing device may then prevent the VM from performing power management operations and may cause the virtual machine to read the host power management data structure. Responsive to receiving a notification that the VM has read the host power management data structure, the processing device may enable the VM to enter a first power management state of the plurality of power management states.

Examples described herein are generally directed to backing up and restoring of container clusters. According to an example, the conventional tight coupling between namespaces and tenants is eliminated by providing within a container platform a tenant abstraction for each tenant of the container platform that shares resources of a container cluster. The tenant abstraction for a given tenant includes information indicative of a subset of namespaces of the container cluster assigned to the given tenant. Responsive to receipt via a user interface of the container platform of a request to backup a particular tenant of the container platform: the container platform determines the subset of namespaces assigned to the particular tenant; and for each namespace, causes a namespace-level backup/recovery tool to backup object data for the namespace within a backup location, and backup data associated with persistent volume claims for each unit of cluster replication within the namespace.

Methods, apparatuses, or computer program products provide for generating a service risk analysis score data object. A service risk analysis request associated with an unreleased code object is received. One or more service risk analysis attributes are extracted using a service risk analysis layer based at least in part on the unreleased code object. A service risk analysis score data object is generated using a service risk analysis machine learning model based at least in part on the one or more service risk analysis attributes. The service risk analysis score data object is output.

A performance manager (400, 500) and a method (200) performed thereby are provided, for managing the performance of a logical server of a data center. The data center comprises at least one memory pool in which a memory block has been allocated to the logical server. The method (200) comprises determining (230) performance characteristics associated with a first portion of the memory block, comprised in a first memory unit of the at least one memory pool; and identifying (240) a second portion of the memory block, comprised in a second memory unit of the at least one memory pool, to which data of the first portion of the memory block may be migrated to apply performance characteristics associated with the second portion. The method (200) further comprises initiating migration (250) of the data to the second portion of the memory block.

During a query compilation process, a query is received that is directed to a set of source tables, each source table from the set of source tables being organized into at least one micro-partition and the query including at least one pruning operation. During the query compilation process, a modification of the query is performed for adjusting the at least one pruning operation, the modification being based on a set of statistics collected for previous pruning operations on at least a portion of the set of source tables and a set of heuristics, the set of statistics indicating at least an amount of execution time for each previous query associated with each of the previous pruning operations. The query is compiled including the modification of the query. The compiled query is provided to an execution node of a database system for execution.

A cybersecurity scanner deployment system, comprising: at least one processor configured to: access a primary account maintained in a cloud environment; receive information defining a structure of the primary account, the structure including a plurality of assets, and the information excluding raw data of the primary account; deploy, inside the primary account or a secondary account for which trust is established with the primary account, at least one ephemeral scanner configured to scan at least one block storage volume and output metadata defining the at least one block storage volume, the output excluding raw data of the primary account; receive a transmission of the metadata from the at least one ephemeral scanner, excluding raw data of the primary account; analyze the metadata to identify cybersecurity vulnerabilities; correlate each of the cybersecurity vulnerabilities with one of the assets; and generate a report correlating the cybersecurity vulnerabilities with the assets.

A system and method for securing virtual cloud assets in a cloud computing environment against cyber threats. The method includes: determining a location of a snapshot of at least one virtual disk of a protected virtual cloud asset, wherein the virtual cloud asset is instantiated in the cloud computing environment; accessing the snapshot of the virtual disk based on the determined location; analyzing the snapshot of the protected virtual cloud asset to detect potential cyber threats risking the protected virtual cloud asset; and alerting detected potential cyber threats based on a determined priority.

Systems and methods for assessing cybersecurity risk of a computer network include the use of a risk model application that is configured to determine an initial cyber risk score value based upon an underwriting process. A cyber risk data stream is sent from the client's computer network to the system processor to periodically calculate an updated cyber risk score based upon actual data. The system processor is adapted to use the data stream to generate client information that is accessible by the client via a web-based client portal. In embodiments, the cyber risk data stream can be actively monitored to identify a threat of a cybersecurity breach.

Methods and systems for assessing internet exposure of a cloud-based workload are disclosed. A method comprises accessing at least one cloud provider API to determine a plurality of entities capable of routing traffic in a virtual cloud environment associated with a target account containing the workload, querying the at least one cloud provider API to determine at least one networking configuration of the entities, building a graph connecting the plurality of entities based on the networking configuration, accessing a data structure identifying services publicly accessible via the Internet and capable of serving as an internet proxy; integrating the identified services into the graph; traversing the graph to identify at least one source originating via the Internet and reaching the workload, and outputting a risk notification associated with the workload. Systems and computer-readable media implementing the above method are also disclosed.