US 12,455,968 B2
Monitor and control toxic configuration in container deployment
Manimaran Sundaravel, Chennai (IN); Maneesh Sethia, Telangana (IN); and Shailendra Singh, Maharashtra (IN)
Assigned to Bank of America Corporation, Charlotte, NC (US)
Filed by Bank of America Corporation, Charlotte, NC (US)
Filed on Jan. 2, 2024, as Appl. No. 18/401,950.
Prior Publication US 2025/0217488 A1, Jul. 3, 2025
Int. Cl. G06F 21/55 (2013.01); G06F 21/57 (2013.01)
CPC G06F 21/572 (2013.01) [G06F 21/554 (2013.01); G06F 2221/034 (2013.01)] 20 Claims
OG exemplary drawing
 
1. A process for artificial intelligence (AI), automated, real-time, monitoring and control of toxic configurations in software container deployment comprising the steps of:
detecting, by an information security computing (ISC) machine, a build request;
loading, by a build routine in response to the build request, application code and code dependencies from a repository;
generating, by the build routine, a container image for the application code and code dependencies;
scanning, by the ISC machine, the container image in a system integration testing/user acceptance testing (SIT/UAT) environment for said toxic configurations by:
loading, by a container security toxic configuration (CSTC) apparatus in the ISC machine, access control policies and black-listed information into a CSTC security layer;
verifying, by the CSTC security layer, the container image against the access control policies;
verifying, by the CSTC security layer, the container image against the black-listed information;
generating, by the CSTC security layer, a container-image security decision for the container image;
generating, by the CSTC security layer, a first fault signature if the container-image security decision is negative;
comparing, by the CSTC security layer, the first fault signature with prior fault signatures;
updating, by the CSTC security layer, the access control policies or the backlisted information based on the first fault signature;
deploying, by the ISC machine into the SIT/UAT environment on a SIT/UAT machine if the container-image security decision is positive, the container image as a SIT/UAT container;
executing, by a SIT/UAT container engine on the SIT/UAT machine, the SIT/UAT container;
monitoring, by an AI monitor in the ISC machine, the SIT/UAT container being executed on the SIT/UAT machine by:
monitoring, by a monitoring engine, SIT/UAT metrics of the SIT/UAT environment;
detecting, by the monitoring engine, a SIT/UAT anomaly in the metrics based on the SIT/UAT container being executed;
generating, by an event generation engine, a SIT/UAT system event if the SIT/UAT anomaly was detected;
identifying, by the event generation engine, a SIT/UAT possible fault for the SIT/UAT system event;
analyzing, by a problem determination engine, the SIT/UAT anomaly to identify SIT/UAT departures from expected behavior based on the SIT/UAT possible fault;
classifying, by a problem diagnosis engine, the SIT/UAT anomaly into a fault class based on historical data;
determining, by the problem diagnosis engine, whether the SIT/UAT anomaly matches a historical problem;
executing, by an anomaly remediation engine, first remedial actions to correct the SIT/UAT anomaly if a solution is known for the historical problem;
executing, by the anomaly remediation engine, an SIT/UAT exclusion measure if the SIT/UAT anomaly does not match said historical problem or if the solution is not known; and
generating, by the ISC machine, a SIT/UAT security decision that is positive if the solution was known for the historical problem or if the SIT/UAT system event was not generated.