-
Patent Agency Ranking
公开(公告)号:US11516222B1
公开(公告)日:2022-11-29
申请号:US17034875
申请日:2020-09-28
Applicant: Amazon Technologies, Inc.
Inventor: Preethi Srinivasan , Dheeraj Kumar Mekala
Abstract: Systems and methods for automatically prioritizing computing resource configurations for remediation include receiving information describing configuration issues that may result in impaired system performance or unauthorized access, parsing that information and automatically analyzing configuration details of a user's private computing environment to determine that assets provide an environment in which configuration issues may be exploited to produce undesired results. Such systems and methods can generate assessments indicating the likelihood an issue can be exploited and potential impacts of the issue being exploited. Such systems and methods can use these assessments to generate a report prioritizing remediation of specific configuration issues for specific vulnerable assets based on the actual configuration of the user's computing resources and the data managed using those resources. Issues deemed have a higher likelihood of resulting in problems can be prioritized over configuration issues which may appear to have severe consequences, but which are unlikely to affect the user's resources.
-
公开(公告)号:US11962601B1
公开(公告)日:2024-04-16
申请号:US17987760
申请日:2022-11-15
Applicant: Amazon Technologies, Inc.
Inventor: Preethi Srinivasan , Dheeraj Kumar Mekala
CPC classification number: H04L63/105 , G06F9/45558 , H04L41/22 , H04L63/1433 , H04L63/20 , G06F2009/45587 , G06F2009/45595
Abstract: Systems and methods for automatically prioritizing computing resource configurations for remediation include receiving information describing configuration issues that may result in impaired system performance or unauthorized access, parsing that information and automatically analyzing configuration details of a user's private computing environment to determine that assets provide an environment in which configuration issues may be exploited to produce undesired results. Such systems and methods can generate assessments indicating the likelihood an issue can be exploited and potential impacts of the issue being exploited. Such systems and methods can use these assessments to generate a report prioritizing remediation of specific configuration issues for specific vulnerable assets based on the actual configuration of the user's computing resources and the data managed using those resources. Issues deemed have a higher likelihood of resulting in problems can be prioritized over configuration issues which may appear to have severe consequences, but which are unlikely to affect the user's resources.
-
3.发明授权公开(公告)号:US11803766B1
公开(公告)日:2023-10-31
申请号:US16712242
申请日:2019-12-12
Applicant: Amazon Technologies, Inc.
Inventor: Preethi Srinivasan , Sreekanth Reddy Polaka , Christopher Wooram Yi , John David Backes , Everett Richard Anthony , Aparna Nagargadde , Mark Edward Stalzer
CPC classification number: G06N5/04 , G06F9/45558 , H04L63/1433 , H04L63/20 , G06F2009/45579
Abstract: An automated security assessment service of a service provider network may identify, and notify a customer of, misconfigured VM instances that can be access (e.g., via the Internet). A scanner tool may call an automated reasoning service to identify any VM instances of a customer that can be accessed, and may receive information from the automated reasoning service that is usable to exchange packets with those identified instances. The scanner tool can use the information to send requests to the identified instances. After receiving responses from the identified instances, the scanner tool can store, in storage of a network-based storage service, and in association with a customer account of the customer, encrypted data about the results of the scan (e.g., any VM instances that are vulnerable to attackers), and this encrypted data is thereby accessible to the customer with proper decrypt permissions.
-
公开(公告)号:US10362046B1
公开(公告)日:2019-07-23
申请号:US15473511
申请日:2017-03-29
Applicant: Amazon Technologies, Inc.
Inventor: Preethi Srinivasan , Aparna Nagargadde
Abstract: Customers of a computing resource service provider may operate one or more computing resource provided by the computing resource service provider. In addition, the customers may execute agent using the one or more computing resources provided by the computing resource service provider. Operational information from customer-operated computing resources may be obtained by the agents and evaluated for security threats. The operational information may be evaluated based at least in part on a set of security rules. The security rules may be generated at least in part on customer input to generate customer defined security rules.
-
公开(公告)号:US11765155B1
公开(公告)日:2023-09-19
申请号:US17037491
申请日:2020-09-29
Applicant: Amazon Technologies, Inc.
Inventor: Preethi Srinivasan , Dheeraj Kumar Mekala
CPC classification number: H04L63/0823 , G06F8/65 , G06F9/45558 , H04L63/0435 , H04L63/1466 , G06F2009/45583 , G06F2009/45595
Abstract: Systems and methods are disclosed to implement an application that can automatically download new digital certificates to verify signed code updates received by the application. In embodiments, under normal circumstances, the application uses a pinned certificate in the application's executable code to verify received updates signed using the certificate. However, if the code signing certificate changes, the application will automatically retrieve the new certificate from a certificate publishing service. Accordingly, the new certificate does not have to be included as part of the code update package, and the retrieval of the new certificate can be managed more robustly by the application updater. In embodiments, downloads from the certificate publishing service may be secured using a nonce and a shared secret that is known to the service and also pinned to the application. In this way, the download process can be protected from hijacking attacks.
-
-
-
-
Search Results
5
records
(took 0.013 seconds)
