-
公开(公告)号:US11516222B1
公开(公告)日:2022-11-29
申请号:US17034875
申请日:2020-09-28
Applicant: Amazon Technologies, Inc.
Inventor: Preethi Srinivasan , Dheeraj Kumar Mekala
Abstract: Systems and methods for automatically prioritizing computing resource configurations for remediation include receiving information describing configuration issues that may result in impaired system performance or unauthorized access, parsing that information and automatically analyzing configuration details of a user's private computing environment to determine that assets provide an environment in which configuration issues may be exploited to produce undesired results. Such systems and methods can generate assessments indicating the likelihood an issue can be exploited and potential impacts of the issue being exploited. Such systems and methods can use these assessments to generate a report prioritizing remediation of specific configuration issues for specific vulnerable assets based on the actual configuration of the user's computing resources and the data managed using those resources. Issues deemed have a higher likelihood of resulting in problems can be prioritized over configuration issues which may appear to have severe consequences, but which are unlikely to affect the user's resources.
-
公开(公告)号:US11962601B1
公开(公告)日:2024-04-16
申请号:US17987760
申请日:2022-11-15
Applicant: Amazon Technologies, Inc.
Inventor: Preethi Srinivasan , Dheeraj Kumar Mekala
CPC classification number: H04L63/105 , G06F9/45558 , H04L41/22 , H04L63/1433 , H04L63/20 , G06F2009/45587 , G06F2009/45595
Abstract: Systems and methods for automatically prioritizing computing resource configurations for remediation include receiving information describing configuration issues that may result in impaired system performance or unauthorized access, parsing that information and automatically analyzing configuration details of a user's private computing environment to determine that assets provide an environment in which configuration issues may be exploited to produce undesired results. Such systems and methods can generate assessments indicating the likelihood an issue can be exploited and potential impacts of the issue being exploited. Such systems and methods can use these assessments to generate a report prioritizing remediation of specific configuration issues for specific vulnerable assets based on the actual configuration of the user's computing resources and the data managed using those resources. Issues deemed have a higher likelihood of resulting in problems can be prioritized over configuration issues which may appear to have severe consequences, but which are unlikely to affect the user's resources.
-
公开(公告)号:US11765155B1
公开(公告)日:2023-09-19
申请号:US17037491
申请日:2020-09-29
Applicant: Amazon Technologies, Inc.
Inventor: Preethi Srinivasan , Dheeraj Kumar Mekala
CPC classification number: H04L63/0823 , G06F8/65 , G06F9/45558 , H04L63/0435 , H04L63/1466 , G06F2009/45583 , G06F2009/45595
Abstract: Systems and methods are disclosed to implement an application that can automatically download new digital certificates to verify signed code updates received by the application. In embodiments, under normal circumstances, the application uses a pinned certificate in the application's executable code to verify received updates signed using the certificate. However, if the code signing certificate changes, the application will automatically retrieve the new certificate from a certificate publishing service. Accordingly, the new certificate does not have to be included as part of the code update package, and the retrieval of the new certificate can be managed more robustly by the application updater. In embodiments, downloads from the certificate publishing service may be secured using a nonce and a shared secret that is known to the service and also pinned to the application. In this way, the download process can be protected from hijacking attacks.
-
-
Search Results
3
records
(took 0.009 seconds)
