公开(公告)号：US20170171161A1

公开(公告)日：2017-06-15

申请号：US15445054

申请日：2017-02-28

Applicant: Amazon Technologies, Inc.

Inventor： JESPER MIKAEL JOHANSSON ,  DARREN ERNEST CANAVOR ,  JON ARRON MCCLINTOCK

IPC: H04L29/06

CPC classification number: H04L63/0281 ,  H04L63/08 ,  H04L63/10 ,  H04L63/20

Abstract: Disclosed are various embodiments for management of third-party accounts for users in an organization. A request is received from a client corresponding to a user in an organization to access a third-party network site under management by the organization. The third-party network site is operated by a third party that does not correspond to the organization. It is determined whether network traffic between the client and the third-party network site is routed via a proxy server operated by the organization. Access of the client to a managed account with the third-party network site is denied in response to determining that the network traffic between the client and the third-party network site is not routed via the proxy server.

公开(公告)号：US20170279854A1

公开(公告)日：2017-09-28

申请号：US15618419

申请日：2017-06-09

Applicant: Amazon Technologies, Inc.

Inventor： HARSHA RAMALINGAM ,  DOMINIQUE IMJYA BREZINSKI ,  JESPER MIKAEL JOHANSSON ,  JON ARRON MCCLINTOCK ,  JAMES CONNELLY PETTS

IPC: H04L29/06

CPC classification number: H04L63/20 ,  G06F21/14 ,  G06F21/54 ,  G06F21/55 ,  H04L63/1491

Abstract: Disclosed are various embodiments for active data that tracks usage. The active data includes instructions that are executable by a computing device. The computing device is scanned to identify characteristics of the computing device. The characteristics of the computing device are utilized to determine whether the usage of the active data is authorized. Data is transmitted to a network service, including identifying information for the particular computing device and data that identifies a deployment of the active data.

公开(公告)号：US20170316213A1

公开(公告)日：2017-11-02

申请号：US15651277

申请日：2017-07-17

Applicant: Amazon Technologies, Inc.

Inventor： JON ARRON MCCLINTOCK ,  ALUN JONES ,  NARASIMHA RAO LAKKAKULA

IPC: G06F21/57 ,  G06F9/44

CPC classification number: G06F21/577 ,  G06F8/71 ,  G06F8/77 ,  G06F11/3604

Abstract: Disclosed are various embodiments for identifying characteristics of developers of problematic software. Report data generated by a security analysis tool is received, which is based at least in part on a security analysis of a program or an operational configuration. The report data indicates one or more security issues identified in the program or the operational configuration. A user is identified who is responsible for at least a threshold impact of the security issue(s). Coding or configuration characteristics associated with the user are then determined.

公开(公告)号：US20190012454A1

公开(公告)日：2019-01-10

申请号：US16130060

申请日：2018-09-13

Applicant: Amazon Technologies, Inc.

Inventor： JON ARRON MCCLINTOCK ,  DAVID SCOTT CLECKLEY, JR. ,  ROBERT ELLIS LEE ,  ANNABELLE RICHARD BACKMAN

IPC: G06F21/45 ,  H04L29/06

CPC classification number: G06F21/45 ,  G06F21/41 ,  H04L63/0815

Abstract: Disclosed are various embodiments for validating that relying parties of a federated identity provider have correctly implemented sign-out functionality. In one approach, a network page is received from a network site that is operated by a relying party of a federated identity provider. It is then determined whether the network page includes code that properly implements a sign-out from the federated identity provider. An action is initiated in response to determining that the network page does not include code that properly implements the sign-out from the federated identity provider.

公开(公告)号：US20170104721A1

公开(公告)日：2017-04-13

申请号：US15389343

申请日：2016-12-22

Applicant: Amazon Technologies, Inc.

Inventor： JON ARRON MCCLINTOCK ,  JESPER MIKAEL JOHANSSON ,  ANDREW JAY ROTHS

IPC: H04L29/06 ,  H04L12/24 ,  G08B21/18 ,  H04L29/08

CPC classification number: H04L63/0254 ,  G08B21/18 ,  H04L41/06 ,  H04L63/0281 ,  H04L63/1425 ,  H04L63/1441 ,  H04L63/145 ,  H04L67/28

Abstract: Disclosed are various embodiments for malware detection by way of proxy servers. In one embodiment, a proxied request for a network resource from a network site is received from a client device by a proxy server application. The proxied request is analyzed to determine whether the proxied request includes protected information transmitted in an unsecured manner. It is then determined whether the network resource comprises malware based at least in part on an execution of the network resource or whether the proxied request includes the protected information transmitted in the unsecured manner. The proxy server application refrains from sending data generated by the network resource to the client device in response to the proxied request when the network resource is determined to comprise the malware.