公开(公告)号：US09590854B1

公开(公告)日：2017-03-07

申请号：US14314548

申请日：2014-06-25

Applicant: Amazon Technologies, Inc.

Inventor： Shashank Shekhar ,  Gurinder Raju ,  Andrew Stuart Huntwork ,  David Edouard Louis Robert ,  Pravi Garg

IPC: H04L12/24

CPC classification number: H04L41/0873 ,  H04L41/0893

Abstract: Techniques for providing a network auditing service may be provided. Information about a configuration of a potentially compromised network of computer resources may be compared to a maintained and standard network configuration that is distinct from the potentially compromised network to determine differences. In one example, the potentially compromised network of computer resources may be periodically scanned for configuration information, which may be compared to the standard network configuration to determine if any changes have occurred that would indicate security problems. A report of the differences between the potentially compromised network and the standard network configuration information may be generated and provided for presentation.

Abstract translation: 可以提供用于提供网络审计服务的技术。 可以将关于潜在受损的计算机资源网络的配置的信息与不同于潜在受损网络的维护和标准网络配置进行比较，以确定差异。 在一个示例中，可以周期性地扫描计算机资源的可能受损的网络，用于配置信息，其可以与标准网络配置进行比较，以确定是否发生了任何指示安全问题的更改。 可能会生成潜在受损网络和标准网络配置信息之间差异的报告，并提供用于演示。

公开(公告)号：US11381584B1

公开(公告)日：2022-07-05

申请号：US16562347

申请日：2019-09-05

Applicant: Amazon Technologies, Inc.

Inventor： Anand Victor ,  Ramnath R. Iyer ,  David Edouard Louis Robert ,  Ankur Goenka ,  Zhengqiang Xu ,  Keshav Aswathnarayana Narsipur ,  Kyle B. Peterson

IPC: H04L9/40 ,  G06F9/455

Abstract: A customer in a computing resource service provider environment provisions a virtual machine instance configured with access to sensitive data in a secure storage facility. The virtual machine instance is provisioned specifically to generate reports using a subset of the sensitive data to satisfy different reporting requirements associated with governing entities and agencies. After generating the reports, the virtual machine instance is then removed from the computing resource service environment such that the sensitive data is inaccessible.

公开(公告)号：US11356453B1

公开(公告)日：2022-06-07

申请号：US16562356

申请日：2019-09-05

Applicant: Amazon Technologies, Inc.

Inventor： Anand Victor ,  Ramnath R. Iyer ,  David Edouard Louis Robert ,  Ankur Goenka ,  Zhengqiang Xu ,  Keshav Aswathnarayana Narsipur ,  Kyle B. Peterson

IPC: G06F9/455 ,  H04L9/40

Abstract: A plurality of virtual machines instances are instantiated and configured to use a subset of sensitive data to generate reports such that the reports can be visually inspected by authorized personnel or entities for potential abnormalities. After completion of the inspection, the virtual machine instances are then deleted such that the sensitive data that were used to generate the reports become inaccessible.