公开(公告)号：US10810106B1

公开(公告)日：2020-10-20

申请号：US15472164

申请日：2017-03-28

Applicant: Amazon Technologies, Inc.

Inventor： Iftach Amit ,  Aaron Michael Brown ,  David Scott Cleckley, Jr.

IPC: G06F11/36 ,  G06F21/50

Abstract: A security and maturity service is provided to generate a security score for an application. A set of data points are obtained, the data points indicating application information for an application. The data points may be associated with a particular axis of a plurality of axes defined by a scoring model. Furthermore, the scoring model may define a score for each axes based at least in part on the data points. A security score for the application may then be determined based at least in part on the score for the plurality of axes.

公开(公告)号：US10803164B2

公开(公告)日：2020-10-13

申请号：US16130060

申请日：2018-09-13

Applicant: Amazon Technologies, Inc.

Inventor： Jon Arron McClintock ,  David Scott Cleckley, Jr. ,  Robert Ellis Lee ,  Annabelle Richard Backman

IPC: G06F21/45 ,  H04L29/06 ,  G06F21/41

Abstract: Disclosed are various embodiments for validating that relying parties of a federated identity provider have correctly implemented sign-out functionality. In one approach, a network page is received from a network site that is operated by a relying party of a federated identity provider. It is then determined whether the network page includes code that properly implements a sign-out from the federated identity provider. An action is initiated in response to determining that the network page does not include code that properly implements the sign-out from the federated identity provider.

公开(公告)号：US10095860B1

公开(公告)日：2018-10-09

申请号：US14963819

申请日：2015-12-09

Applicant: Amazon Technologies, Inc.

Inventor： Jon Arron McClintock ,  David Scott Cleckley, Jr. ,  Robert Ellis Lee ,  Annabelle Richard Backman

IPC: G06F21/45 ,  H04L29/06

Abstract: Disclosed are various embodiments for validating that relying parties of a federated identity provider have correctly implemented sign-out functionality. In one approach, a network page is received from a network site that is operated by a relying party of a federated identity provider. It is then determined whether the network page includes code that properly implements a sign-out from the federated identity provider. An action is initiated in response to determining that the network page does not include code that properly implements the sign-out from the federated identity provider.