Runtime behavior of computing resources of a distributed environment
First Claim
Patent Images
1. A computer-implemented method, comprising:
- obtaining a runtime configuration generated based at least in part on a set of security rules defining a set of security threats to a computer system instance and a set of remedial operations, the set of security rules generated based at least in part on customer input provided through a web service front-end, the computer system instance and the web service front-end provided by a computing resource service provider, the computer system instance a member of a set of computer system instance provided to customers of the computing resource service provider, where the runtime configuration indicates a threat level associated with a security threat included in the set of security threats;
obtaining access to operational information of the computer system instance, the operational information indicating at least a configuration of the computer system instance, a set of processes executed by the computer systems instance, and a set of operations performed by the computer systems instance;
determining a security threat of the set of security threats to the computer system instance by at least processing the operational information based at least in part on the runtime configuration;
performing a remedial operation of the set of operations indicated by the runtime configuration; and
providing the operational information and information associated with the remedial operation.
1 Assignment
0 Petitions
Accused Products
Abstract
Customers of a computing resource service provider may operate one or more computing resource provided by the computing resource service provider. In addition, the customers may execute agent using the one or more computing resources provided by the computing resource service provider. Operational information from customer-operated computing resources may be obtained by the agents and evaluated for security threats. The operational information may be evaluated based at least in part on a set of security rules. The security rules may be generated at least in part on customer input to generate customer defined security rules.
18 Citations
20 Claims
-
1. A computer-implemented method, comprising:
-
obtaining a runtime configuration generated based at least in part on a set of security rules defining a set of security threats to a computer system instance and a set of remedial operations, the set of security rules generated based at least in part on customer input provided through a web service front-end, the computer system instance and the web service front-end provided by a computing resource service provider, the computer system instance a member of a set of computer system instance provided to customers of the computing resource service provider, where the runtime configuration indicates a threat level associated with a security threat included in the set of security threats; obtaining access to operational information of the computer system instance, the operational information indicating at least a configuration of the computer system instance, a set of processes executed by the computer systems instance, and a set of operations performed by the computer systems instance; determining a security threat of the set of security threats to the computer system instance by at least processing the operational information based at least in part on the runtime configuration; performing a remedial operation of the set of operations indicated by the runtime configuration; and providing the operational information and information associated with the remedial operation. - View Dependent Claims (2, 3, 4)
-
-
5. A system, comprising:
-
one or more processors; and memory to store computer-executable instructions that, if executed, cause the one or more processors to; obtain a runtime configuration from a security service provided by a computing resource service provide, the runtime configuration generated based at least in part on a set of security rules, at least a portion of the set of security rules including a customer input and the runtime configuration including an indication of a threat level associated with a security threat detectable based at least in part on a violation of a subset of security rules of the set of security rules; provide the runtime configuration to an agent, the agent executed by a virtual machine instance supported by the system and managed by the computing resource service provider; detect the security threat by at least processing operational information based at least in part on the runtime configuration; perform a remedial operation in response to the security threat, the remedial operation indicated in the runtime configuration; and transmit information associated with the remedial operation and operational information to the security service. - View Dependent Claims (6, 7, 8, 9, 10, 11, 20)
-
-
12. A set of non-transitory computer-readable storage media having that stores executable instructions that, if executed by one or more processors of a computer system, cause the computer system to:
-
obtain a runtime configuration generated based at least in part on a set of security rules generated based at least in part on customer defined security rules obtained through a service front-end of a security service provided by a computing resource service provider, the runtime configuration including a threat level of a security threat associated with the set of security rules; provide the runtime configuration to an agent executed by a virtual computer system instance provided by the computing resource service provider; detect, by the agent executed by the virtual computer system instance, the security threat to the virtual computer system instance by at least; obtaining operational information associated with the virtual computer system instance; and evaluating the operational information based at least in part on the runtime configuration; and provide information associated with the security threat. - View Dependent Claims (13, 14, 15, 16, 17, 18, 19)
-
Specification