Security recommendation engine
First Claim
Patent Images
1. A system comprising:
- a plurality of computing resources operated on behalf of a customer of a provider network;
a computing device that at least;
receives a request for a security and compliance recommendation for the plurality of computing resources;
forms, in response to receiving the request, a security and compliance assessment based at least in part on tagged metadata associated with the plurality of computing resources, wherein access to the tagged metadata is restricted based on user identity, and wherein the tagged metadata is indicative of compliance with at least one security feature; and
forms the security and compliance recommendation based at least in part on comparing the security and compliance assessment to aggregated peer group data, wherein the aggregated peer group data is indicative of a frequency with which the at least one security feature is enabled by members of the peer group.
1 Assignment
0 Petitions
Accused Products
Abstract
Users are authorized to access tagged metadata in a provider network. A revision control and binding mechanism may be applied to tagged metadata that is added or modified by the user. A recommendation pertaining to security and compliance for the computing resource may be determined based on an analysis of the computing resource, scoring criteria, and data pertaining to customer and system data.
-
Citations
20 Claims
-
1. A system comprising:
-
a plurality of computing resources operated on behalf of a customer of a provider network; a computing device that at least; receives a request for a security and compliance recommendation for the plurality of computing resources; forms, in response to receiving the request, a security and compliance assessment based at least in part on tagged metadata associated with the plurality of computing resources, wherein access to the tagged metadata is restricted based on user identity, and wherein the tagged metadata is indicative of compliance with at least one security feature; and forms the security and compliance recommendation based at least in part on comparing the security and compliance assessment to aggregated peer group data, wherein the aggregated peer group data is indicative of a frequency with which the at least one security feature is enabled by members of the peer group. - View Dependent Claims (2, 3, 4, 5)
-
-
6. A method for operating a provider network, comprising:
-
receiving, by a computing device, a request for a security and compliance recommendation for a plurality of computing resources operated on behalf of a client; generating, by the computing device, a security and compliance assessment based at least in part on tagged metadata associated with the plurality of computing resources, wherein access to the tagged metadata is restricted based on user identity, and wherein the tagged metadata is indicative of compliance with at least one security feature; and generating, by the computing device, the security and compliance recommendation based at least in part on comparing the security and compliance assessment to peer group data, wherein the peer group data is indicative of a usage of the at least one security feature by members of the peer group. - View Dependent Claims (7, 8, 9, 10, 11, 12, 13)
-
-
14. A non-transitory computer-readable storage medium, having stored thereon instructions that, upon execution by one or more processors of a computing device, cause the computing device at least to:
-
receive a request for a security and compliance recommendation for a plurality of computing resources maintained by a provider on behalf of a client; generate a security and compliance assessment based at least in part on tagged metadata associated with the plurality of computing resources, wherein access to the tagged metadata is restricted based on user identity, and wherein the tagged metadata is indicative of compliance with at least one security feature; and generate the security and compliance recommendation based at least in part on comparing the security and compliance assessment to peer group data, wherein the peer group data is indicative of a usage of the at least one security feature by members of the peer group. - View Dependent Claims (15, 16, 17, 18, 19, 20)
-
Specification