×

Monitoring execution environments for approved configurations

  • US 9,805,190 B1
  • Filed: 03/16/2017
  • Issued: 10/31/2017
  • Est. Priority Date: 09/03/2014
  • Status: Active Grant
First Claim
Patent Images

1. A non-transitory computer-readable storage medium having computer-executable instructions stored thereupon which, when executed by a computer, cause the computer to:

  • perform a scan of a memory associated with a virtual machine instance in a service provider network, wherein the virtual machine instance includes a virtual processor configured to run instructions obtained from the memory, and wherein the scan of the memory is performed by a processor that is different from the virtual processor and wherein the scan is operative to detect that the virtual machine instance is in an unapproved configuration, wherein the unapproved configuration indicates one or more of an anomaly of the execution environment, or unexpected data within memory associated with the execution environment; and

    in response to determining that the virtual machine instance is in the unapproved configuration, perform one or more actions that changes an access by the virtual machine instance to one or more resources associated with the service provider network, wherein the one or more actions comprise one or more of terminating the virtual machine instance, isolating the virtual machine instance in a sandbox, or placing the virtual machine instance into a forensics mode of operation.

View all claims
  • 1 Assignment
Timeline View
Assignment View
    ×
    ×