Automated threat modeling using machine-readable threat models

Assignee

• AMAZON TECHNOLOGIES, INC. · US

Inventors

• Michael Tautschnig · London, GB
• Neha Rungta · San Jose, US
• John Cook · Brooklyn, US
• Pauline Virginie Bolignano · London, GB
• Todd Granger MacDermid · Seattle, US
• Oksana Tkachuk · Palo Alto, US

Key dates

Classification

• Technology area (CPC H)Electricity
• CPC primaryH04L63/20
• WIPO fieldDigital communication
• WIPO sectorElectrical engineering

Abstract

This disclosure describes techniques for automating a system-level security review of a network-based service. The techniques may include generating and utilizing a machine-readable threat model to identify system-level security threats to the network-based service. The network-based service may be scanned upon being provisioned in a service-provider network, and the machine-readable threat model may be generated based on results of the scan. The machine-readable threat model may represent components of the network-based service, system-level security constraints configured to identify system-level security threats to the service, and mitigations to remedy violations to the system-level security constraints. The network-based service may be continuously, or periodically, scanned to identify changes in the network-based service. The techniques further include updating the machine-readable threat model to account for the detected changes to the network-based service, and analyzing the updated machine-readable threat model to determine whether the changes to the network-based service violate a system-level security constraint.