Abstract: Techniques described and suggested herein include various systems and methods for determining risk levels associated with transiting data, and routing portions of the data in accordance with the determined risk levels. For example, a risk analyzer may apply risk classifiers to transiting data to determine overall risk levels of some or all of the transiting data. A traffic router may route transiting data according to determined risk profiles for the data. A sandbox may be implemented to compare, for a given input, expected and observed outputs for a subset of transiting data, so as to determine risk profiles associated with at least the subset.

Abstract: Techniques described and suggested herein include various systems and methods for determining risk levels associated with transiting data, and routing portions of the data in accordance with the determined risk levels. For example, a risk analyzer may apply risk classifiers to transiting data to determine overall risk levels of some or all of the transiting data. A traffic router may route transiting data according to determined risk profiles for the data. A sandbox may be implemented to compare, for a given input, expected and observed outputs for a subset of transiting data, so as to determine risk profiles associated with at least the subset.

Abstract: Disclosed are various embodiments providing automated management of security operations centers. In one embodiment, a correlation and decision engine correlates event data generated by a plurality of monitoring services with a plurality of alerts generated by a plurality of threat intelligence services. The engine then adjusts at least one rule of one or more threat intelligence services with respect to at least one event based at least in part on a corresponding frequency of at least one of the plurality of alerts meeting a threshold, where the adjusted alert(s) are associated with the event(s).

Abstract: A payment object service receives a request from a giver to associate a payment amount to an object. The request includes one or more images of the object and recipient information, which the payment object service uses to determine whether the association between these images and the information is unique. If the association is unique, the payment object service updates a database to associate the payment amount to the object and enable redemption of the payment amount. When the payment object service receives a request to redeem at least a portion of the payment amount, the payment object service may use one or more images and recipient information obtained from the request to verify that the images and information together correspond to the object. Once the redemption is complete, the payment object service may update the database to specify the current remaining payment amount.

Abstract: An electronic message delivery service receives a request to transmit an electronic message to a recipient. In response to the request, the electronic message delivery service determines first information from the electronic message usable to uniquely identify the electronic message. The electronic message delivery service obtains, based at least in part on the first information and a cryptographic key, cryptographic information that can be inserted into the electronic message. The electronic message delivery service inserts the cryptographic information and second information usable to validate at least a portion of the electronic message with the cryptographic information into the electronic message. The electronic message is transmitted to the recipient.

Abstract: Disclosed are various embodiments for a computing device with an integrated authentication token. The computing device includes first circuitry having a processor and a memory and providing general-purpose computing capability. The computing device also includes second circuitry configured to generate data. The first circuitry is incapable of determining the data due to a separation from the second circuitry, and the first and second circuitry may be in a single enclosure.

Abstract: Techniques described and suggested herein include various systems and methods for determining risk levels associated with transiting data, and routing portions of the data in accordance with the determined risk levels. For example, a risk analyzer may apply risk classifiers to transiting data to determine overall risk levels of some or all of the transiting data. A traffic router may route transiting data according to determined risk profiles for the data. A sandbox may be implemented to compare, for a given input, expected and observed outputs for a subset of transiting data, so as to determine risk profiles associated with at least the subset.

Abstract: Techniques described and suggested herein include various systems and methods for determining risk levels associated with transiting data, and routing portions of the data in accordance with the determined risk levels. For example, a risk analyzer may apply risk classifiers to transiting data to determine overall risk levels of some or all of the transiting data. A traffic router may route transiting data according to determined risk profiles for the data. A sandbox may be implemented to compare, for a given input, expected and observed outputs for a subset of transiting data, so as to determine risk profiles associated with at least the subset.

Abstract: Entities of an organization may have difficulties generating and remembering strong passwords. A password management service may generate passwords with high entropy and aid entities in remembering generated passwords. The password management service may generate a list of passwords based on a seed value provided by the entities. The entities may then select a password from the list of passwords to be used at the entities' password. Furthermore, the entities may be allowed to save the list of passwords to aid the entities in remembering their selected password from the list of passwords.

Abstract: Disclosed are various embodiments for a computing device with an integrated authentication token. The computing device includes first circuitry having a processor and a memory and providing general-purpose computing capability. The computing device also includes second circuitry configured to generate data. The first circuitry is incapable of determining the data due to a separation from the second circuitry, and the first and second circuitry may be in a single enclosure.

Abstract: A method and system are provided that create a limited use secure environment (LSE) image such as a limited use operating system installation that can be booted from a removable medium (e.g. CD or flash drive). The limited use secure environment is a limited purpose OS, web browser, etc. that prevents undesired activities. When the limited use secure environment boots, it initiates a pairing operation in which a pairing code and user credentials are conveyed to an authorization server. Once the pairing code and credentials are confirmed, a provisioning service provides configuration credentials to the limited use secure environment to enable the limited use secure environment to establish a secure connection through a gateway to resources of interest.

Abstract: Disclosed are various embodiments for a computing device with an integrated authentication token. The computing device includes first circuitry having a processor and a memory and providing general-purpose computing capability. The computing device also includes second circuitry configured to generate data. The first circuitry is incapable of determining the data due to a separation from the second circuitry, and the first and second circuitry may be in a single enclosure.

Abstract: Techniques for analyzing a dataset may be provided. For example, a configuration file may be accessed. The dataset may be analyzed based on a condition identified in the configuration file. A report may be generated and transmitted based on the analysis. Another report generated based on an analysis of another dataset according to another configuration file may be accessed. The dataset may be further analyzed based on this report to determine if a reported observation may also be associated with the dataset. If so, a confirmation may be generated and transmitted.

Abstract: Disclosed are various embodiments for a computing device with an integrated authentication token. The computing device includes first circuitry having a processor and a memory and providing general-purpose computing capability. The computing device also includes second circuitry configured to generate data. The first circuitry is incapable of determining the data due to a separation from the second circuitry, and the first and second circuitry may be in a single enclosure.

Abstract: Disclosed are various embodiments for a computing device with an integrated authentication token. The computing device includes first circuitry having a processor and a memory and providing general-purpose computing capability. The computing device also includes second circuitry configured to generate a one-time password. The first circuitry is incapable of determining the one-time password due to a separation from the second circuitry, and the first and second circuitry may be in a single enclosure.

Abstract: Techniques for analyzing access to a network-based document may be provided. For example, the network-based document may be configured for direct access from client device. Based on an access of a client device to the network-based document, information associated with this access may be recorded. The information may be analyzed to determine whether a condition associated with the direct access may be violated. An issue may be detected with the client device access based on a determination that the condition may be violated.

Abstract: Techniques described and suggested herein include various systems and methods for determining risk levels associated with transiting data, and routing portions of the data in accordance with the determined risk levels. For example, a risk analyzer may apply risk classifiers to transiting data to determine overall risk levels of some or all of the transiting data. A traffic router may route transiting data according to determined risk profiles for the data. A sandbox may be implemented to compare, for a given input, expected and observed outputs for a subset of transiting data, so as to determine risk profiles associated with at least the subset.

Abstract: Techniques described and suggested herein include various systems and methods for determining risk levels associated with transiting data, and routing portions of the data in accordance with the determined risk levels. For example, a risk analyzer may apply risk classifiers to transiting data to determine overall risk levels of some or all of the transiting data. A traffic router may route transiting data according to determined risk profiles for the data. A sandbox may be implemented to compare, for a given input, expected and observed outputs for a subset of transiting data, so as to determine risk profiles associated with at least the subset.

Abstract: Disclosed are various embodiments for a computing device with an integrated authentication token. The computing device includes first circuitry having a processor and a memory and providing general-purpose computing capability. The computing device also includes second circuitry configured to generate a one-time password. The first circuitry is incapable of determining the one-time password due to a separation from the second circuitry, and the first and second circuitry may be in a single enclosure.

Abstract: Disclosed are various embodiments for a computing device with an integrated authentication token. The computing device includes first circuitry having a processor and a memory and providing general-purpose computing capability. The computing device also includes second circuitry configured to generate a one-time password. The first circuitry is incapable of determining the one-time password due to a hardware, communicative, and/or electrical separation, and the first and second circuitry are in a single enclosure.