Patents by Inventor Michael Tautschnig
Michael Tautschnig has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 11750642Abstract: This disclosure describes techniques for automating a system-level security review of a network-based service. The techniques may include generating and utilizing a machine-readable threat model to identify system-level security threats to the network-based service. The network-based service may be scanned upon being provisioned in a service-provider network, and the machine-readable threat model may be generated based on results of the scan. The machine-readable threat model may represent components of the network-based service, system-level security constraints configured to identify system-level security threats to the service, and mitigations to remedy violations to the system-level security constraints. The network-based service may be continuously, or periodically, scanned to identify changes in the network-based service.Type: GrantFiled: August 15, 2022Date of Patent: September 5, 2023Assignee: Amazon Technologies, Inc.Inventors: Michael Tautschnig, Neha Rungta, John Cook, Pauline Virginie Bolignano, Todd Granger MacDermid, Oksana Tkachuk
-
Patent number: 11494285Abstract: Techniques for static code analysis tool and configuration recommendation via codebase analysis are described. Multiple codebases are tested using multiple static analysis tools and corresponding configurations, and a machine learning model is trained based on the results and characteristics of the codebases. Users may provide a codebase to be analyzed and job preferences indicating what characteristics of static analysis they desire, the codebase may be analyzed to generate input data for the model, and the model may identify one or more similar testing runs. These candidate runs may be filtered and/or ordered based on the user's stated job preferences, and the resulting tools and configurations associated with these runs may be returned to the user or used to perform static analysis of the user's codebase.Type: GrantFiled: September 30, 2020Date of Patent: November 8, 2022Assignee: Amazon Technologies, Inc.Inventors: Norbert Manthey, Michael Tautschnig
-
Patent number: 11418532Abstract: This disclosure describes techniques for automating a system-level security review of a network-based service. The techniques may include generating and utilizing a machine-readable threat model to identify system-level security threats to the network-based service. The network-based service may be scanned upon being provisioned in a service-provider network, and the machine-readable threat model may be generated based on results of the scan. The machine-readable threat model may represent components of the network-based service, system-level security constraints configured to identify system-level security threats to the service, and mitigations to remedy violations to the system-level security constraints. The network-based service may be continuously, or periodically, scanned to identify changes in the network-based service.Type: GrantFiled: April 7, 2020Date of Patent: August 16, 2022Assignee: Amazon Technologies, Inc.Inventors: Michael Tautschnig, Neha Rungta, John Cook, Pauline Virginie Bolignano, Todd Granger MacDermid, Oksana Tkachuk
-
Patent number: 11232015Abstract: A method for verifying source code for a program includes determining that a new version of the source code is available. One or more verification tools are determined to use for verification of the new version of the source code from a verification specification associated with the source code. A plurality of verification tasks to perform for the verification of the new version of the source code are automatically determined from the verification specification associated with the source code. The plurality of verification tasks for the new version of the source code are automatically performed using the one or more verification tools. A determination is then made as to whether the new version of the source code is verified.Type: GrantFiled: May 1, 2020Date of Patent: January 25, 2022Assignee: Amazon Technologies, Inc.Inventors: Juan Rodriguez Hortala, Neha Rungta, Mark R. Tuttle, Serdar Tasiran, Michael Tautschnig, Andrea Nedic, Carsten Varming, John Byron Cook, Sean McLaughlin
-
Patent number: 11200144Abstract: Methods, systems, and computer-readable media for refinement of static analysis of program code are disclosed. A report is received. The report was generated using initial static analysis of program code. The report indicates a plurality of warnings regarding the program code, at least some of which represent potential flaws, and the warnings are associated with a plurality of segments of the program code. Additional analysis of the segments of program code is performed. The additional analysis differs at least in part from the initial static analysis. Based at least in part on the additional analysis, at least some of the warnings are determined to represent false positives.Type: GrantFiled: September 5, 2017Date of Patent: December 14, 2021Assignee: Amazon Technologies, Inc.Inventors: John Cook, Kalpana Gondi, Michael Tautschnig
-
Patent number: 10769250Abstract: Techniques for targeted security monitoring using semantic behavioral change analysis are described. A mutation monitor can use a code repository to generate a build of a software project prior to a code commit and another build after the code commit. An instruction-difference between the builds can be generated and used to perform a change impact analysis to identify control-flow and data dependencies changed as a result of the code commit. A semantic difference can be generated by annotating a syntactic difference for the code commit based on the identified control-flow and data dependency changes to allow for the behavioral changes to be easily shown to a user. Security impact analysis can be performed on parts of the software impacted by the code commit to quickly determine the security impacts introduced by the code commit.Type: GrantFiled: October 26, 2017Date of Patent: September 8, 2020Assignee: Amazon Technologies, Inc.Inventors: Michael Tautschnig, John Cook
-
Publication number: 20200257611Abstract: A method for verifying source code for a program includes determining that a new version of the source code is available. One or more verification tools are determined to use for verification of the new version of the source code from a verification specification associated with the source code. A plurality of verification tasks to perform for the verification of the new version of the source code are automatically determined from the verification specification associated with the source code. The plurality of verification tasks for the new version of the source code are automatically performed using the one or more verification tools. A determination is then made as to whether the new version of the source code is verified.Type: ApplicationFiled: May 1, 2020Publication date: August 13, 2020Inventors: Juan Rodriguez HORTALA, Neha RUNGTA, Mark R. TUTTLE, Serdar TASIRAN, Michael TAUTSCHNIG, Andrea NEDIC, Carsten VARMING, John Byron COOK, Sean MCLAUGHLIN
-
Patent number: 10664379Abstract: A method for verifying source code for a program includes determining that a new version of the source code is available. One or more verification tools are determined to use for verification of the new version of the source code from a verification specification associated with the source code. A plurality of verification tasks to perform for the verification of the new version of the source code are automatically determined from the verification specification associated with the source code. The plurality of verification tasks for the new version of the source code are automatically performed using the one or more verification tools. A determination is then made as to whether the new version of the source code is verified.Type: GrantFiled: September 5, 2018Date of Patent: May 26, 2020Assignee: AMAZON TECHNOLOGIES, INC.Inventors: Juan Rodriguez Hortala, Neha Rungta, Mark R. Tuttle, Serdar Tasiran, Michael Tautschnig, Andrea Nedic, Carsten Varming, John Byron Cook, Sean McLaughlin
-
Patent number: 10652266Abstract: This disclosure describes techniques for automating a system-level security review of a network-based service. The techniques may include generating and utilizing a machine-readable threat model to identify system-level security threats to the network-based service. The network-based service may be scanned upon being provisioned in a service-provider network, and the machine-readable threat model may be generated based on results of the scan. The machine-readable threat model may represent components of the network-based service, system-level security constraints configured to identify system-level security threats to the service, and mitigations to remedy violations to the system-level security constraints. The network-based service may be continuously, or periodically, scanned to identify changes in the network-based service.Type: GrantFiled: February 28, 2018Date of Patent: May 12, 2020Assignee: Amazon Technologies, Inc.Inventors: Michael Tautschnig, Neha Rungta, John Cook, Pauline Virginie Bolignano, Todd Granger MacDermid, Oksana Tkachuk
-
Publication number: 20200073783Abstract: A method for verifying source code for a program includes determining that a new version of the source code is available. One or more verification tools are determined to use for verification of the new version of the source code from a verification specification associated with the source code. A plurality of verification tasks to perform for the verification of the new version of the source code are automatically determined from the verification specification associated with the source code. The plurality of verification tasks for the new version of the source code are automatically performed using the one or more verification tools. A determination is then made as to whether the new version of the source code is verified.Type: ApplicationFiled: September 5, 2018Publication date: March 5, 2020Inventors: Juan Rodriguez Hortala, Neha Rungta, Mark R. Tuttle, Serdar Tasiran, Michael Tautschnig, Andrea Nedic, Carsten Varming, John Byron Cook, Sean McLaughlin
-
Patent number: 9904527Abstract: Based on source code analysis of an API-invoker program, an expendable set of source code sections of an API-implementer program is identified. The expendable set corresponds to operations which are not expected to be performed on behalf of the API-invoker program at a particular computing environment. An optimized binary version of the API-implementer program is generated, which does not include executable code corresponding to the expendable set. The optimized binary version is transmitted to the computing environment for deployment.Type: GrantFiled: August 12, 2016Date of Patent: February 27, 2018Assignee: Amazon Technologies, Inc.Inventors: Konrad Jan Miller, Michael Tautschnig