Abstract: Digital certificates include pointers to remote certificate information stores that maintain usage information associated with digital certificates. The pointers provide a mechanism for enabling the remote certificate information stores to be queried for usage information associated with a particular digital certificate. The usage information can be used to determine a validity of the digital certificate.

Abstract: Methods and apparatus for securing client-specified credentials at cryptographically-attested resources are described. An indication is obtained that resources deployed for execution of a compute instance of a multi-tenant computing service at an instance host of a provider network meet a client's security criteria. An encrypted representation of credentials to be used at the compute instance to implement operations on behalf of a client is received at the instance host. The credentials are extracted from the encrypted representation using a private key unique to the instance host, used for the operations, and then removed from the instance host without being saved in persistent memory.

Abstract: A method and apparatus for distributing cryptographic material are disclosed. In the method and apparatus, cryptographic material is obtained and it is determined that the cryptographic material is to be made available for use by one or more computing resources. The cryptographic material is then sent to one or more secure modules, whereby a secure module of the one or more secure modules is programmatically accessible to a computing resource of the one or more computing resources and programmatic access enables the computing resource to request performance of one or more cryptographic operations using the cryptographic material while exporting the cryptographic material to the computing resource is denied.

Abstract: Devices, such as hardware security modules, are provided as a service. A customer of a computing resource provider is able to request the addition of a device to a network of the customer hosted by the computing resource provider. The computing resource provider reconfigures a set of computing resources so that the devices of the customer are able to communicate with the device as if the device was in the customer's own network.

Abstract: Customers of a computing resource service provider may operate one or more computing resources provided by the computing resource service provider. In addition, the customers may implement security applications and/or devices using the one or more computing resources provided by the computing resource service provider. Operational information from customer operated computing resources may be correlated with operational information from computing resources operated by the computing resource service provider or other entities and correlated threat information may be generated. Anomalous activity may be detected based at least in part on the correlated threat information.

Abstract: Devices, such as hardware security modules, are provided as a service. A customer of a computing resource provider is able to request the addition of a device to a network of the customer hosted by the computing resource provider. The computing resource provider reconfigures a set of computing resources so that the devices of the customer are able to communicate with the device as if the device was in the customer's own network.

Abstract: Customers of a computing resource service provider may operate one or more computing resources, provided by the computing resource service provider, within a virtual network. The customers may request network scans of the computing resources with the virtual network. Scanning packets may be generated and encapsulated to ensure delivery to an appropriate destination within the virtual network. The information in the scanning packet may appear to be generated by a source within the virtual network.

Abstract: Organizations maintain and generate large amounts of sensitive information using computer hardware resources and services of a service provider. Furthermore, there is a need to be able to delete large amounts of data securely and quickly by encrypting the data with a key and destroying the key. To ensure that information stored remotely is secure and capable of secure deletion, cryptographic keys used by the organization should be prevented from being persistently stored during serialization operations. A variety of methods may be used to protect access to keying material and prevent the keying material from being stored persistently.

Abstract: Organizations maintain and generate large amounts of sensitive information using computer hardware resources and services of a service provider. Furthermore, there is a need to be able to delete large amounts of data securely and quickly by encrypting the data with a key and destroying the key. To ensure that information stored remotely is secured and capable of secure deletion, cryptographic keys used by the organization should be prevented from being persistently stored during serialization operations.

Abstract: Customers of a computing resource service provider may operate one or more computing resource provided by the computing resource service provider. In addition, the customers may implement security applications and/or devices using the one or more computing resources provided by the computing resource service provider. Operational information from customer operated computing resources may be correlated with operational information from computing resources operated by the computing resource service provider or other entities and correlated threat information may be generated. Anomalous activity may be detected based at least in part on the correlated threat information.

Abstract: A computing resource service provider may provide customers with a block-level forensics service. Volume images of computing resource associated with customer may be generated and provided to the block-level forensics service. The block-level forensics service or component thereof may generate a volume based at least in part on the volume image and may perform forensics analysis of the volume. A result of the forensic analysis may be provided to the customer.

Abstract: Customers of a computing resource service provider may utilize computing resources of the computing resources service provided to implement one or more computer systems. Furthermore, the customer may cause a host-based firewall to be executed by the one or more computer systems. The host-based firewall may collect network traffic information. The customer may then be provided with the network traffic information and be prompted to provide decisions associated with the network traffic information. The decisions may be used to generate a set of rules which may be enforced by the host-based firewall.

Abstract: Techniques are disclosed for mitigating against registering a domain name that is confusingly similar to a pre-existing domain name, possibly for the purpose of fooling users. In embodiments, a domain name is presented for registration. The domain name is rendered as an image, and optical character recognition is performed on the image to extract the rendered text. This extracted text is compared against a list of domain names for which confusingly similar domain names cannot be registered, and when the extracted text matches a domain name in this list of domain names, registration of the domain name is denied.

Abstract: A computing resource service provider may provide customers with a block-level forensics service. Logical volumes associated a customer may be used to instantiate computing resources provided by a computing resource service provide for use by the customer. The block-level forensics service or component thereof may monitor the logical volume based at least in part on a log generated as a result of the logical volume being implemented as a log-structured storage system. Operations to the log may be collected by the block-level forensics service and malicious activity may be detected based at least in part on operations to the log.

Abstract: Devices, such as hardware security modules, are provided as a service. A customer of a computing resource provider is able to request the addition of a device to a network of the customer hosted by the computing resource provider. The computing resource provider reconfigures a set of computing resources so that the devices of the customer are able to communicate with the device as if the device was in the customer's own network.

Abstract: Methods and apparatus for a computing infrastructure for configurable-quality random data are disclosed. A storage medium stores program instructions that when executed on a processor designate some servers of a provider network as members of a pool of producers of random data usable by random data consumers. The instructions, when executed, determine a subset of the pool to be used to supply a collection of random data intended for a random data consumer, and one or more sources of random phenomena to be used to generate the collection of random data. The instructions, when executed, initiate a transmission of the collection of random data directed to the random data consumer.

Abstract: Organizations maintain and generate large amounts of sensitive information using computer hardware resources and services of a service provider. Furthermore, there is a need to be able to delete large amounts of data securely and quickly by encrypting the data with a key and destroying the key. To ensure that information stored remotely is secured and capable of secure deletion, cryptographic keys used by the organization should be prevented from being persistently stored during serialization operations. If the keys used to encrypt the data have not been exposed during serialization operation, they may be deleted or destroyed enabling the destruction of data encrypted with the keys.

Abstract: Methods and apparatus for a computing infrastructure for configurable-quality random data are disclosed. A storage medium stores program instructions that when executed on a processor designate some servers of a provider network as members of a pool of producers of random data usable by random data consumers. The instructions, when executed, determine a subset of the pool to be used to supply a collection of random data intended for a random data consumer, and one or more sources of random phenomena to be used to generate the collection of random data. The instructions, when executed, initiate a transmission of the collection of random data directed to the random data consumer.

Abstract: Organizations maintain and generate large amounts of sensitive information using computer hardware resources and services of a service provider. Furthermore, there is a need to be able to delete large amounts of data securely and quickly by encrypting the data with a key and destroying the key. To ensure that information stored remotely is secured and capable of secure deletion, cryptographic keys used by the organization should be prevented from being persistently stored during serialization operations.

Abstract: Organizations maintain and generate large amounts of sensitive information using computer hardware resources and services of a service provider. Furthermore, there is a need to be able to delete large amounts of data securely and quickly by encrypting the data with a key and destroying the key. To ensure that information stored remotely is secured and capable of secure deletion, cryptographic keys used by the organization should be prevented from being persistently stored during serialization operations. If the keys used to encrypt the data have not been exposed during serialization operation, they may be deleted or destroyed enabling the destruction of data encrypted with the keys.