Abstract: The present disclosure relates to computer-implemented methods, software, and systems for mitigating risk of denial of services for protected resources, including: receiving a request to change an old log-in credential of an account for authenticating to access a resource to a new log-in credential, wherein the request is received from an entity authenticated at an automation tool that is configured to execute resource management operations over resources; determining, at the automation tool, whether to validate the new log-in credential by determining whether a tracked number of attempts to access the resource by the account has reached a threshold lock policy value for the resource; and in response to invalidating the new log-in credential by determining that the tracked number of attempts to access the resource exceeds the threshold lock policy value, denying, by the automation tool, changing the old log-in credential to the new log-in credential.

Abstract: Methods, systems, and computer-readable storage media for authorizing execution of processes that access cached data of an application running in a virtualized cloud environment. A first composite encrypted value comprising a first encrypted secret and a first secure hash value of a first secret is retrieved at a first virtual machine. The first encrypted secret is decrypted using a cryptographic key to determine a second secret to be used for initiating a first process (p?) on the first virtual machine. A second secure hash value of the second secret is generated. The second secure hash value is compared with the first secure hash value to determine whether to authorize execution of the first process on the first virtual machine using the first secret. In response to determining that the second secure hash value and the first secure hash value match, the first process is initiated at the first virtual machine.

Abstract: Methods, systems, and computer-readable storage media for authorizing execution of processes that access cached data of an application running in a virtualized cloud environment. A first composite encrypted value comprising a first encrypted secret and a first secure hash value of a first secret is retrieved at a first virtual machine. The first encrypted secret is decrypted using a cryptographic key to determine a second secret to be used for initiating a first process (p?) on the first virtual machine. A second secure hash value of the second secret is generated. The second secure hash value is compared with the first secure hash value to determine whether to authorize execution of the first process on the first virtual machine using the first secret. In response to determining that the second secure hash value and the first secure hash value match, the first process is initiated at the first virtual machine.