As an increasing number of applications and services are being made available over networks such as the Internet, an increasing number of content, application, and/or service providers are turning to technologies such as Web services. Web services, in general, represent an approach to providing access to electronic resources through services where the hardware and/or software used to provide those services is dynamically scalable to meet the needs of the services at any given time. A user or customer often will rent, lease, or otherwise pay for access to resources provided in a service provider's system, and thus does not have to purchase and maintain the underlying hardware and/or software.
In this context, many Web services providers utilize virtualization and multi-tenant architectures to allow multiple users to share its underlying hardware and/or software resources. Virtualization allows server end stations, storage devices, or other hardware resources to be partitioned into multiple isolated instances that can be assigned to and used by different users. Thus, multiple users can utilize the Web services provider's resources at a time, increasing the number of users a service provider can support, thus reducing the management and financial costs to both the service provider and its users.
However, with the increased adoption of Web services, cyber-attacks involving these systems have similarly increased. While previously many cyber-attacks targeted on premise enterprise networks, attackers have begun shifting their focus to service provider systems, especially as these environments are target-rich due to the use of multitenancy and the possibility of misconfigurations on the part of users.