In some cases, a software application may become infected with a virus or some other type of malicious software (e.g., malware). In other cases, a software application might not be properly configured or might have some other problem that prevents the application from executing properly. In these cases, executing the infected or misconfigured software application may pose a security risk, or some other type of risk (e.g., a health risk) to a computing device, and possibly other computing devices.
There are many forms of defense mechanisms that might be used to assist in detecting when a software application is a risk to one or more computing devices. For example, anti-virus software, anti-malware software, firewalls, or some other mechanism might be used to prevent a software application from executing. In some cases, however, it may be challenging to detect and prevent software applications that pose a risk to one or more computing devices from executing in a computing environment. The challenge might even be greater in a distributed computing environment that executes execution environments such as virtual machine instances (which may be referred to herein as “VMs” or “instances”) or containers.
It is with respect to these and other considerations that the disclosure made herein is presented.