This disclosure relates generally to managing server-side security, and more specifically, to identifying a security threat on a server computing system, isolating the server computing system instance that contains the security threat, and cleaning such server computing system instance.
Server computing systems may contain various security vulnerabilities. Security vulnerabilities are weaknesses or flaws in program design, hardware design, implementation, operation, and/or internal control, which may be exploited to violate a system's security policy. If server computing systems contain security vulnerabilities, an unauthorized user may inject malicious code (e.g., viruses, trojan horses, etc.) into the server computing system.
For particular server computing system network environments, once malicious code is injected on one instance (e.g., a virtual machine), the malicious code may spread to other instances of the server computing systems. For example, if a server computing system includes multiple virtual machines, and a first virtual machine was infected with a virus, the virus may spread to a second virtual machine. Malicious code may have many undesirable effects, such as causing system crash, slowing processing speed, distribution of undesired pop-up ads, logging of key strokes for unauthorized access to passwords, etc.