[AWS] Amazon Inspector

Amazon Inspector is an automated vulnerability management service that continually scans AWS workloads for software vulnerabilities and unintended network exposure.

Features

Amazon Inspector performs security scans on EC2 instances and VPCs.

  • Use up-to-date common vulnerabilities and exposures (CVE) information.
  • Inspector produces a detailed list of security vulnerabilities prioritized by level of severity.
  • Detailed assessment reports are available via the Amazon Inspector console or API.

There are two types of Assessment

  • Network Assessment
    • Network configuration analysis
    • Check ports reachable from outside of the VPC
    • An Inspector agent is not required.
  • Host Assessment
    • Check common vulnerabilities and exposures (CVE), host hardening (Center for Internet Security – CIS – Benchmarks), and security best practices
    • An Inspector agent is required.

How it works

  1. Create assessment target
  2. Install agents on EC2 instances
  3. Crete assessment template
  4. Perform assessment
  5. Review the reports

Use cases

  • Quickly discover vulnerabilities
  • Prioritize vulnerable resources
  • Meet compliance requirements

Published by Pyongwon Lee

IT (Cloud, Web) Development, Philosophy, Economics.

Leave a Comment

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Cancel

Connecting to %s