What is it?
Amazon Inspector is a vulnerability management service that scans AWS workloads for software vulnerabilities and unintended network exposure.
With a few clicks in the AWS Management Console, you can use Amazon Inspector across all accounts in your organization. Once started, it automatically discovers running Amazon Elastic Compute Cloud (EC2) instances, container images residing in Amazon Elastic Container Registry (ECR), and AWS Lambda functions at scale. It immediately starts assessing them for known vulnerabilities.
Amazon Inspector calculates a highly contextualized risk score for each finding by correlating common vulnerabilities and exposures (CVE) information with network access and exploitability factors.
This score prioritizes the most critical vulnerabilities to improve remediation response efficiency. All findings are aggregated in a newly designed Amazon Inspector console and pushed to AWS Security Hub and Amazon EventBridge to automate workflows.
Vulnerabilities found in container images are also sent to Amazon ECR for resource owners to view and remediate. With Amazon Inspector, even small security teams and developers can ensure infrastructure workload security and compliance across their AWS workloads.
4 Use Cases
Discovery
· Quickly discover vulnerabilities in compute workloads
Automatically discover and quickly route vulnerability findings in near real-time to the appropriate teams so they can take immediate action.
Prioritize patch remediation
Use up-to-date common vulnerabilities and exposures (CVE) information combined with factors such as network accessibility to create context-based risk scores that help you prioritize and address vulnerable resources.
Meet compliance requirements
Support compliance requirements and best practices for NIST CSF, PCI DSS, and other regulations with Amazon Inspector scans