Home » Security Bloggers Network » Amazon Inspector: A cloud-based vulnerability assessment tool

Amazon Inspector: A cloud-based vulnerability assessment tool

by Nikhil Kumar on July 24, 2019

Introduction

Over the last few years, we have seen a lot of high-profile data breaches in organizations that are using cloud-based infrastructure. A cloud-based service provider, such as AWS, gives the flexibility to create an infrastructure in just a few clicks, but at the same time it opens many opportunities for attackers if you miss any security checkpoint. To fill these gaps, Amazon Web Services (AWS) provides several different services which can be used to maintain and ensure the security of the cloud infrastructure.

About AWS Inspector

Amazon Inspector is an automated security assessment service which evaluates the security loopholes in deployed resources, per the compliance in the Amazon cloud. AWS Inspector is a very important security assessment service, as it generates automatic reports with detailed findings on the selected resources. It prioritizes the vulnerabilities according to their severity level, making it simple to understand which pieces of software need to be patched immediately.

In this article, we will try to understand how AWS Inspector communicates with the EC2 instances to assess the servers. We will also learn to configure the AWS inspector to operate automatically.

Before we start, I would like to mention that this is not a penetration testing tool because penetration testing specifically breaks the system from the outside. AWS inspector, by comparison, is a process in which we install an agent in all the EC2 instances which will then check all the vulnerabilities internally and provide a detailed report with suggested mitigations.