Amazon Inspector is an automated security assessment service to help improve security and compliance of applications deployed on AWS. It automatically scans workloads (like Amazon EC2 instances, containers, Lambda functions) for vulnerabilities and unintended network exposure to make your AWS infrastructure more secure.
Amazon Inspector automatically assesses applications for vulnerabilities and deviations from best practices, and produces detailed list of issues. The list is prioritized according to severity level of the threats, and the service is available via Amazon Inspector Console or API.
Some use-cases of Amazon Inspector are:
- Discovering vulnerabilities in compute workloads quickly and automatically
- Prioritize patch remediation
- Meet compliance requirements and best practices
- Identify zero-day vulnerabilities faster
It can provide assessment at each point of your deployment cycle, not just on the production. Hundreds of rules are mapped to common security best practices and vulnerability definitions, which allow you to get started with the auditing immediately.
- Amazon Inspector (AWS)