Post

AWS - Security - AWS Inspector (EC2)

Posted
By Grace L
1 min read

[toc]

AWS Inspector what’s wrong > vulnerabilities for EC2

Screen Shot 2020-07-13 at 21.49.29

  • automated security assessment service

  • assesses applications for exposure, vulnerabilities, and deviations from best practices

  • analyze the behavior of the resources and identify potential security issues
    • Analyzes the VPC encironment for potential security issuse.
    • identify EC2 instances for common security vulnerabilities.
    • asses EC2s for vulnerabilities or deviations from best practices.

  • helps improve the security and compliance of applications deployed on AWS.

  • Inspector uses a defined template and assesses the environment.
    • Providees the findings and recommends steps to resolve any potential security issues found.
    • define a collection of resources to include in the assessment target
    • then create an assessment template to launch a security assessment run of that target.
    • analyze EC2 instances against pre-defined security templates

      to check for vulnerabilities

  • Results is a detailed list of the security findings/issues prioritized by level of severity!
    • The name of the assessment target, which includes the EC2 instance where this finding was registered
    • The name of the assessment template that was used to produce this finding
    • The assessment run start time, end time, and status
    • The name of the rules package that includes the rule that triggered this finding
    • The name of the finding
    • The severity level of severity of the finding
    • The description of the finding
    • prioritized steps for remediation
    • findings can be reviewed directly or as part of detailed assessment reports which are available via the Amazon Inspector console or API.
  • Amazon Inspector includes a knowledge base with hundreds of rules
    • Use rules packages to evaluate an application
    • mapped to common security compliance standards and vulnerability definitions
      • whether remote root login is enabled
      • whether vulnerable software versions are installed.
      • check for unintended network accessibility and vulnerabilities on EC2 instances.
    • These rules are regularly updated by AWS security researchers
01AWS, CloudSecurity
AWS AWSSecurity
This post is licensed under CC BY 4.0 by the author.

Comments powered by Disqus.