Posted On: Nov 9, 2017
Amazon Inspector is pleased to announce the addition of native severity data for the Common Vulnerabilities & Exposures (CVE), and CIS Benchmarks rule packages, along with support for security assessments on CentOS Enterprise Linux 7.4 within Amazon EC2.
Prior to this release, Amazon Inspector provided a normalized severity rating for security findings identified by Amazon Inspector. Due to the differences between the severity ratings for rule packages like CVE and CIS Benchmarks, Amazon Inspector transforms these native severities into a standardized 4 tier severity scale of High, Medium, Low, and Informational that is used for all findings regardless of rules package. We will now also expose the Common Vulnerability Scoring System (CVSS) severity and CVSS vector information associated with all CVE findings. For CIS Benchmarks, we have added the information for the CIS Benchmark Weight, which details whether the benchmark is considered as part of the scoring criteria for the hardening guideline used.
In addition to these findings data enhancements, you can now run assessments for Common Vulnerabilities & Exposures (CVE), Amazon Security Best Practices, and Runtime Behavior Analysis on the most recent version of CentOS Enterprise Linux. To run security assessments, simply install the Amazon Inspector AWS Agent on the desired CentOS-based EC2 instance, configure your assessment in the Amazon Inspector console, and run your assessment.