Posted On: Nov 29, 2021
The new Amazon Inspector is a vulnerability management service that continually scans AWS workloads for software vulnerabilities and unintended network exposure is generally available, globally. Amazon Inspector has been completely rearchitected to automate vulnerability management and deliver near real-time findings to minimize the time to discover new vulnerabilities.
With the new Amazon Inspector you can now enable the service across your organization with a single click. Once enabled, Inspector automatically discovers all of your workloads and continually scans them for software vulnerabilities and unintended network exposure. Now that Inspector supports Amazon Elastic Container Registry (ECR), you gain a consolidated view of vulnerabilities across your Amazon EC2 instances and container images residing in ECR. Inspector now uses the widely-adopted Amazon Systems Manager (SSM) agent for EC2 vulnerability scanning. To intelligently prioritize vulnerability findings, the new Inspector introduces a highly contextualized Inspector risk score by correlating vulnerability information with environmental factors. The Inspector findings are also routed to Amazon Security Hub and pushed to Amazon EventBridge to automate with partner solutions to reduce mean time to resolution (MTTR).
“The new Amazon Inspector made it easy to adopt a cloud vulnerability management solution for our diverse AWS instances. By leveraging our already in use Systems Manager agents with Inspector, we automated continuous remediation and simplified operations with one-click onboarding, centralized controls, and operational visibility.”, Oliver Szimmetat, Security Engineering Manager II, Uber, “Additionally, Inspector’s auto trigger capability identifies recommended patches in near-real time. After patching, Inspector automatically rescans instances verifying that no new vulnerabilities were introduced. The use of Inspector has drastically reduced the mean time to remediate for Uber.”
Volkswagen Financial Services
“The new Amazon Inspector made it very easy for us to adopt a vulnerability management solution to support our software patching program and to detect vulnerabilities that could lead to unauthorized AWS access.”, said Stefan Klünker and Crispin Weißfuß, Global AWS Platform Owners, Volkswagen Financial Services, “Enabling the service to scan both our EC2 and ECR environments for software vulnerabilities was made seamless using CloudFormation. In addition, since Inspector is integrated with AWS Organizations, our 1300+ existing and newly added accounts are automatically onboarded to the service. Inspector discovers all our workloads, continually scans them, consolidates a prioritized list of findings in its console, and it reduces our mean time to remediate with near-immediate notifications of new critical vulnerabilities. Furthermore, the Amazon EventBridge integration enables us to quickly inform development teams about the resources with critical vulnerabilities.”
"We have a dynamic AWS environment, with new accounts, configurations, and resources added and removed on a regular basis,” said Paul Clarke, Head of Security at Canva. “Historically, this made it a challenge to ensure we are continuously assessing all resources for vulnerabilities, requiring multiple products with a high maintenance overhead. The new Amazon Inspector helps address this problem, supporting vulnerability scanning for both EC2 instances and containers. Since Inspector integrates with AWS Organizations, all our existing and new accounts are also immediately using the service. The service discovers all our workloads, continually scans them using data from multiple vulnerability notification sources, consolidates a prioritized list of findings in its console, and allows us to focus on vulnerability remediation, rather than managing multiple discovery tools and configurations.”
Amazon Inspector has partnered with Snyk to receive additional vulnerability intelligence for its vulnerability database. Many AWS Security ISV Partners have integrated their products to further help customers operationalize Inspector findings, including Axonius, Cavirin, FireEye, IBM Security, Palo Alto Networks, Rezilion, Sophos, SumoLogic, Vulcan Cyber, Wiz and XM Cyber*.* Additionally, AWS Level 1 MSSP Partners such as Cloudhesive, Deloitte offer their customers a service to manage Inspector findings.
Amazon Inspector is now generally available globally across 19 commercial regions, Asia Pacific (Singapore), Asia Pacific (Sydney), Europe (Ireland), US East (N. Virginia), US East (Ohio), US West (Oregon), Asia Pacific (Hong Kong), Asia Pacific (Tokyo), Asia Pacific (Seoul), Asia Pacific (Mumbai), Canada (Central), Europe (Frankfurt), Europe (Stockholm), Europe (Milan), Europe (London), Europe (Paris), Middle East (Bahrain), South America (Sao Paulo), US West (N. California). Visit the AWS Regional Services list for details. CloudFormation support will be coming soon. All accounts can scan their environment for vulnerabilities with a free 15-day trial of the new Amazon Inspector.