Posted On: Apr 19, 2023

Amazon Inspector now supports deep inspection of EC2 instances when the continual EC2 scanning feature is activated. With this expanded capability, Inspector now identifies software vulnerabilities in application programming packages including Python, Java, and Node.js packages in addition to operating system packages. Inspector discovers these application programming packages installed in default directory paths, and also allows customers to provide additional custom directory paths for Inspector discovery. This feature is activated by default for all new customers, and existing customers can activate this feature across their organization with a single click in the console. Deep inspection of EC2 instances is offered at no additional cost to Inspector customers.

Amazon Inspector is a vulnerability management service that continually scans AWS workloads for software vulnerabilities and unintended network exposure across your entire AWS Organization. Once activated, Amazon Inspector automatically discovers all of your Amazon Elastic Compute Cloud (EC2) instances, container images in Amazon Elastic Container Registry (ECR), and AWS Lambda functions, at scale, and continuously monitors them for known vulnerabilities, giving you a consolidated view of vulnerabilities across your compute environments. Amazon Inspector also provides a highly-contextualized vulnerability risk score by correlating vulnerability information with environmental factors such as external network accessibility to help you prioritize the highest risks to address.

Visit the AWS Regional Services list for all the regions where Amazon Inspector is currently available. All accounts can scan their environment for vulnerabilities with a free 15-day trial.

To learn more and get started with continual vulnerability scanning of your workloads, visit: