Amazon Inspector

Automated and continual vulnerability management at scale

What is Amazon Inspector?

Amazon Inspector automatically discovers workloads, such as Amazon EC2 instances, containers, and Lambda functions, and scans them for software vulnerabilities and unintended network exposure.

What is Amazon Inspector? (1:05)

Benefits of Amazon Inspector

Detect software vulnerabilities and unintended network exposure in AWS workloads such as Amazon EC2, AWS Lambda functions, and container images in Amazon ECR and within continuous integration and continuous delivery (CI/CD) tools, in near-real time.
Incorporate security earlier in the development cycles and centrally manage software bill of materials (SBOM) exports for all monitored resources.
Use the Amazon Inspector risk score to prioritize remediation reducing mean time to remediate (MTTR).
Seamlessly scan EC2 instances switching between agent-based and agentless scanning

How it works

Amazon Inspector is an automated vulnerability management service that continually scans AWS workloads for software vulnerabilities and unintended network exposure.
Amazon Inspector - How it Works

Use cases

Automate discovery, expedite vulnerability routing, and shorten MTTR with over 50 sources of vulnerability intelligence.
Use current common vulnerabilities and exposures (CVE) information and network accessibility to create contextual risk scores to prioritize and resolve vulnerable resources.
Support compliance requirements and best practices for NIST CSF, PCI DSS, and other regulations with Amazon Inspector scans.

Embed vulnerability scanning in your developer tools and export a consolidated SBOM for monitored resources.