Amazon Inspector is a security assessment service for your Amazon EC2 instances and the applications running on those instances. Pricing is based on two dimensions, the number of EC2 instances included in each assessment, and the type(s) of rules package you select. An Inspector assessment can have any combination of two rules package types - host assessment rules packages and/or the network reachability rules package. Host assessment rules packages include Common Vulnerabilities and Exposures (CVE), Center for Internet Security (CIS) benchmarks, Security Best Practices, and Runtime Behavior Analysis. If your assessments include both host rules packages and the network reachability rules package, you will be billed for both separately.

With Amazon Inspector, there are no upfront investments required, no additional software licenses or maintenance fees, and no need to purchase expensive hardware. Flexible pricing based on assessment type and the number of instances included in each assessment is ideal for applications deployed in the cloud. You only pay for what you use, and it provides the flexibility to support popular dynamic use cases like continuous deployment or auto scaling, where per-host or per-IP licensing models can be difficult to manage due to dynamic changes in your cloud environment.


Free Trial

Accounts that have never run an Amazon Inspector assessment are eligible for 250 agent-assessments with host rules packages and 250 instance-assessments with the network reachability rules package at no cost during your first 90 days. All other agent-assessments and instance-assessments will be billed at the pricing tiers in the pricing details tables below.

Pricing for the network reachability rules package

Amazon Inspector assessments with the network reachability rules packages are priced per instance per assessment (instance-assessment) per month. For example, if you run 1 assessment against 1 instance, that is 1 instance-assessment. If you run 1 assessment against 10 instances, that is 10 instance-assessments. The pricing starts at $0.15 per instance-assessment per month with volume discounting to achieve as low as $0.04 per instance-assessment per month.

Free Trial Details

First 90-days Using Amazon Inspector
Per Instance-assessment Price
First 250 instance-assessments
$0.00

Pricing Details

In a Given Month
Per Instance-assessment Price
First 250 instance-assessments
$0.15
Next 750 instance-assessments $0.13
Next 4,000 instance-assessments $0.10
Next 45,000 instance-assessments $0.07
All other instance-assessments $0.04

Pricing for host assessment rules packages

For any combination of Common Vulnerabilities and Exposures (CVE), Center for Internet Security (CIS) benchmarks, Security Best Practices, and Runtime Behavior Analysis included in assessments

Amazon Inspector’s host assessment rules packages use an agent deployed on the Amazon EC2 Instances running the applications you want to assess. Assessments with the host rules packages are priced per agent per assessment (agent-assessment) per month. For example, if you run 1 assessment against 1 agent, that is 1 agent-assessment. If you run 1 assessment against 10 agents, that is 10 agent-assessments. The pricing starts at $0.30 per agent-assessment per month with volume discounting to achieve as low as $0.05 per agent-assessment per month.

Free Trial Details

First 90-days Using Amazon Inspector
Per Agent-assessment Price
First 250 agent-assessments
$0.00

Pricing Details

In a Given Month
Per Agent-assessment Price
First 250 agent-assessments
$0.30
Next 750 agent-assessments $0.25
Next 4,000 agent-assessments $0.15
Next 45,000 agent-assessments $0.10
All other agent-assessments $0.05

Pricing example

Consider a scenario where you have 10 Amazon EC2 instances in your assessment target with the Inspector Agent installed on each instance. During the billing period, you run one assessment that includes both host assessment rules packages (example: CVE, CIS, and security best practices) and the network reachability rules package.

In this example, you would be billed for 10 host agent-assessments and 10 network reachability instance-assessments. The Amazon Inspector charges for your account for this billing period would be:

For host assessment rules packages: 10 agent-assessments @ $0.30 per agent-assessment
For network reachability rules package: 10 instance-assessments @ $0.15 per instance-assessment
Adding them up, the Amazon Inspector bill would be $3.00 for host agent-assessments and $1.50 for network reachability instance-assessments, for a total of $4.50.

Additional pricing resources

TCO Calculator

Calculate your total cost of ownership (TCO)

Simple Monthly Calculator

Easily calculate your monthly costs with AWS

Economics Resource Center

Additional resources for switching to AWS

Get Started with Amazon Inspector

Visit the Getting Started page
Ready to build?
Get started with Amazon Inspector
Have more questions?
Contact us