Software Solution Partners

Axonius

Axonius

The Axonius platform provides hundreds of adapters (pre-built API connections) to deliver a comprehensive asset inventory, identify attack surface coverage gaps, and validate security controls and policies. The Axonius Platform ingests Amazon Inspector findings using a dedicated AWS adapter. Amazon Inspector findings can be viewed alongside other correlated data sources to help with vulnerability prioritization and management. When assets contain vulnerabilities or deviate from desired states, customers can automate enforcement actions and notifications to reduce risk.

Cavirin

Cavirin

Cavirin offers a Hybrid Cloud Security & Compliance Posture Management platform with diversified frameworks in practice for cloud infrastructure, such as CIS, NIST, HIPAA, PCI, and GDPR. With the Amazon Inspector integration, Cavirin helps create a mitigation plan for the Amazon Inspector findings. The Cavirin product contributes to the security posture of the AWS cloud environment in many ways. It presents the Amazon Inspector finding details in a vulnerability portal, prioritizes vulnerabilities identified in the AWS resources/instances that can impact the security posture of the AWS cloud environment, lists the top resources/instances with vulnerabilities, integrates vulnerability management to ticketing management systems, and performs a run-time assessment of identified vulnerabilities by Amazon Inspector.

FireEye

FireEye

FireEye Helix, an AWS SaaS security operations platform, ingests Amazon Inspector findings to provide vulnerability and risk context for detection, visibility, and threat hunting activities. FireEye Helix ingests Amazon Inspector findings to identify Amazon EC2 and Amazon ECR vulnerabilities, and correlates this data with data from over 600 different security and business applications. The data is used to establish normal behavior and alert on deviations that may suggest insider threats, lateral movement, or other suspicious activity. This allows customers to prioritize incidents and vulnerabilities to rapidly move from alert to fix.

IBM Security

IBM Security

IBM Security QRadar integrates Amazon Inspector findings into an analytics platform that enables security teams to gain comprehensive visibility and insights into risk across hybrid environments.  QRadar, a security information and event management platform, integrates with a broad range of AWS services and includes advanced rules, reports, and dashboards, so that teams can easily visualize and prioritize threats wherever and whenever they occur. Amazon Inspector findings, including the latest vulnerabilities and risk scores, are correlated with events across networks, users, and cloud to provide a consolidated view of actionable insights across distributed environments. This prioritized view of findings enables teams to address critical vulnerabilities while delivering faster, more accurate risk mitigation.

Palo Alto Networks

Palo Alto Networks

Prisma Cloud for Amazon Web Services offers cloud-native security and compliance assurance throughout the entire development lifecycle. Prisma Cloud by Palo Alto Networks helps protect AWS environments with comprehensive cloud security posture management with full support for the CIS AWS Foundation Benchmark, as well as cloud workload protection for hosts, containers, and serverless throughout all phases of your cloud adoption journey. Prisma Cloud ingests Amazon Inspector vulnerability data, security best practice deviations, and security assessments of applications deployed on AWS to provide organizations with risk visibility and better compliance.

Rezilion

Rezilion

Rezilion Validate helps Amazon Inspector customers identify and manage vulnerabilities while increasing development agility. The solution validates detected vulnerabilities to determine their exploitability. Customers can continuously assess EC2 instances and container images pushed to Amazon Elastic Container Registry for software vulnerabilities, and get automated recommendations for the most efficient remediation paths based on aggregated and validated data to make informed decisions and take action faster. Validate helps focus remediation efforts on exploitable vulnerabilities and avoid patching false-positives that are not loaded into memory and therefore pose no risk. Validate catches vulnerabilities before they become potential issues in production environments, so developers know their true risk surface across the contious integration and delivery pipeline. Empowered with this knowledge, DevOps can maintain release velocity by failing fewer builds.

SentinelOne

SentinelOne

SentinelOne integrates with Amazon Inspector to provide unified visibility of vulnerabilities and misconfigurations within AWS infrastructure. SentinelOne ingests Amazon Inspector findings from Amazon EventBridge and correlates against logs from additional security and DevOps data sources. SentinelOne’s integration with Amazon Inspector provides global visibility of vulnerabilities and operational dashboards to visualize applications with concerns to trigger response actions and isolate vulnerable workloads.

Sophos

Sophos

Sophos incorporates Amazon Inspector findings into a single view of AWS cloud security posture. Sophos combines AWS security services, including Amazon GuardDuty, AWS CloudTrail, and AWS Security Hub, alongside configuration assessments, IAM role anomaly detection, and firewall and workload protection solutions to provide customers threat detection and response capabilities. Customers benefit from a prioritized view of compliance and security posture with integrated Amazon Inspector vulnerability findings to identify and prevent exposure. Sophos XDR adds context to Amazon Inspector findings by overlaying telemetry from workload protection agents and network access configurations, such as exposed ports, to identify and block potentially harmful access attempts to prevent breaches. Sophos takes the weight of 24/7 monitoring and response off customers' shoulders.

Sumo Logic

Sumo Logic

The Sumo Logic security intelligence portfolio includes a threat protection solution for security-focused customers that reduces security blind spots across multi-cloud and on-premises sources to identify issues before they become incidents. The platform allows teams to monitor, detect, search, and investigate security incidents with threat benchmarking and analytics. Utilizing Sumo Logic Cloud SIEM, security operations center teams can automatically triage alerts, detect threats, and perform threat hunting investigations. Sumo Logic allows customers to ingest a diverse array of firewall, database, identity/access, and content delivery network data to gain increased visibility when monitoring and analyzing cloud and on-premises data. Analytics capabilities are designed specifically for security teams to be able to prioritize, investigate, and respond to active security incidents. The Sumo Logic integration with Amazon Inspector gives customers the ability to process, analyze, and visualize real-time security scan results.

Vulcan Cyber

Vulcan Cyber

Vulcan Cyber offers customers a security management platform built to help businesses reduce risk through measured and orchestrated AWS security campaigns. Vulcan Cyber integrates with Amazon Inspector by ingesting vulnerability findings to provide a consolidated, prioritized view into your AWS cyber risk posture. Vulcan Cyber is then used to coordinate actionable mitigation campaigns for customers' AWS environments with any other IT, application, or cloud surface. With this integration, cloud security teams are able to filter and prioritize vulnerabilities, as well as create remediation campaigns and automated playbooks based on Amazon Inspector findings.

Wiz

Wiz

Wiz uses an agentless API-based approach to help increase the security of customers' AWS deployment that takes minutes to set up by scanning cloud platform configurations and workloads, such as virtual machines, containers, and serverless. This approach provides a prioritized security assessment of the cloud environment. By connecting Amazon Inspector to Wiz via AWS Security Hub, Wiz correlates these findings with that assessment. Customers gain actionable, prioritized, and contextually rich security insights.

XM Cyber

XM Cyber

The XM Cyber Attack Path Management platform integration with AWS Inspector identifies cyber exposures and vulnerabilities, and prioritizes high impact risks. The discovery is done across AWS customers' EC2 Instances by adding the adversarial context layer from XM Cyber. This continuous attack telemetry and attack surface context delivers quick results on what to fix first by prioritizing risks and critical assets to provide the next generation in vulnerability management.

Managed Service Partners

CloudHesive

CloudHesive

CloudHesive’s managed security service provider (MSSP) practice utilizes Amazon Inspector findings to automatically discover and protect managed compute instances and managed container repositories by identifying vulnerable software and configurations on-instance, in-image, and vulnerable configurations within customers' AWS accounts. Out of compliance and vulnerable resources findings are routed into CloudHesive’s MSSP platform where they are triaged, escalated, and remediated (with automation, where possible). The service helps customers reduce coverage gaps and decrease time-to-remediation. Auto-resolved events are aggregated and reported, and events requiring intervention/coordination with customers are managed via the MSSP team, providing 24x7x365 coverage with SLA-driven response and resolution times.

Deloitte

Deloitte

Deloitte’s Cyber Cloud Managed Services (CMS) is an AWS Level 1 MSSP Competency-designated cloud managed security solution that enables clients to accelerate their development in AWS by covering identity, data protection, network/infrastructure security, logging/monitoring, and incident response. Cyber CMS is deployed to client environments through infrastructure-as-code and integrated with the CMS SIEM for 24/7 monitoring of the client’s security capability selection. As part of the strategy to secure the deployment supply chain, Amazon Inspector is leveraged as a part of the network and infrastructure capability. Amazon Inspector is used as the EC2 and container image vulnerability scanning solution, using its AWS Security Hub integration to forward findings to the CMS SIEM. Vulnerability findings are prioritized by severity and alerted to customers when the recommended remediation time frame has passed. Cyber CMS also integrates AWS CodePipeline with Amazon Inspector to scan images in the build phase, allowing customers to remediate vulnerabilities early in development.

Vulnerability Feed Partners

Snyk

Snyk

Snyk, an AWS Security Competency Partner, helps AWS customers deliver secure applications deployed on AWS public cloud and AWS GovCloud. Snyk is a source of vulnerability intelligence for the Amazon Inspector service, helping security teams improve accuracy of transient dependency vulnerabilities by enriching findings, and helping practitioners prioritize the management of security issues to avoid impacting production workloads. The Snyk Intel Vulnerability Database is maintained with hand-curated content and enriched meta-data, and identifies vulnerable functions as well as known exploit maturity with a Common Vulnerability Scoring System score and vector assigned to 100% of vulnerabilities. Snyk’s proprietary research, combined with community-powered databases, such as RubySec, Friends of PHP, RustSec, and several others, allows Snyk to discover and disclose new vulnerabilities in the open source ecosystem in a timely and accurate manner, helping users prioritize vulnerability remediation based on accurate data and low false positives ratio.

Next Steps

Find an AWS Partner »

Contact partners directly using our form to get started on your cloud journey.
 

Contact AWS Partner Sales »

Contact AWS Partner Sales to get help finding and contacting the right partner for your business needs.

Learn more about the APN »

Learn about the AWS Partner Network, their deep level of expertise, and the partners available for services, products, and solutions.

Become an AWS Partner »

APN Programs support the unique business models of APN members by providing with increased prominence and additional support.

Become an Amazon Inspector Partner

To become an Amazon Inspector Partner you must have joined the AWS ISV Partner Path and have a product that has earned the “Reviewed by AWS” badge by completing an AWS Foundational Technical Review with Amazon Inspector.

If you have a qualified security solution and are interested in becoming an Amazon Inspector Partner, please send an email to inspector-partner@amazon.com with your company and product(s) names and contact information.

To get started, review customer use cases, implementations, API documentation, and download our onboarding documents in Amazon Inspector Resources.