What is Amazon Inspector?

With the ever-increasing threat of attacks against the integrity, confidentiality, and availability of your data within your organization, the need to ensure strict security procedures and processes is paramount, and learning how to use Amazon Inspector is key.

AWS offers a wide range of security services to help you achieve the level of security that you need to enforce within your environment, and the Amazon Inspector service is just one of those that can help.

This service is used to help you find security vulnerabilities within your EC2 instances and any applications running on them, during any stage of development and deployment.

With its ability to automatically detect known and common security issues across a range of rules of compliance, Amazon Inspector can also provide details on how to remediate these potential weaknesses in your infrastructure. This makes the service a key asset within your security toolset.

This course looks at what the service is and does, and how it does it by going into detail about all components involved. Demonstrations will also be provided in its configuration.

Course Lectures

  • What is Amazon Inspector?: This lecture explains at a high level what Amazon Inspector is and why you may want to use it
  • Components of Amazon Inspector: This lecture defines the main components of the service and how these fit together
  • Demonstration: How to Configure Amazon Inspector: This demonstration shows how to get started and how to configure the service
  • Demonstration: Working with findings: This lecture demonstrates how to view the different Amazon Inspector findings following an assessment
  • Integration with CloudWatch & CloudTrail: This lecture explains how Amazon Inspector can be monitored with CloudWatch and CloudTrail
  • Service Limitations and Costs: This lecture explains the limitations of the service in addition to how costings are calculated
  • Summary: This lecture summarizes points learned from the previous lectures within the course

Hello and welcome to this lecture, where I answer the question of what Amazon Inspector is and does, and why you may want to use it. Amazon Inspector is a managed service that is used to help you find security vulnerabilities within your EC2 instances and any applications running on them during any stage of development and deployment.

This is automatically achieved for a series of assessments against specified resources, based on hundreds of best practices and known security weaknesses. Covering common vulnerabilities and exposures; The CVE is a publicly known reference list of security threats that are well documented.

Center for Internet SecurityBenchmarks. These benchmarks are continuously refined, and are used as global standards for best practices for protecting data and IT resources.

Security best practices, which look for weaknesses in common security best practices, and Runtime Behavior Analysis, which looks at the behavior of your EC2 instances during an assessment.

On assessment completion, a detailed assessment report can be produced which will highlight all of the findings, including any threats allowing you to make the necessary changes to resolve any security and compliance issues.

The Amazon Inspector service is agent based, meaning it requires software agents to be installed on any EC2 instances you want to assess. This makes it an easy service to be configured and added at any point to existing resources already running within your AWS infrastructure. This helps Amazon Inspector to become a seamless integration with any of your existing security processes and procedures as another level of security.

Through a level of customization of the vast knowledge base of best practices and vulnerabilities that is constantly updated that Amazon Inspector can call upon, you are able to select which packages are best for your use case, fitting into your own standards that your resources must adhere to. This allows you to customize the security for your environment, and ensures that any specific security loopholes are identified and addressed immediately.

Amazon Inspector records it's assessments, which makes this a great service to present findings to auditors who may require to see evidence of security compliance and adherence to specific government controls.

Maintaining these records and reports helps you to maintain compliance that you may need for certifications such as PCI. So now we know at high level what the service is used for, why would we use the service? In the industry today we hear more and more about how the level of attacks and sheer quantity of hacking into small and large enterprise infrastructure in the attempt to steal and manipulate data is rising. New methods of cyber security attacks are being devised and as a result, new methods of prevention have to follow suit.

In a traditional data center deployment, most organizations have a level of intrusion detection and prevention plus monitoring systems in place at different levels within their infrastructure. However, not everyone has the same within the cloud. Security as a topic within the cloud is still the number one reason that prevents businesses from adopting the cloud. Much of this can be identified due to the lack of understanding, the correct skillset, and compliance.

AWS invests a huge amount of capital into security, and as a result, more and more security services and tools are being made available to us as customers, which is what spawned the creation of Amazon Inspector.

By using the Amazon Inspector service, we gain confidence in the level of security built into our applications and services due to the configurable assessments that we can run. The level of confidence not only benefits your organization, but your customers too. Having your service cross-checked for security compliance, threats, and vulnerabilities, ensures a reduction of attacks that your customer may be exposed to.

As you can see, this service offers some amazing benefits when looking at security compliance and reduction of exposure attack points within your infrastructure. Traditionally, to implement, manage, operate, and analyze your infrastructure resources and applications for these threats and best practices, would be difficult and take a very particular security focused skillset. This skillset, along with the systems and applications to implement such a service would come at a high cost to your business. The talent and budget may not be there for many organizations for this to happen. Thankfully, Amazon Inspector offers a solution that is lower in cost than that of a traditional solution.

As your organization grows, Amazon Inspector scales with it through the use of it's agents. This allows repeatable and automated assessments to take place. With easy to understand assessment reports, it removes the highly skilled resource, that may have been required traditionally, to dissect and implement the necessary fix to resolve any findings.

That now brings us to the end of this lecture. Coming up next, I'm going to look at the service in greater detail, identifying the components used.

About the Author
Learning Paths

Stuart has been working within the IT industry for two decades covering a huge range of topic areas and technologies, from data center and network infrastructure design, to cloud architecture and implementation.

To date, Stuart has created 150+ courses relating to Cloud reaching over 180,000 students, mostly within the AWS category and with a heavy focus on security and compliance.

Stuart is a member of the AWS Community Builders Program for his contributions towards AWS.

He is AWS certified and accredited in addition to being a published author covering topics across the AWS landscape.

In January 2016 Stuart was awarded ‘Expert of the Year Award 2015’ from Experts Exchange for his knowledge share within cloud services to the community.

Stuart enjoys writing about cloud technologies and you will find many of his articles within our blog pages.