The AWS re:Invent keynote session by Andy Jassy (Senior VP, AWS) on Day 1 comprised of announcements about the new services and enhancements in some of the existing ones. In this blog, I am going to talk about one of the new services- Amazon Inspector.
What is Amazon Inspector?
Amazon Inspector is an automated security assessment service which identifies the potential security and compliance vulnerabilities in the applications running on AWS. This may be beneficial as a lot of organizations may not have dedicated personnel or staff to identify security vulnerabilities or they might have been overlooked some while testing.
Why is it required?
Security is one of the main concerns for organizations whether they are moving to cloud or are already using it. Inspector helps to improve the overall application security by examining it when an application is in production or is being developed. It also helps in adhering to an organization’s security standards and uses AWS’s Security Expertise where the security best practices and rules are constantly being updated by AWS, so one gets the best of both the worlds.
How it works?
Amazon Inspector performs an assessment and generates a report containing steps for remediation. In order to use this service, one needs to define the collection of AWS resources that makes up the application to be tested. This is followed by creating and running the security assessment of that application. One can also define the duration of that assessment which can vary from 15 minutes to 1, 8 or 12 hours or can last for 1 day. There is an Inspector Agent running on the EC2 machines hosting the application which monitors the network, file system and process activity. After collecting all the required data, it is compared with the built in security rules to identify security or compliance issues. The initial version of Inspector will be having the following rules:
- Common Vulnerabilities and Exposures
- Network Security Best Practices
- Authentication Best Practices
- Operating System Security Best Practices
- Application Security Best Practices
- PCI DSS 3.0 Assessment
Image Source: AWS Website
Inspector can be accessed from the AWS Console, API or CLI. One can sign up for the preview from here. Stay tuned to CloudThat blog for more updates on Amazon Inspector and other services.