• AWS service for security assessment of software application
  • It runs automatic checks for security of application
  • Needed for security and compliance
  • It assesses for
    • exposure
    • vulnerabilities
    • deviations from best practices
  • Post assessment, detailed list of findings as per severity is generated
  • Access inspector by
    • Inspector Console
    • AWS SDKs
    • Inspector HTTPS API
    • AWS Command Line Tools

Important Terms

  • Inspector agent –
    • software agent installed on assessment target or EC2 instance.
    • It screens EC2 instance behavior
    • Screening includes
      • Network
      • file system
      • process activity
    • configuration data or telemetry is also collected
  • Assessment run
    • It is the process of finding security issues
    • It conducts analysis against rules, of target’s
      • configuration
      • behavior
    • Steps include
      • Collecting telemetry or configuration and behavioral data
      • Analyze collected data
      • Assess against security rules listed in assessment template
      • Generate list of findings as per severity
  • Assessment target
    • AWS resources to assess or the assessment target.
    • only EC2 instances, at present
    • Making as target, involves
      • tagging the EC2 instances with key-value pairs
      • Assess tagged EC2 instances with common keys
  • Assessment template
    • Settings or configuration for the assessment run.
    • It includes
      • Rules packages to assess assessment target
      • SNS topics to receive notifications about like assessment run states/findings
      • Tags or key-value pairs,  given to findings
      • assessment run duration
  • Finding
    • Refers to security issue noticed during assessment run
    • Can be accessed in Inspector console or API
    • Have security issue detailed description and recommendation to fix it
  • Rule
    • security check done in assessment run on assessment target
  • Rules package
    • group of rules
    • rules grouped as per level of security and security goal, to achieve
  • Telemetry
    • EC2 instance behavioral  data/configuration, etc and includes
      • network connections records
      • process creation details
Menu