Amazon Inspector
Automated and continual vulnerability management at scale
Overview
Amazon Inspector automatically discovers workloads, such as Amazon EC2 instances, containers, and Lambda functions, and scans them for software vulnerabilities and unintended network exposure.
Benefits
Detect Software Vulnerabilities
Detect software vulnerabilities and unintended network exposure in compute workloads such as Amazon EC2, Amazon Lambda functions, and container images in Amazon ECR and within continuous integration and continuous delivery (CI/CD) tools, in near-real time.
Manage SBOM Exports Centrally
Incorporate security earlier in the development cycles and centrally manage software bill of materials (SBOM) exports for all monitored resources.
Prioritize Remediation
Use the Amazon Inspector risk score to prioritize remediation reducing mean time to remediate (MTTR).
Maximize Vulnerability Assessment Coverage
Seamlessly scan EC2 instances switching between agent-based and agentless scanning
How It Works
Amazon Inspector is an automated vulnerability management service that continually scans compute workloads for software vulnerabilities and unintended network exposure.
Use Cases
Quickly Discover Zero-Day Vulnerabilities in Compute Workloads
Automate discovery, expedite vulnerability routing, and shorten MTTR with over 50 sources of vulnerability intelligence.
Prioritize Patch Remediation
Use current common vulnerabilities and exposures (CVE) information and network accessibility to create contextual risk scores to prioritize and resolve vulnerable resources.
Meet Compliance Requirements
Support compliance requirements and best practices for NIST CSF,PCI DSS, and other regulations with Amazon Inspector scans.
Shift Security Earlier in Development Cycle
Embed vulnerability scanning in your developer tools and export a consolidated SBOM for monitored resources.