AWS Re-launches Amazon Inspector To Find Software Vulnerabilities
3 minute read | Last updated 29-Nov-2021 | 
AWS, Cloud, Security
AWS re-launches a dramatically improved Amazon Inspector, a software vulnerability discovery/management service.
The idea behind these types of services is to scan your servers and containers before they reach production to identify known vulnerabilities so that you are aware of them and can mitigate them appropriately.
Notice I said “mitigate” not “patch”. Patching is just one of many possible mitigations.
Amazon Inspector launched in 2015 and a lot has changed since then. This is a much needed upgrade to the service that should help builders identify these issues with the minimal amount of effort possible.
This π Twitter thread highlights some of the details of the launch…
this is HUGE!
https://www.youtube.com/watch?v=wi1PDr9n67Y&feature=youtu.be
π§΅βοΈ #cloud #security
@marknca tweeted at 29-Nov-2021, 20:52
Tweet 2/11 π Next tweet π Start
Inspector has always been better, but now it’s a lot more user friendly
π§΅βοΈ #cloud #security
@marknca tweeted at 29-Nov-2021, 20:52
Tweet 3/11 π Next tweet π Start
<< no more set time period assessments & super delayed results…if you remembered to scan at all
the service now just bubbles up findings == awesome
π§΅βοΈ #cloud #security
@marknca tweeted at 29-Nov-2021, 20:52
Tweet 4/11 π Next tweet π Start
the service leverages that to find EC2 instances as well as ECR repos
π§΅βοΈ #cloud #security
@marknca tweeted at 29-Nov-2021, 20:52
Tweet 5/11 π Next tweet π Start
π§΅βοΈ #cloud #security
@marknca tweeted at 29-Nov-2021, 20:52
Tweet 6/11 π Next tweet π Start
enabling Inspector was a pain. I β€οΈ to be able to say that, “was”
critical improvement for adoption
π§΅βοΈ #cloud #security
@marknca tweeted at 29-Nov-2021, 20:52
Tweet 7/11 π Next tweet π Start
<< again, that greatly simplifies adoption
π§΅βοΈ #cloud #security
@marknca tweeted at 29-Nov-2021, 20:52
Tweet 8/11 π Next tweet π Start
most vulnerability discovery/management services use the CVE/CVSS score to assess risk but that lacks context
it’s a start…but only a start
π§΅βοΈ #cloud #security
@marknca tweeted at 29-Nov-2021, 20:52
Tweet 9/11 π Next tweet π Start
<< no more routing events through another service. I mean, it still happens behind the scenes but if it’s behind the scenes, I can safely ignore
π§΅βοΈ #cloud #security
@marknca tweeted at 29-Nov-2021, 20:52
Tweet 10/11 π Next tweet π Start
π§΅βοΈ #cloud #security
@marknca tweeted at 29-Nov-2021, 20:52
Tweet 11/11 π Next tweet π Start
this is GA now
the launch blog is up at https://aws.amazon.com/blogs/aws/improved-automated-vulnerability-management-for-cloud-workloads-with-a-new-amazon-inspector/
/ π§΅βοΈ
@marknca tweeted at 29-Nov-2021, 20:52
