How Amazon Inspector Finds Compliance and Security Issues


Jul 26, 2017

Learn how Amazon Inspector automatically improves your organization’s security and compliance posture.

It’s a full-time job keeping up with the features of Amazon’s cloud computing platform. One of the most useful tools employed by Amazon Web Services (AWS) is Amazon Inspector, which is a bot service that looks for and identifies potential compliance and security vulnerabilities on cloud servers.

Why is Amazon Inspector so important in the cloud?

As cloud-based systems and configurations become more complex, detecting compliance and security threats becomes more difficult. And because many organizations simply don’t have the resources to adequately monitor individual servers, these vulnerabilities can be overlooked.

How does Amazon Inspector work?

Amazon Inspector analyzes the behavior of applications running on AWS to help proactively identify any security issues. Inspector works on an application basis, so users begin by defining the AWS resources that make up an application. After defining these resources, you can then create and run security assessments of the application itself.

During this assessment, what Amazon refers to as an Inspection Agent will automatically monitor the file system, network, and process activity of your application. The agent will also collect critical information surrounding any communication with AWS services, as well as the network traffic between instances, use of secure channels, and similar activity. This information helps to provide Amazon Inspector with a robust picture of the application itself and flagging any security or compliance issues.

Once the data has been collected, it’s analyzed and compared to a set of pre-vetted security rules. These rules include checks against common compliance standards, as well as best practices and security vulnerabilities that are defined by the Amazon security team. These AWS team members are constantly on the lookout for new threats, which build into new rules for Amazon Inspector. The system constantly adapts and automatically applies these rules to your application architecture.

Initial Rules Used in Amazon Inspector

  • Best practices related to security
  • Common vulnerabilities
  • Runtime behavior analysis
  • CIS operating system security benchmarks

Any issues that are unearthed by Amazon Inspector are collected and provided in a comprehensive report for the cloud customer.

Learn more about Amazon Inspector

Whether you want to learn about implementing Amazon Inspector into your existing AWS architecture, or you’re just getting started with cloud computing, don’t hesitate to reach out to CloudHesive today. We’ve been proud AWS partners for years and we are well-versed in the platform’s wide array of services. Feel free to contact our team today at 800-860-2040 or through our online contact form to learn more.

Related Blogs

  • On a blue background are the letters AI in white. Superimposed over this is a robotic face wrapped with a connectivity symbol. A word bubble says can I help you." alt="">
    How AI Chatbots are Changing the Call Center Game

    With Amazon Lex Chatbots and Contact Lens, you can create tomorrow’s customer experience today. Key Takeaways: AI chatbots are revolutionizing not just call centers, but the way customer service is...

    Learn More
  • Six office workers sit at computers on opposite sides of a table in a brightly lit office." alt="">
    4 Challenges of Managing WorkSpaces at Scale and How to Solve Them

    A skills gap in IT staff and rising employee costs make managed services the right choice Key Takeaways: Research says it takes a minimum of 10 dedicated full-time IT staff members to manage DaaS...

    Learn More
  • The customer call center in an AI world." alt="">
    How Artificial Intelligence Is Reinventing the Call Center

    Today’s most important AI call center trends – is your call center ready for them?  Key Takeaways:  Learn how to improve customer service operations using automation while still providing...

    Learn More