5 minutes
Introduction
- Automated Security Assessment
- The difference between Inspector and Guard Duty is that guard duty checks logs (using ML), while Inspector checks network, as well as services (ONLY COMPUTE SERVICES)
Inspector for EC2
- Leveraging the AWS system Manager Agent (SSM Agent)
- Analyze unintended network accessablity
Inspector for ECR
- Assessment of Container Images as they are pushed
Inspector for Lambda
- Identifies software vulnerablities in function code and package dependencies.
- Assessment of function those are deployed.
Reports finding to AWS Security Hub or AWS Event Bridge
What does the AWS Inspector Evaluate?
- Only for EC2 Instance : Container Images & Lambda functions.
- Package Vulnerablities,
- Network Reachablity
- A risk score will be associated with each infra.
