Amazon Inspector is a security assessment service offered by Amazon Web Services (AWS). It is designed to help customers identify and address vulnerabilities in their Amazon Elastic Compute Cloud (EC2).
Inspector analyzes the security and compliance of an environment by conducting assessments of the applications and infrastructure. These assessments are based on a set of rules and best practices, including the Center for Internet Security (CIS) benchmark guidelines. Inspector analyzes the network configuration, system configurations, and application code to identify vulnerabilities, misconfigurations, and security best practice violations.
To use Inspector, customers simply select the resources they want to assess and specify the rules packages they want to use. Inspector then performs the assessment and generates a report with a list of findings, including the severity of each issue and recommendations for how to fix them. The report is available through the Inspector console or can be downloaded as a PDF.
In addition to identifying vulnerabilities, Inspector also provides customers with remediation guidance to help them fix identified issues. This guidance includes detailed instructions on how to fix the issue, as well as links to relevant documentation and resources.