How do I evaluate an app deployed on AWS with AWS Inspector?



What is Amazon Inspector?

Amazon Inspector is an automated security assessment service that can improve the security and compliance of applications deployed on AWS.


Amazon Inspector
Analyze EC2 instances for vulnerabilities based on predefined templates
and check for vulnerabilities based on predefined templates.


Improve security and compliance for applications deployed on AWS


Performing a security assessment with Amazon Inspector allows you to check for unintended network access to your Amazon EC2 instance and vulnerabilities on your EC2 instance.


Amazon Inspector assessments can use predefined rule packages, and these rule packages are mapped to common security best practices and vulnerability definitions.

What can I do with Inspector?

This can be used in environments where a large number of developers are developing and deploying various applications and are unsure of what security issues to look for.

Evaluation reports can be generated via the Amazon Inspector console or via the API.

Automatically assess applications for exposures, vulnerabilities, and

exposure, vulnerabilities, and deviations from best practices.

and best practices.




After setting up the evaluation target ( the collection of AWS resources to be analyzed by Amazon Inspector). Create an assessment template (a blueprint used to configure the assessment).

The template is then used to initiate the process of running, monitoring, and analyzing the evaluation and produce a set of results.