Amazon Inspector

aws/security aws/assessment aws/service

💡 Definition

Amazon Inspector is an automated vulnerability management service that continuously scans AWS workloads for software vulnerabilities and unintended network exposure.

🔑 Key Concepts

⚙️ How it Works

  1. Enable Inspector: You enable it with a single click in the AWS console.
  2. Scan Resources: Inspector automatically discovers and begins scanning your supported resources. It uses the Systems Manager Agent (SSM Agent) for EC2 instances.
  3. Generate Findings: It generates detailed findings that describe the vulnerability, the affected resource, and remediation recommendations. Findings are prioritized by severity.

🎯 Use Cases

💰 Pricing Model

📝 Exam Tips (CLF-C02)


See Also: * EC2 * AWS Trusted Advisor * Systems Manager