Evaluate Weigh the pros and cons of technologies, products and projects you are considering.

What does Amazon Inspector do for cloud security?

Expert Dan Sullivan explains what benefits Amazon Web Services' new Amazon Inspector service offers in terms of assessing cloud security.

Amazon Web Services released the Amazon Inspector service for cloud security assessments. What are the benefits...

of such a tool and what is its scope?

Amazon Inspector is an information security tool that helps to detect poorly configured resources within an AWS environment. It is available in preview from AWS. Amazon Inspector is a rules-based application that examines the configuration of deployed resources within an AWS account. It includes a set of rules configured by AWS security experts that check for security vulnerabilities, such as a lack of multifactor authentication on accounts with elevated privileges or known vulnerable software versions.

Amazon Inspector can generate a report of prioritized vulnerabilities within your cloud environment. Also, with Amazon Inspector, you can define security best practices and configurations and ensure they are enforced. The service also monitors system components and identified dependencies between them. Agents can be installed on virtual machines to scan for vulnerabilities. 

Amazon Inspector can also scan applications built in AWS and report on compliance with regulatory standards, such as PCI DSS and HIPAA. Functions within the service are available programmatically through an application program interface (API). If you are interested in using Amazon Inspector, you can submit a preview request online.

Dig Deeper on Cloud Compliance: Federal Regulations and Industry Regulations

Join the conversation


Send me notifications when other members comment.

Please create a username to comment.

How could Amazon Inspector benefit your organization and its AWS assets?
One benefit I see is in helping to identify areas of our configuration and cloud infrastructure that do not adhere to our security guidelines. This was a big problem when we first started our cloud migration. Developers were bypassing established policies and IAM roles and unnecessarily (and incorrectly) elevating permissions to get the permissions needed to make the migration happen.
While it is now out of Preview, Inspector is only available in the following regions: EU (Ireland), Asia Pacific (Sydney and Tokyo), US East (N. Virginia), and US West (Oregon).