Virtual Event: Threat Detection and Incident Response Summit - Watch Sessions
Connect with us

Hi, what are you looking for?



Amazon Launches Security and Compliance Analysis Tool for AWS

Amazon this week released a preview of Amazon Inspector, a new tool designed to analyze the behavior of applications deployed on its Amazon Web Services (AWS) to help identify potential security issues.

Amazon this week released a preview of Amazon Inspector, a new tool designed to analyze the behavior of applications deployed on its Amazon Web Services (AWS) to help identify potential security issues.

AWS users can use the tool to discover security vulnerabilities and instances where developers do not follow best practices in their web applications. The solution was designed to work on an application-by-application basis, and allows users to define a collection of AWS resources that make up their app, after which they can create and run the application’s security assessment.

Amazon Inspector The AWS resources such as EC2 instances are identified by tags, and users can also define duration (minutes, hours, days) when creating the assessment, Jeff Barr, Chief Evangelist for the Amazon Web Services, explains in a blog post. The Inspector analyzes the compliance with various regulations and seeks for vulnerabilities within the application.

Barr also explains that, during the assessment, network, file system, and process activity are monitored by an Inspector Agent running on each EC2 instances or the application. The agent also gathers information on the communication with AWS services, use of secure channels, and network traffic between instances, to create a comprehensive overview of the application and its security or compliance flaws.

After collecting data, the Amazon Inspector analyzes and compares it to built-in security rules such as checks against best practices, common compliance standards, and vulnerabilities. According to Amazon, the database of security best practices and rules is constantly updated as new vulnerabilities and best practices are discovered.

Initially, the Amazon Inspector will include six rules, including Common Vulnerabilities and Exposures, Network Security Best Practices, Authentication Best Practices, Operating System Security Best Practices, Application Security Best Practices, and PCI DSS 3.0 Assessment.

The Inspector generates report of any vulnerability or compliance issues discovered during the assessment and prioritizes steps for remediation. Additionally, users are offered access to a knowledge base of rules on common security compliance standards and vulnerability definitions.

Advertisement. Scroll to continue reading.

The Amazon Inspector preview is available through the AWS Management Console, AWS Command Line Interface (CLI), or APIs. The tool also is fully integrated with AWS CloudTrail, providing auditors with visibility into the performed tests and their results.

Written By

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

SecurityWeek’s Threat Detection and Incident Response Summit brings together security practitioners from around the world to share war stories on breaches, APT attacks and threat intelligence.


Securityweek’s CISO Forum will address issues and challenges that are top of mind for today’s security leaders and what the future looks like as chief defenders of the enterprise.


Expert Insights

Related Content


Less than a week after announcing that it would suspended service indefinitely due to a conflict with an (at the time) unnamed security researcher...

Data Breaches

OpenAI has confirmed a ChatGPT data breach on the same day a security firm reported seeing the use of a component affected by an...

Risk Management

The supply chain threat is directly linked to attack surface management, but the supply chain must be known and understood before it can be...


The latest Chrome update brings patches for eight vulnerabilities, including seven reported by external researchers.


Patch Tuesday: Microsoft warns vulnerability (CVE-2023-23397) could lead to exploitation before an email is viewed in the Preview Pane.


Apple has released updates for macOS, iOS and Safari and they all include a WebKit patch for a zero-day vulnerability tracked as CVE-2023-23529.

IoT Security

A group of seven security researchers have discovered numerous vulnerabilities in vehicles from 16 car makers, including bugs that allowed them to control car...

Application Security

Drupal released updates that resolve four vulnerabilities in Drupal core and three plugins.