- CheckMates
- :
- Products
- :
- CloudMates Products
- :
- CNAPP
- :
- AWS Inspector (security assessment service) - Best...
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Are you a member of CheckMates?
×- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
AWS Inspector (security assessment service) - Best Practice
Do you know if all of your EC2 instances are scanned regularly by AWS inspector?!
You can add to your Dome9 policy a rule that will check it automatically for you.
The best practice would be to run AWS Inspector at least once a week.
With the following simple GSL rule, you can make sure that Inspector runs at least once every 30 days on all instances, and if it doesn’t you will immediately know about it.
Instance should have scanners.scans contain [source = 'Inspector' and startTime after(-30, 'days') and state in ('COMPLETED') ]
Amazon Inspector is an automated security assessment service which evaluates the security loopholes in deployed resources, per the compliance in the Amazon cloud. AWS Inspector is a very important security assessment service, as it generates automatic reports with detailed findings on the selected resources. It prioritizes the vulnerabilities according to their severity level, making it simple to understand which pieces of software need to be patched immediately.
For more information about AWS inspector click here
For Dome9 Cloud Security Posture Repository click here