Amazon Inspector For Security Compliance
Written by Kay Ewbank   
Tuesday, 13 October 2015

Amazon has released an automated security assessment service that you can use to improve the security and compliance of applications deployed on AWS. It is currently in preview and by invitation only.


Amazon Inspector is a new service that will assess applications for vulnerabilities or deviations from best practices. Once the assessment has been completed, you get a detailed report with prioritized steps telling you what to do to make the app more compliant. Vulnerabilities can be assessed before deployment or on apps running in a production environment. The way it works is that you deploy an agent onto the virtual servers you want to assess, select the tests you want to run, and execute the assessment.

The service is based on a knowledge base of hundreds of rules mapped to common security compliance standards and vulnerability definitions. Some of the built-in rules given as examples include checking for remote root login being enabled, or vulnerable software versions installed. The rules will be regularly updated by AWS security researchers. Rules include checks on how the app stacks up against best practices for authentication, network configuration, virtual machine settings, application settings, as well as OS configurations and patches. Inspector also checks against common security compliance standards (e.g. PCI), and vulnerabilities. The checks also include detailed recommended steps to remediate security issues.

Amazon Inspector also comes with APIs that you can use to carry out security testing while you’re developing and designing apps. You can select specific reports, run them and see the results. Amazon says Inspector can integrate with partner solutions like configuration management tools. The service includes SDKs consisting of libraries and sample code for various programming languages and platforms including Java, Python, Ruby, .NET, iOS and Android. The SDKs can be used to access to the Amazon Inspector service programmatically. There’s also an Amazon Inspector HTTPS API that lets you issue HTTPS requests directly to the service.

The service is fully integrated with AWS CloudTrail, so you can log of the security testing so that company compliance auditors can see what tests were performed and when, and what the results of those tests were. In addition to the built-in rules, you can create your own specifying the company standards and best practices for applications, and validate that applications are adhering to these standards.  

If you have an AWS account number you can sign up for an invitation for access to the Amazon Inspector Preview.  


More Information

Amazon Inspector Preview

Related Articles

Amazon Web Services Adds API Gateway

Amazon Device Farm For Testing Across Devices

Amazon CloudWatch


To be informed about new articles on I Programmer, sign up for our weekly newsletter, subscribe to the RSS feed and follow us on, Twitter, FacebookGoogle+ or Linkedin.



Bjarne Stroustrup Defends C++ As Safe

It isn't surprising to find the creator of a language defending the language they created and so it is with the latest paper from Bjarne Stroustrup. Is it fair for the NSA to tell programmers to stay  [ ... ]

Microsoft Graph Developer Proxy In Preview

Microsoft has updated the Graph Developer Proxy, which it says can be used to build resilient and performant apps. The updated version adds support for simulating errors on Microsoft Graph and other A [ ... ]

More News






or email your comment to:

Last Updated ( Tuesday, 13 October 2015 )