Amazon Inspector For Security Compliance
Written by Kay Ewbank   
Tuesday, 13 October 2015

Amazon has released an automated security assessment service that you can use to improve the security and compliance of applications deployed on AWS. It is currently in preview and by invitation only.


Amazon Inspector is a new service that will assess applications for vulnerabilities or deviations from best practices. Once the assessment has been completed, you get a detailed report with prioritized steps telling you what to do to make the app more compliant. Vulnerabilities can be assessed before deployment or on apps running in a production environment. The way it works is that you deploy an agent onto the virtual servers you want to assess, select the tests you want to run, and execute the assessment.

The service is based on a knowledge base of hundreds of rules mapped to common security compliance standards and vulnerability definitions. Some of the built-in rules given as examples include checking for remote root login being enabled, or vulnerable software versions installed. The rules will be regularly updated by AWS security researchers. Rules include checks on how the app stacks up against best practices for authentication, network configuration, virtual machine settings, application settings, as well as OS configurations and patches. Inspector also checks against common security compliance standards (e.g. PCI), and vulnerabilities. The checks also include detailed recommended steps to remediate security issues.

Amazon Inspector also comes with APIs that you can use to carry out security testing while you’re developing and designing apps. You can select specific reports, run them and see the results. Amazon says Inspector can integrate with partner solutions like configuration management tools. The service includes SDKs consisting of libraries and sample code for various programming languages and platforms including Java, Python, Ruby, .NET, iOS and Android. The SDKs can be used to access to the Amazon Inspector service programmatically. There’s also an Amazon Inspector HTTPS API that lets you issue HTTPS requests directly to the service.

The service is fully integrated with AWS CloudTrail, so you can log of the security testing so that company compliance auditors can see what tests were performed and when, and what the results of those tests were. In addition to the built-in rules, you can create your own specifying the company standards and best practices for applications, and validate that applications are adhering to these standards.  

If you have an AWS account number you can sign up for an invitation for access to the Amazon Inspector Preview.  


More Information

Amazon Inspector Preview

Related Articles

Amazon Web Services Adds API Gateway

Amazon Device Farm For Testing Across Devices

Amazon CloudWatch


To be informed about new articles on I Programmer, sign up for our weekly newsletter, subscribe to the RSS feed and follow us on, Twitter, FacebookGoogle+ or Linkedin.



DuckDB 1.0 Released

DuckDB 1.0 has been released following a successful release of the 0.10 version back in February that introduced a version of DuckDB with both forward and backward compatibility for DuckDB's storage f [ ... ]

Final Date For VBScript Announced - What It Means

Microsoft has announced the official end of VBScript following years of reduced support. VBScript is one of the variations Microsoft created based on the original VB, and it has la [ ... ]

More News


C book



or email your comment to:

Last Updated ( Tuesday, 13 October 2015 )