{"id":37582,"date":"2016-07-28T00:20:45","date_gmt":"2016-07-27T18:50:45","guid":{"rendered":"http:\/\/www.tothenew.com\/blog\/?p=37582"},"modified":"2016-12-19T15:04:00","modified_gmt":"2016-12-19T09:34:00","slug":"introduction-to-aws-inspector","status":"publish","type":"post","link":"https:\/\/www.tothenew.com\/blog\/introduction-to-aws-inspector\/","title":{"rendered":"Introduction to AWS Inspector"},"content":{"rendered":"

\"Screenshot<\/p>\n

AWS Inspector<\/strong> is an automated security assessment service which helps to improve the security and compliance of applications deployed on AWS EC2<\/a> by identifying potential security issues, vulnerabilities, or deviations from security standards.<\/p>\n

Using Amazon Inspector, one can easily automate security testing across development, test, and production environments, identifying security vulnerabilities as a part of the entire software development, deployment, and operations lifecycle.<\/p>\n

It works by first defining a target set of resources using tags, then configuring an assessment template that defines what we\u2019re looking for (common vulnerabilities and exploits (CVEs), PCI requirements, etc.) and runs an assessment against our target resources, thereby examining the findings and mitigating the issues found.<\/p>\n

Setting up Amazon Inspector<\/strong><\/span><\/h2>\n

In order to\u00a0assess the security of the EC2 instances that make up our Amazon Inspector assessment targets, we must install the AWS agent on each instance first. To do so, first download the agent script by running either of the commands:<\/p>\n

    \n
  • wget https:\/\/d1wk0tztpsntt1.cloudfront.net\/linux\/latest\/install<\/span><\/strong><\/li>\n
  • curl -O <\/strong>l<\/span><\/li>\n<\/ul>\n

    To install the agent, run sudo bash install<\/strong><\/span>.
    \nThis will successfully install AWS agent on your EC2 instance.<\/p>\n

    Now, follow the following steps in order to setup Amazon inspector on your EC2 instance:<\/p>\n

      \n
    1. Sign into the AWS Management Console and open the Amazon Inspector.<\/li>\n
    2. On prerequisites page, click on Choose or Create role:<\/strong>\"Screenshot<\/li>\n
    3. A new window will pop up specifying the new IAM role created. Click allow:<\/strong>\"Screenshot<\/li>\n
    4. Click Next<\/strong>.<\/li>\n
    5. On Define an assessment target<\/strong> page, specify the name of the assessment target.
      \nIn Tags field, select Key<\/strong> as Name<\/strong> and value as the name of the EC2 instance you want to include in your assessment target:
      \n\"Screenshot<\/li>\n
    6. On\u00a0Define assessment template page<\/strong>, specify the name for the assessment template. For\u00a0Rule packages<\/strong>, select the rule packages that you want to use in the assessment template.
      \nIn\u00a0Duration<\/strong>\u00a0field, specify the duration for your assessment template. Click\u00a0Next:<\/strong>\"Screenshot<\/li>\n
    7. On the\u00a0Review\u00a0page<\/strong>, review the selections, and then choose\u00a0Create and run:<\/strong>
      \n\"Screenshot<\/li>\n<\/ol>\n

       <\/p>\n

      Locating the Generated Findings<\/span><\/strong><\/h2>\n

      In the Amazon Inspector console, navigate to the\u00a0Findings\u00a0page. It will show the inspector findings along with the severity as below:
      \n \"Screenshot<\/strong><\/p>\n

      This is how Amazon Inspector helps us to identify the vulnerabilities\u00a0in our EC2 instances and also provides the recommendations to fix them up.<\/p>\n","protected":false},"excerpt":{"rendered":"

      AWS Inspector is an automated security assessment service which helps to improve the security and compliance of applications deployed on AWS EC2 by identifying potential security issues, vulnerabilities, or deviations from security standards. Using Amazon Inspector, one can easily automate security testing across development, test, and production environments, identifying security vulnerabilities as a part of […]<\/p>\n","protected":false},"author":914,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"iawp_total_views":3},"categories":[2348,1],"tags":[3779,248,3582,1916,3468],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/www.tothenew.com\/blog\/wp-json\/wp\/v2\/posts\/37582"}],"collection":[{"href":"https:\/\/www.tothenew.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.tothenew.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.tothenew.com\/blog\/wp-json\/wp\/v2\/users\/914"}],"replies":[{"embeddable":true,"href":"https:\/\/www.tothenew.com\/blog\/wp-json\/wp\/v2\/comments?post=37582"}],"version-history":[{"count":0,"href":"https:\/\/www.tothenew.com\/blog\/wp-json\/wp\/v2\/posts\/37582\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.tothenew.com\/blog\/wp-json\/wp\/v2\/media?parent=37582"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.tothenew.com\/blog\/wp-json\/wp\/v2\/categories?post=37582"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.tothenew.com\/blog\/wp-json\/wp\/v2\/tags?post=37582"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}