INSPECTOR

·      Automated security service that helps you test the network accessibility of the EC2 instances running and the security state of those applications running on those instances

·      Inspector uses IAM linked roles

Features

·      is an engine that analyzes and monitors system resource configurations and dependencies

·      built in library of rules and reports (best practice / compliance / vulnerabilities

·      automate security assements throughout the deployment pipline and against static  production

·      API driven service with optional agent

Concepts

·      Agent

·      Run

·      Target

·      Template

o  Rules package

o  SNS Topic - to send assessment results

o  inspector specific attributes: key value pairs - can assign findigs by the assessment run

After you create an assessment template you cannot modify it

·      Finding

·      Rule

·      Package Rules-

·      Telemetry - data about an instance gathered in the run

Rules Package and Alerts

·      High/medium/low

·       

Assessment reports

·      Findings

·      Full report

Pricing

·      number of instances in the run

·      complexity of rules