SlideShare a Scribd company logo

Inspector

Download as PPTX, PDF
Sudipto Chakraborty
Sudipto Chakraborty

AWS SECURITY INSPECTOR

Education
1 of 29
What is Amazon Inspector?? ❏ It provides security as a service feature. ❏ It provides vulnerability analysis without having to deploy and manage to scan infra. ❏ It is agent-based. ❏ It can be automated by APIs ❏ Static and Dynamic Rules Package ❏ Generate Findings
Overview ❏ IDENTIFY APPLICATION SECURITY ISSUES ❏ INTEGRATE SECURITY INTO DEVOPS ❏ INCREASE DEVELOPMENT AGILITY ❏ LEVERAGE AWS SECURITY EXPERTISE ❏ STREAMLINE SECURITY COMPLIANCE ❏ ENFORCE SECURITY STANDARDS
Overview
Specifications ❏ Automated security assessment service which helps to improve security and compliance of applications deployed on aws. ❏ Automatically assess applications for exposure ,vulnerabilities and deviations from best practises. ❏ It helps to check for unintended network accessibility of your amazon ec2 instances and for vulnerabilities on those ec2 instances. ❏ It offers predefined rules package mapped to common security best practises and vulnerabilities definition. ❏ It checks ec2 instances from internet remote root login or vulnerable software versions enabled. ❏ These rules regularly updated by aws security researchers.
Common Vulnerabilities and Exposure Vulnerabilities: ❏ A mistake in a system which can be used to gain unauthorized access 1. Execute command as another user 2. Can execute dos attack Exposure: ❏ A mistake in software which allows access to information which can lead to unauthorized system access 1. Allows an attacker to hide activities 2. Enable information gathering activities
Pricing Free Trial for 3 MONTHS 250 agent assessment for the first 90 days using the service. After 90 Days First 250 agent assessment $0.30 Next 750 agent assessment $0.25 Next 4000 agent assessment $0.10 All other agent assessment $0.05
Agent Installation Process wget https://inspector-agent.amazonaws.com/linux/latest/install chmod 777 install ./install /opt/aws/awsagent/bin/awsagent status
What can I do with Amazon Inspector? ❏ Amazon Inspector allows you to automate security vulnerability assessments throughout your development and deployment pipeline or against static production systems. This allows you to make security testing a more regular occurrence as part of development and IT operations. Amazon Inspector is an API-driven service that uses an optional agent, making it easy to deploy, manage, and automate. Amazon Inspector assessments are offered to you as pre-defined rules packages mapped to common security best practices and vulnerability definitions. What makes up the Amazon Inspector service? ❏ Amazon Inspector consists of a technology that analyzes your network configurations in AWS for reachability, an Amazon-developed agent that is installed in the operating system of your Amazon EC2 instances, and a security assessment service that uses telemetry from the agent and AWS configuration to assess instances for security exposures and vulnerabilities.
What is an assessment template? ❏ An assessment template is a configuration that you create in Amazon Inspector to define your assessment run. This assessment template includes a rules package against which you want Amazon Inspector to evaluate your assessment target, the duration of the assessment run, Amazon Simple Notification Service (SNS) topics to which you want Amazon Inspector to send notifications about assessment run states and findings, and Amazon Inspector-specific attributes (key/value pairs) that you can assign to findings generated by the assessment run. What is an assessment run? ❏ An assessment run is the process of discovering potential security issues through the analysis of your assessment target's configuration, installed software, and behavior against specified rule packages. If the network reachability rules package is included, Inspector analyzes your network configurations in AWS to find accessibility of your EC2 instances over the network. If the Inspector agent is installed on the instance, the agent collects and sends on-host software and configuration data. Next, the Inspector service analyzes the data and compares it against the rule packages specified. A completed assessment run produces a list of findings for
What is an assessment target? An assessment target represents a collection of Amazon EC2 instances that you want assessed, typically a set of instances that work together as a unit to help you accomplish your business goal(s). Amazon Inspector evaluates the security state of these EC2 instances. You can include all of your instances in an assessment target or specify a subset of instances by using Amazon EC2 tags. What is a finding? A finding is a potential security issue discovered during the Amazon Inspector assessment run of the specified target. Findings are displayed in the Amazon Inspector console or retrieved through the API, and contain both a detailed description of the security issue and a recommendation on how to fix it.
Can I set up Amazon Inspector assessments through AWS CloudFormation? Yes, you can create Amazon Inspector resource groups, assessment targets, and assessment templates using AWS CloudFormation templates. This allows you to automatically set up security assessments for your EC2 instances as they are deployed. In your CloudFormation template, you can also bootstrap installation of the Inspector Agent on EC2 instances by using agent installation commands in either AWS::CloudFormation::Init or EC2 user data. Alternatively, you can create EC2 instances in your CloudFormation template using an AMI with the Inspector Agent pre-installed Can I define my own rules for assessment templates? No. Only the pre-defined rules are currently allowed for assessment runs.
Which on-host software packages can Inspector analyze for vulnerabilities? Amazon Inspector finds applications by querying the package manager or software installation system on the operating system where the agent is installed. This means that software that was installed through the package manager is assessed for vulnerabilities. The version and patch level of software that is not installed through these methods is not recognized by Inspector. For example, software installed via apt, yum, or Microsoft Installer will be assessed by Inspector. Software installed through make config / make install, or binary files copied directly to the system using automation software such as Puppet or Ansible will not be assessed by Inspector.
GETTING STARTED ❏ Set up and log into your AWS account ❏ Assess your full account on a schedule with one click, or set up custom assessments ❏ Review findings and start protecting your application
POC -1
POC -2
Inspector
Inspector
Inspector
Inspector
Inspector
Inspector
Inspector
Inspector
Inspector
Inspector
Inspector
Inspector
Inspector

Recommended

AWS December 2015 Webinar Series - Introducing Amazon Inspector
AWS December 2015 Webinar Series - Introducing Amazon InspectorAWS December 2015 Webinar Series - Introducing Amazon Inspector
AWS December 2015 Webinar Series - Introducing Amazon InspectorAmazon Web Services
 
Inspector
InspectorInspector
InspectorSudipto Chakraborty
 
From Zero to ATO: A Step-by-Step Guide on the DoD Compliance Framework
From Zero to ATO: A Step-by-Step Guide on the DoD Compliance FrameworkFrom Zero to ATO: A Step-by-Step Guide on the DoD Compliance Framework
From Zero to ATO: A Step-by-Step Guide on the DoD Compliance FrameworkAmazon Web Services
 
Using Amazon Inspector to Discover Potential Security Issues - AWS Online Tec...
Using Amazon Inspector to Discover Potential Security Issues - AWS Online Tec...Using Amazon Inspector to Discover Potential Security Issues - AWS Online Tec...
Using Amazon Inspector to Discover Potential Security Issues - AWS Online Tec...Amazon Web Services
 
AWS re:Invent 2016: The AWS Hero’s Journey to Achieving Autonomous, Self-Heal...
AWS re:Invent 2016: The AWS Hero’s Journey to Achieving Autonomous, Self-Heal...AWS re:Invent 2016: The AWS Hero’s Journey to Achieving Autonomous, Self-Heal...
AWS re:Invent 2016: The AWS Hero’s Journey to Achieving Autonomous, Self-Heal...Amazon Web Services
 
Cloud Application Security: Lessons Learned
Cloud Application Security: Lessons LearnedCloud Application Security: Lessons Learned
Cloud Application Security: Lessons LearnedJason Chan
 
The Psychology of Security Automation
The Psychology of Security AutomationThe Psychology of Security Automation
The Psychology of Security AutomationJason Chan
 
(SEC324) NEW! Introducing Amazon Inspector
(SEC324) NEW! Introducing Amazon Inspector(SEC324) NEW! Introducing Amazon Inspector
(SEC324) NEW! Introducing Amazon InspectorAmazon Web Services
 

Recommended

AWS December 2015 Webinar Series - Introducing Amazon Inspector
AWS December 2015 Webinar Series - Introducing Amazon InspectorAWS December 2015 Webinar Series - Introducing Amazon Inspector
AWS December 2015 Webinar Series - Introducing Amazon InspectorAmazon Web Services
 
Inspector
InspectorInspector
InspectorSudipto Chakraborty
 
From Zero to ATO: A Step-by-Step Guide on the DoD Compliance Framework
From Zero to ATO: A Step-by-Step Guide on the DoD Compliance FrameworkFrom Zero to ATO: A Step-by-Step Guide on the DoD Compliance Framework
From Zero to ATO: A Step-by-Step Guide on the DoD Compliance FrameworkAmazon Web Services
 
Using Amazon Inspector to Discover Potential Security Issues - AWS Online Tec...
Using Amazon Inspector to Discover Potential Security Issues - AWS Online Tec...Using Amazon Inspector to Discover Potential Security Issues - AWS Online Tec...
Using Amazon Inspector to Discover Potential Security Issues - AWS Online Tec...Amazon Web Services
 
AWS re:Invent 2016: The AWS Hero’s Journey to Achieving Autonomous, Self-Heal...
AWS re:Invent 2016: The AWS Hero’s Journey to Achieving Autonomous, Self-Heal...AWS re:Invent 2016: The AWS Hero’s Journey to Achieving Autonomous, Self-Heal...
AWS re:Invent 2016: The AWS Hero’s Journey to Achieving Autonomous, Self-Heal...Amazon Web Services
 
Cloud Application Security: Lessons Learned
Cloud Application Security: Lessons LearnedCloud Application Security: Lessons Learned
Cloud Application Security: Lessons LearnedJason Chan
 
The Psychology of Security Automation
The Psychology of Security AutomationThe Psychology of Security Automation
The Psychology of Security AutomationJason Chan
 
(SEC324) NEW! Introducing Amazon Inspector
(SEC324) NEW! Introducing Amazon Inspector(SEC324) NEW! Introducing Amazon Inspector
(SEC324) NEW! Introducing Amazon InspectorAmazon Web Services
 
Putting it All Together: Securing Systems at Cloud Scale
Putting it All Together: Securing Systems at Cloud ScalePutting it All Together: Securing Systems at Cloud Scale
Putting it All Together: Securing Systems at Cloud ScaleAmazon Web Services
 
DevSecOps in Baby Steps
DevSecOps in Baby StepsDevSecOps in Baby Steps
DevSecOps in Baby StepsPriyanka Aash
 
Securing Systems at Cloud Scale with DevSecOps
Securing Systems at Cloud Scale with DevSecOpsSecuring Systems at Cloud Scale with DevSecOps
Securing Systems at Cloud Scale with DevSecOpsAmazon Web Services
 
Integrating Jira Software Cloud With the AWS Code Suite
Integrating Jira Software Cloud With the AWS Code SuiteIntegrating Jira Software Cloud With the AWS Code Suite
Integrating Jira Software Cloud With the AWS Code SuiteAtlassian
 
Introduction to DevSecOps
Introduction to DevSecOpsIntroduction to DevSecOps
Introduction to DevSecOpsAmazon Web Services
 
From Gates to Guardrails: Alternate Approaches to Product Security
From Gates to Guardrails: Alternate Approaches to Product SecurityFrom Gates to Guardrails: Alternate Approaches to Product Security
From Gates to Guardrails: Alternate Approaches to Product SecurityJason Chan
 
CSS17: Dallas - The AWS Shared Responsibility Model in Practice
CSS17: Dallas - The AWS Shared Responsibility Model in PracticeCSS17: Dallas - The AWS Shared Responsibility Model in Practice
CSS17: Dallas - The AWS Shared Responsibility Model in PracticeAlert Logic
 
Windows Applications in the Cloud
Windows Applications in the CloudWindows Applications in the Cloud
Windows Applications in the CloudRightScale
 
RightScale API: How To Build Your Own IT Vending Machine - RightScale Compute...
RightScale API: How To Build Your Own IT Vending Machine - RightScale Compute...RightScale API: How To Build Your Own IT Vending Machine - RightScale Compute...
RightScale API: How To Build Your Own IT Vending Machine - RightScale Compute...RightScale
 
CSS17: DC - The AWS Shared Responsibility Model in Practice
CSS17: DC - The AWS Shared Responsibility Model in PracticeCSS17: DC - The AWS Shared Responsibility Model in Practice
CSS17: DC - The AWS Shared Responsibility Model in PracticeAlert Logic
 
Unified Security through Armor and AWS - DEM04 - Chicago AWS Summit
Unified Security through Armor and AWS - DEM04 - Chicago AWS SummitUnified Security through Armor and AWS - DEM04 - Chicago AWS Summit
Unified Security through Armor and AWS - DEM04 - Chicago AWS SummitAmazon Web Services
 
Migrating the GoPro Plus Cloud Service to Amazon ECS
Migrating the GoPro Plus Cloud Service to Amazon ECSMigrating the GoPro Plus Cloud Service to Amazon ECS
Migrating the GoPro Plus Cloud Service to Amazon ECSAmazon Web Services
 
Operations: Production Readiness
Operations: Production ReadinessOperations: Production Readiness
Operations: Production ReadinessAmazon Web Services
 
CSS17: Atlanta - The AWS Shared Responsibility Model in Practice
CSS17: Atlanta - The AWS Shared Responsibility Model in Practice CSS17: Atlanta - The AWS Shared Responsibility Model in Practice
CSS17: Atlanta - The AWS Shared Responsibility Model in Practice Alert Logic
 
DevSecOps: Taking a DevOps Approach to Security
DevSecOps: Taking a DevOps Approach to SecurityDevSecOps: Taking a DevOps Approach to Security
DevSecOps: Taking a DevOps Approach to SecurityAlert Logic
 
Operations: Security
Operations: SecurityOperations: Security
Operations: SecurityAmazon Web Services
 
Serverless - minimizing the attack surface
Serverless - minimizing the attack surfaceServerless - minimizing the attack surface
Serverless - minimizing the attack surfaceAvi Shulman
 
TechDays Finland 2020: Best practices of securing web applications running on...
TechDays Finland 2020: Best practices of securing web applications running on...TechDays Finland 2020: Best practices of securing web applications running on...
TechDays Finland 2020: Best practices of securing web applications running on...Karl Ots
 
Understanding AWS Security
Understanding AWS SecurityUnderstanding AWS Security
Understanding AWS SecurityAmazon Web Services
 
(ARC307) Infrastructure as Code
(ARC307) Infrastructure as Code(ARC307) Infrastructure as Code
(ARC307) Infrastructure as CodeAmazon Web Services
 
Addressing Amazon Inspector Assessment Findings - September 2016 Webinar Series
Addressing Amazon Inspector Assessment Findings - September 2016 Webinar SeriesAddressing Amazon Inspector Assessment Findings - September 2016 Webinar Series
Addressing Amazon Inspector Assessment Findings - September 2016 Webinar SeriesAmazon Web Services
 
Toward Full Stack Security
Toward Full Stack SecurityToward Full Stack Security
Toward Full Stack SecurityAmazon Web Services
 

More Related Content

What's hot

Putting it All Together: Securing Systems at Cloud Scale
Putting it All Together: Securing Systems at Cloud ScalePutting it All Together: Securing Systems at Cloud Scale
Putting it All Together: Securing Systems at Cloud ScaleAmazon Web Services
 
DevSecOps in Baby Steps
DevSecOps in Baby StepsDevSecOps in Baby Steps
DevSecOps in Baby StepsPriyanka Aash
 
Securing Systems at Cloud Scale with DevSecOps
Securing Systems at Cloud Scale with DevSecOpsSecuring Systems at Cloud Scale with DevSecOps
Securing Systems at Cloud Scale with DevSecOpsAmazon Web Services
 
Integrating Jira Software Cloud With the AWS Code Suite
Integrating Jira Software Cloud With the AWS Code SuiteIntegrating Jira Software Cloud With the AWS Code Suite
Integrating Jira Software Cloud With the AWS Code SuiteAtlassian
 
From Gates to Guardrails: Alternate Approaches to Product Security
From Gates to Guardrails: Alternate Approaches to Product SecurityFrom Gates to Guardrails: Alternate Approaches to Product Security
From Gates to Guardrails: Alternate Approaches to Product SecurityJason Chan
 
CSS17: Dallas - The AWS Shared Responsibility Model in Practice
CSS17: Dallas - The AWS Shared Responsibility Model in PracticeCSS17: Dallas - The AWS Shared Responsibility Model in Practice
CSS17: Dallas - The AWS Shared Responsibility Model in PracticeAlert Logic
 
Windows Applications in the Cloud
Windows Applications in the CloudWindows Applications in the Cloud
Windows Applications in the CloudRightScale
 
RightScale API: How To Build Your Own IT Vending Machine - RightScale Compute...
RightScale API: How To Build Your Own IT Vending Machine - RightScale Compute...RightScale API: How To Build Your Own IT Vending Machine - RightScale Compute...
RightScale API: How To Build Your Own IT Vending Machine - RightScale Compute...RightScale
 
CSS17: DC - The AWS Shared Responsibility Model in Practice
CSS17: DC - The AWS Shared Responsibility Model in PracticeCSS17: DC - The AWS Shared Responsibility Model in Practice
CSS17: DC - The AWS Shared Responsibility Model in PracticeAlert Logic
 
Unified Security through Armor and AWS - DEM04 - Chicago AWS Summit
Unified Security through Armor and AWS - DEM04 - Chicago AWS SummitUnified Security through Armor and AWS - DEM04 - Chicago AWS Summit
Unified Security through Armor and AWS - DEM04 - Chicago AWS SummitAmazon Web Services
 
Migrating the GoPro Plus Cloud Service to Amazon ECS
Migrating the GoPro Plus Cloud Service to Amazon ECSMigrating the GoPro Plus Cloud Service to Amazon ECS
Migrating the GoPro Plus Cloud Service to Amazon ECSAmazon Web Services
 
Operations: Production Readiness
Operations: Production ReadinessOperations: Production Readiness
Operations: Production ReadinessAmazon Web Services
 
CSS17: Atlanta - The AWS Shared Responsibility Model in Practice
CSS17: Atlanta - The AWS Shared Responsibility Model in Practice CSS17: Atlanta - The AWS Shared Responsibility Model in Practice
CSS17: Atlanta - The AWS Shared Responsibility Model in Practice Alert Logic
 
DevSecOps: Taking a DevOps Approach to Security
DevSecOps: Taking a DevOps Approach to SecurityDevSecOps: Taking a DevOps Approach to Security
DevSecOps: Taking a DevOps Approach to SecurityAlert Logic
 
Serverless - minimizing the attack surface
Serverless - minimizing the attack surfaceServerless - minimizing the attack surface
Serverless - minimizing the attack surfaceAvi Shulman
 
TechDays Finland 2020: Best practices of securing web applications running on...
TechDays Finland 2020: Best practices of securing web applications running on...TechDays Finland 2020: Best practices of securing web applications running on...
TechDays Finland 2020: Best practices of securing web applications running on...Karl Ots
 

What's hot (20)

Putting it All Together: Securing Systems at Cloud Scale
Putting it All Together: Securing Systems at Cloud ScalePutting it All Together: Securing Systems at Cloud Scale
Putting it All Together: Securing Systems at Cloud Scale
 
DevSecOps in Baby Steps
DevSecOps in Baby StepsDevSecOps in Baby Steps
DevSecOps in Baby Steps
 
Securing Systems at Cloud Scale with DevSecOps
Securing Systems at Cloud Scale with DevSecOpsSecuring Systems at Cloud Scale with DevSecOps
Securing Systems at Cloud Scale with DevSecOps
 
Integrating Jira Software Cloud With the AWS Code Suite
Integrating Jira Software Cloud With the AWS Code SuiteIntegrating Jira Software Cloud With the AWS Code Suite
Integrating Jira Software Cloud With the AWS Code Suite
 
Introduction to DevSecOps
Introduction to DevSecOpsIntroduction to DevSecOps
Introduction to DevSecOps
 
From Gates to Guardrails: Alternate Approaches to Product Security
From Gates to Guardrails: Alternate Approaches to Product SecurityFrom Gates to Guardrails: Alternate Approaches to Product Security
From Gates to Guardrails: Alternate Approaches to Product Security
 
CSS17: Dallas - The AWS Shared Responsibility Model in Practice
CSS17: Dallas - The AWS Shared Responsibility Model in PracticeCSS17: Dallas - The AWS Shared Responsibility Model in Practice
CSS17: Dallas - The AWS Shared Responsibility Model in Practice
 
Windows Applications in the Cloud
Windows Applications in the CloudWindows Applications in the Cloud
Windows Applications in the Cloud
 
RightScale API: How To Build Your Own IT Vending Machine - RightScale Compute...
RightScale API: How To Build Your Own IT Vending Machine - RightScale Compute...RightScale API: How To Build Your Own IT Vending Machine - RightScale Compute...
RightScale API: How To Build Your Own IT Vending Machine - RightScale Compute...
 
CSS17: DC - The AWS Shared Responsibility Model in Practice
CSS17: DC - The AWS Shared Responsibility Model in PracticeCSS17: DC - The AWS Shared Responsibility Model in Practice
CSS17: DC - The AWS Shared Responsibility Model in Practice
 
Unified Security through Armor and AWS - DEM04 - Chicago AWS Summit
Unified Security through Armor and AWS - DEM04 - Chicago AWS SummitUnified Security through Armor and AWS - DEM04 - Chicago AWS Summit
Unified Security through Armor and AWS - DEM04 - Chicago AWS Summit
 
Migrating the GoPro Plus Cloud Service to Amazon ECS
Migrating the GoPro Plus Cloud Service to Amazon ECSMigrating the GoPro Plus Cloud Service to Amazon ECS
Migrating the GoPro Plus Cloud Service to Amazon ECS
 
Operations: Production Readiness
Operations: Production ReadinessOperations: Production Readiness
Operations: Production Readiness
 
CSS17: Atlanta - The AWS Shared Responsibility Model in Practice
CSS17: Atlanta - The AWS Shared Responsibility Model in Practice CSS17: Atlanta - The AWS Shared Responsibility Model in Practice
CSS17: Atlanta - The AWS Shared Responsibility Model in Practice
 
DevSecOps: Taking a DevOps Approach to Security
DevSecOps: Taking a DevOps Approach to SecurityDevSecOps: Taking a DevOps Approach to Security
DevSecOps: Taking a DevOps Approach to Security
 
Operations: Security
Operations: SecurityOperations: Security
Operations: Security
 
Serverless - minimizing the attack surface
Serverless - minimizing the attack surfaceServerless - minimizing the attack surface
Serverless - minimizing the attack surface
 
TechDays Finland 2020: Best practices of securing web applications running on...
TechDays Finland 2020: Best practices of securing web applications running on...TechDays Finland 2020: Best practices of securing web applications running on...
TechDays Finland 2020: Best practices of securing web applications running on...
 
Understanding AWS Security
Understanding AWS SecurityUnderstanding AWS Security
Understanding AWS Security
 
(ARC307) Infrastructure as Code
(ARC307) Infrastructure as Code(ARC307) Infrastructure as Code
(ARC307) Infrastructure as Code
 

Similar to Inspector

Addressing Amazon Inspector Assessment Findings - September 2016 Webinar Series
Addressing Amazon Inspector Assessment Findings - September 2016 Webinar SeriesAddressing Amazon Inspector Assessment Findings - September 2016 Webinar Series
Addressing Amazon Inspector Assessment Findings - September 2016 Webinar SeriesAmazon Web Services
 
Getting Started with Amazon Inspector - AWS June 2016 Webinar Series
Getting Started with Amazon Inspector - AWS June 2016 Webinar SeriesGetting Started with Amazon Inspector - AWS June 2016 Webinar Series
Getting Started with Amazon Inspector - AWS June 2016 Webinar SeriesAmazon Web Services
 
AWS Security Best Practices for Effective Threat Detection & Response
AWS Security Best Practices for Effective Threat Detection & ResponseAWS Security Best Practices for Effective Threat Detection & Response
AWS Security Best Practices for Effective Threat Detection & ResponseAlienVault
 
Getting Started with Amazon Inspector
Getting Started with Amazon InspectorGetting Started with Amazon Inspector
Getting Started with Amazon InspectorAmazon Web Services
 
AWS Enterprise Summit London 2015 | Security in the Cloud
AWS Enterprise Summit London 2015 | Security in the CloudAWS Enterprise Summit London 2015 | Security in the Cloud
AWS Enterprise Summit London 2015 | Security in the CloudAmazon Web Services
 
SEC301 - New AWS security services for container threat detection - final.pdf
SEC301 - New AWS security services for container threat detection - final.pdfSEC301 - New AWS security services for container threat detection - final.pdf
SEC301 - New AWS security services for container threat detection - final.pdfJean-François LOMBARDO
 
(SEC201) How Should We All Think About Security?
(SEC201) How Should We All Think About Security?(SEC201) How Should We All Think About Security?
(SEC201) How Should We All Think About Security?Amazon Web Services
 
513323774-VMDR-Lab-Tutorial-Supplement-V2.pdf
513323774-VMDR-Lab-Tutorial-Supplement-V2.pdf513323774-VMDR-Lab-Tutorial-Supplement-V2.pdf
513323774-VMDR-Lab-Tutorial-Supplement-V2.pdfHarkeemShaw1
 
Cloud-Post Migrastion-Security Modernization Cheatsheet.pptx
Cloud-Post Migrastion-Security Modernization Cheatsheet.pptxCloud-Post Migrastion-Security Modernization Cheatsheet.pptx
Cloud-Post Migrastion-Security Modernization Cheatsheet.pptxVINEN2
 
Secure Management of Fleet at Scale
Secure Management of Fleet at ScaleSecure Management of Fleet at Scale
Secure Management of Fleet at ScaleAmazon Web Services
 
Integrating_Cloud_Development_Security_And_Operations.pdf
Integrating_Cloud_Development_Security_And_Operations.pdfIntegrating_Cloud_Development_Security_And_Operations.pdf
Integrating_Cloud_Development_Security_And_Operations.pdfAmazon Web Services
 
Amazon EC2 Systems Manager for Hybrid Cloud Management at Scale
Amazon EC2 Systems Manager for Hybrid Cloud Management at ScaleAmazon EC2 Systems Manager for Hybrid Cloud Management at Scale
Amazon EC2 Systems Manager for Hybrid Cloud Management at ScaleAmazon Web Services
 
Amazon EC2 Systems Manager for Hybrid Cloud Management at Scale
Amazon EC2 Systems Manager for Hybrid Cloud Management at ScaleAmazon EC2 Systems Manager for Hybrid Cloud Management at Scale
Amazon EC2 Systems Manager for Hybrid Cloud Management at ScaleAmazon Web Services
 
Automating Software Deployments with AWS CodeDeploy
Automating Software Deployments with AWS CodeDeployAutomating Software Deployments with AWS CodeDeploy
Automating Software Deployments with AWS CodeDeployAmazon Web Services
 

Similar to Inspector (20)

Addressing Amazon Inspector Assessment Findings - September 2016 Webinar Series
Addressing Amazon Inspector Assessment Findings - September 2016 Webinar SeriesAddressing Amazon Inspector Assessment Findings - September 2016 Webinar Series
Addressing Amazon Inspector Assessment Findings - September 2016 Webinar Series
 
Toward Full Stack Security
Toward Full Stack SecurityToward Full Stack Security
Toward Full Stack Security
 
Getting Started with Amazon Inspector - AWS June 2016 Webinar Series
Getting Started with Amazon Inspector - AWS June 2016 Webinar SeriesGetting Started with Amazon Inspector - AWS June 2016 Webinar Series
Getting Started with Amazon Inspector - AWS June 2016 Webinar Series
 
Towards Full Stack Security
Towards Full Stack Security Towards Full Stack Security
Towards Full Stack Security
 
AWS Security Best Practices for Effective Threat Detection & Response
AWS Security Best Practices for Effective Threat Detection & ResponseAWS Security Best Practices for Effective Threat Detection & Response
AWS Security Best Practices for Effective Threat Detection & Response
 
Getting Started with Amazon Inspector
Getting Started with Amazon InspectorGetting Started with Amazon Inspector
Getting Started with Amazon Inspector
 
AWS Enterprise Summit London 2015 | Security in the Cloud
AWS Enterprise Summit London 2015 | Security in the CloudAWS Enterprise Summit London 2015 | Security in the Cloud
AWS Enterprise Summit London 2015 | Security in the Cloud
 
SEC301 - New AWS security services for container threat detection - final.pdf
SEC301 - New AWS security services for container threat detection - final.pdfSEC301 - New AWS security services for container threat detection - final.pdf
SEC301 - New AWS security services for container threat detection - final.pdf
 
(SEC201) How Should We All Think About Security?
(SEC201) How Should We All Think About Security?(SEC201) How Should We All Think About Security?
(SEC201) How Should We All Think About Security?
 
Towards Full Stack Security
Towards Full Stack SecurityTowards Full Stack Security
Towards Full Stack Security
 
513323774-VMDR-Lab-Tutorial-Supplement-V2.pdf
513323774-VMDR-Lab-Tutorial-Supplement-V2.pdf513323774-VMDR-Lab-Tutorial-Supplement-V2.pdf
513323774-VMDR-Lab-Tutorial-Supplement-V2.pdf
 
Cloud-Post Migrastion-Security Modernization Cheatsheet.pptx
Cloud-Post Migrastion-Security Modernization Cheatsheet.pptxCloud-Post Migrastion-Security Modernization Cheatsheet.pptx
Cloud-Post Migrastion-Security Modernization Cheatsheet.pptx
 
State of the Union : Security
State of the Union : SecurityState of the Union : Security
State of the Union : Security
 
Secure Management of Fleet at Scale
Secure Management of Fleet at ScaleSecure Management of Fleet at Scale
Secure Management of Fleet at Scale
 
AWS Systems Manager
AWS Systems ManagerAWS Systems Manager
AWS Systems Manager
 
Integrating_Cloud_Development_Security_And_Operations.pdf
Integrating_Cloud_Development_Security_And_Operations.pdfIntegrating_Cloud_Development_Security_And_Operations.pdf
Integrating_Cloud_Development_Security_And_Operations.pdf
 
Amazon EC2 Systems Manager for Hybrid Cloud Management at Scale
Amazon EC2 Systems Manager for Hybrid Cloud Management at ScaleAmazon EC2 Systems Manager for Hybrid Cloud Management at Scale
Amazon EC2 Systems Manager for Hybrid Cloud Management at Scale
 
Amazon EC2 Systems Manager for Hybrid Cloud Management at Scale
Amazon EC2 Systems Manager for Hybrid Cloud Management at ScaleAmazon EC2 Systems Manager for Hybrid Cloud Management at Scale
Amazon EC2 Systems Manager for Hybrid Cloud Management at Scale
 
Ch24
Ch24Ch24
Ch24
 
Automating Software Deployments with AWS CodeDeploy
Automating Software Deployments with AWS CodeDeployAutomating Software Deployments with AWS CodeDeploy
Automating Software Deployments with AWS CodeDeploy
 

Recently uploaded

QUATER-1-PE-HEALTH-LC2- this is just a sample of unpacked lesson
QUATER-1-PE-HEALTH-LC2- this is just a sample of unpacked lessonQUATER-1-PE-HEALTH-LC2- this is just a sample of unpacked lesson
QUATER-1-PE-HEALTH-LC2- this is just a sample of unpacked lessonhttgc7rh9c
 
Simple, Complex, and Compound Sentences Exercises.pdf
Simple, Complex, and Compound Sentences Exercises.pdfSimple, Complex, and Compound Sentences Exercises.pdf
Simple, Complex, and Compound Sentences Exercises.pdfstareducators107
 
Python Notes for mca i year students osmania university.docx
Python Notes for mca i year students osmania university.docxPython Notes for mca i year students osmania university.docx
Python Notes for mca i year students osmania university.docxRamakrishna Reddy Bijjam
 
21st_Century_Skills_Framework_Final_Presentation_2.pptx
21st_Century_Skills_Framework_Final_Presentation_2.pptx21st_Century_Skills_Framework_Final_Presentation_2.pptx
21st_Century_Skills_Framework_Final_Presentation_2.pptxJoelynRubio1
 
COMMUNICATING NEGATIVE NEWS - APPROACHES .pptx
COMMUNICATING NEGATIVE NEWS - APPROACHES .pptxCOMMUNICATING NEGATIVE NEWS - APPROACHES .pptx
COMMUNICATING NEGATIVE NEWS - APPROACHES .pptxannathomasp01
 
dusjagr & nano talk on open tools for agriculture research and learning
dusjagr & nano talk on open tools for agriculture research and learningdusjagr & nano talk on open tools for agriculture research and learning
dusjagr & nano talk on open tools for agriculture research and learningMarc Dusseiller Dusjagr
 
How to setup Pycharm environment for Odoo 17.pptx
How to setup Pycharm environment for Odoo 17.pptxHow to setup Pycharm environment for Odoo 17.pptx
How to setup Pycharm environment for Odoo 17.pptxCeline George
 
Unit 3 Emotional Intelligence and Spiritual Intelligence.pdf
Unit 3 Emotional Intelligence and Spiritual Intelligence.pdfUnit 3 Emotional Intelligence and Spiritual Intelligence.pdf
Unit 3 Emotional Intelligence and Spiritual Intelligence.pdfDr Vijay Vishwakarma
 
Play hard learn harder: The Serious Business of Play
Play hard learn harder: The Serious Business of PlayPlay hard learn harder: The Serious Business of Play
Play hard learn harder: The Serious Business of PlayPooky Knightsmith
 
How to Add New Custom Addons Path in Odoo 17
How to Add New Custom Addons Path in Odoo 17How to Add New Custom Addons Path in Odoo 17
How to Add New Custom Addons Path in Odoo 17Celine George
 
Spellings Wk 4 and Wk 5 for Grade 4 at CAPS
Spellings Wk 4 and Wk 5 for Grade 4 at CAPSSpellings Wk 4 and Wk 5 for Grade 4 at CAPS
Spellings Wk 4 and Wk 5 for Grade 4 at CAPSAnaAcapella
 
Details on CBSE Compartment Exam.pptx1111
Details on CBSE Compartment Exam.pptx1111Details on CBSE Compartment Exam.pptx1111
Details on CBSE Compartment Exam.pptx1111GangaMaiya1
 
Introduction to TechSoup’s Digital Marketing Services and Use Cases
Introduction to TechSoup’s Digital Marketing Services and Use CasesIntroduction to TechSoup’s Digital Marketing Services and Use Cases
Introduction to TechSoup’s Digital Marketing Services and Use CasesTechSoup
 
Wellbeing inclusion and digital dystopias.pptx
Wellbeing inclusion and digital dystopias.pptxWellbeing inclusion and digital dystopias.pptx
Wellbeing inclusion and digital dystopias.pptxJisc
 
UGC NET Paper 1 Unit 7 DATA INTERPRETATION.pdf
UGC NET Paper 1 Unit 7 DATA INTERPRETATION.pdfUGC NET Paper 1 Unit 7 DATA INTERPRETATION.pdf
UGC NET Paper 1 Unit 7 DATA INTERPRETATION.pdfNirmal Dwivedi
 
OSCM Unit 2_Operations Processes & Systems
OSCM Unit 2_Operations Processes & SystemsOSCM Unit 2_Operations Processes & Systems
OSCM Unit 2_Operations Processes & SystemsSandeep D Chaudhary
 
Jamworks pilot and AI at Jisc (20/03/2024)
Jamworks pilot and AI at Jisc (20/03/2024)Jamworks pilot and AI at Jisc (20/03/2024)
Jamworks pilot and AI at Jisc (20/03/2024)Jisc
 
Beyond_Borders_Understanding_Anime_and_Manga_Fandom_A_Comprehensive_Audience_...
Beyond_Borders_Understanding_Anime_and_Manga_Fandom_A_Comprehensive_Audience_...Beyond_Borders_Understanding_Anime_and_Manga_Fandom_A_Comprehensive_Audience_...
Beyond_Borders_Understanding_Anime_and_Manga_Fandom_A_Comprehensive_Audience_...Pooja Bhuva
 
How to Add a Tool Tip to a Field in Odoo 17
How to Add a Tool Tip to a Field in Odoo 17How to Add a Tool Tip to a Field in Odoo 17
How to Add a Tool Tip to a Field in Odoo 17Celine George
 
Sensory_Experience_and_Emotional_Resonance_in_Gabriel_Okaras_The_Piano_and_Th...
Sensory_Experience_and_Emotional_Resonance_in_Gabriel_Okaras_The_Piano_and_Th...Sensory_Experience_and_Emotional_Resonance_in_Gabriel_Okaras_The_Piano_and_Th...
Sensory_Experience_and_Emotional_Resonance_in_Gabriel_Okaras_The_Piano_and_Th...Pooja Bhuva
 

Recently uploaded (20)

QUATER-1-PE-HEALTH-LC2- this is just a sample of unpacked lesson
QUATER-1-PE-HEALTH-LC2- this is just a sample of unpacked lessonQUATER-1-PE-HEALTH-LC2- this is just a sample of unpacked lesson
QUATER-1-PE-HEALTH-LC2- this is just a sample of unpacked lesson
 
Simple, Complex, and Compound Sentences Exercises.pdf
Simple, Complex, and Compound Sentences Exercises.pdfSimple, Complex, and Compound Sentences Exercises.pdf
Simple, Complex, and Compound Sentences Exercises.pdf
 
Python Notes for mca i year students osmania university.docx
Python Notes for mca i year students osmania university.docxPython Notes for mca i year students osmania university.docx
Python Notes for mca i year students osmania university.docx
 
21st_Century_Skills_Framework_Final_Presentation_2.pptx
21st_Century_Skills_Framework_Final_Presentation_2.pptx21st_Century_Skills_Framework_Final_Presentation_2.pptx
21st_Century_Skills_Framework_Final_Presentation_2.pptx
 
COMMUNICATING NEGATIVE NEWS - APPROACHES .pptx
COMMUNICATING NEGATIVE NEWS - APPROACHES .pptxCOMMUNICATING NEGATIVE NEWS - APPROACHES .pptx
COMMUNICATING NEGATIVE NEWS - APPROACHES .pptx
 
dusjagr & nano talk on open tools for agriculture research and learning
dusjagr & nano talk on open tools for agriculture research and learningdusjagr & nano talk on open tools for agriculture research and learning
dusjagr & nano talk on open tools for agriculture research and learning
 
How to setup Pycharm environment for Odoo 17.pptx
How to setup Pycharm environment for Odoo 17.pptxHow to setup Pycharm environment for Odoo 17.pptx
How to setup Pycharm environment for Odoo 17.pptx
 
Unit 3 Emotional Intelligence and Spiritual Intelligence.pdf
Unit 3 Emotional Intelligence and Spiritual Intelligence.pdfUnit 3 Emotional Intelligence and Spiritual Intelligence.pdf
Unit 3 Emotional Intelligence and Spiritual Intelligence.pdf
 
Play hard learn harder: The Serious Business of Play
Play hard learn harder: The Serious Business of PlayPlay hard learn harder: The Serious Business of Play
Play hard learn harder: The Serious Business of Play
 
How to Add New Custom Addons Path in Odoo 17
How to Add New Custom Addons Path in Odoo 17How to Add New Custom Addons Path in Odoo 17
How to Add New Custom Addons Path in Odoo 17
 
Spellings Wk 4 and Wk 5 for Grade 4 at CAPS
Spellings Wk 4 and Wk 5 for Grade 4 at CAPSSpellings Wk 4 and Wk 5 for Grade 4 at CAPS
Spellings Wk 4 and Wk 5 for Grade 4 at CAPS
 
Details on CBSE Compartment Exam.pptx1111
Details on CBSE Compartment Exam.pptx1111Details on CBSE Compartment Exam.pptx1111
Details on CBSE Compartment Exam.pptx1111
 
Introduction to TechSoup’s Digital Marketing Services and Use Cases
Introduction to TechSoup’s Digital Marketing Services and Use CasesIntroduction to TechSoup’s Digital Marketing Services and Use Cases
Introduction to TechSoup’s Digital Marketing Services and Use Cases
 
Wellbeing inclusion and digital dystopias.pptx
Wellbeing inclusion and digital dystopias.pptxWellbeing inclusion and digital dystopias.pptx
Wellbeing inclusion and digital dystopias.pptx
 
UGC NET Paper 1 Unit 7 DATA INTERPRETATION.pdf
UGC NET Paper 1 Unit 7 DATA INTERPRETATION.pdfUGC NET Paper 1 Unit 7 DATA INTERPRETATION.pdf
UGC NET Paper 1 Unit 7 DATA INTERPRETATION.pdf
 
OSCM Unit 2_Operations Processes & Systems
OSCM Unit 2_Operations Processes & SystemsOSCM Unit 2_Operations Processes & Systems
OSCM Unit 2_Operations Processes & Systems
 
Jamworks pilot and AI at Jisc (20/03/2024)
Jamworks pilot and AI at Jisc (20/03/2024)Jamworks pilot and AI at Jisc (20/03/2024)
Jamworks pilot and AI at Jisc (20/03/2024)
 
Beyond_Borders_Understanding_Anime_and_Manga_Fandom_A_Comprehensive_Audience_...
Beyond_Borders_Understanding_Anime_and_Manga_Fandom_A_Comprehensive_Audience_...Beyond_Borders_Understanding_Anime_and_Manga_Fandom_A_Comprehensive_Audience_...
Beyond_Borders_Understanding_Anime_and_Manga_Fandom_A_Comprehensive_Audience_...
 
How to Add a Tool Tip to a Field in Odoo 17
How to Add a Tool Tip to a Field in Odoo 17How to Add a Tool Tip to a Field in Odoo 17
How to Add a Tool Tip to a Field in Odoo 17
 
Sensory_Experience_and_Emotional_Resonance_in_Gabriel_Okaras_The_Piano_and_Th...
Sensory_Experience_and_Emotional_Resonance_in_Gabriel_Okaras_The_Piano_and_Th...Sensory_Experience_and_Emotional_Resonance_in_Gabriel_Okaras_The_Piano_and_Th...
Sensory_Experience_and_Emotional_Resonance_in_Gabriel_Okaras_The_Piano_and_Th...
 

Inspector

  • 1.
  • 2. What is Amazon Inspector?? ❏ It provides security as a service feature. ❏ It provides vulnerability analysis without having to deploy and manage to scan infra. ❏ It is agent-based. ❏ It can be automated by APIs ❏ Static and Dynamic Rules Package ❏ Generate Findings
  • 3. Overview ❏ IDENTIFY APPLICATION SECURITY ISSUES ❏ INTEGRATE SECURITY INTO DEVOPS ❏ INCREASE DEVELOPMENT AGILITY ❏ LEVERAGE AWS SECURITY EXPERTISE ❏ STREAMLINE SECURITY COMPLIANCE ❏ ENFORCE SECURITY STANDARDS
  • 5. Specifications ❏ Automated security assessment service which helps to improve security and compliance of applications deployed on aws. ❏ Automatically assess applications for exposure ,vulnerabilities and deviations from best practises. ❏ It helps to check for unintended network accessibility of your amazon ec2 instances and for vulnerabilities on those ec2 instances. ❏ It offers predefined rules package mapped to common security best practises and vulnerabilities definition. ❏ It checks ec2 instances from internet remote root login or vulnerable software versions enabled. ❏ These rules regularly updated by aws security researchers.
  • 6. Common Vulnerabilities and Exposure Vulnerabilities: ❏ A mistake in a system which can be used to gain unauthorized access 1. Execute command as another user 2. Can execute dos attack Exposure: ❏ A mistake in software which allows access to information which can lead to unauthorized system access 1. Allows an attacker to hide activities 2. Enable information gathering activities
  • 7. Pricing Free Trial for 3 MONTHS 250 agent assessment for the first 90 days using the service. After 90 Days First 250 agent assessment $0.30 Next 750 agent assessment $0.25 Next 4000 agent assessment $0.10 All other agent assessment $0.05
  • 8. Agent Installation Process wget https://inspector-agent.amazonaws.com/linux/latest/install chmod 777 install ./install /opt/aws/awsagent/bin/awsagent status
  • 9. What can I do with Amazon Inspector? ❏ Amazon Inspector allows you to automate security vulnerability assessments throughout your development and deployment pipeline or against static production systems. This allows you to make security testing a more regular occurrence as part of development and IT operations. Amazon Inspector is an API-driven service that uses an optional agent, making it easy to deploy, manage, and automate. Amazon Inspector assessments are offered to you as pre-defined rules packages mapped to common security best practices and vulnerability definitions. What makes up the Amazon Inspector service? ❏ Amazon Inspector consists of a technology that analyzes your network configurations in AWS for reachability, an Amazon-developed agent that is installed in the operating system of your Amazon EC2 instances, and a security assessment service that uses telemetry from the agent and AWS configuration to assess instances for security exposures and vulnerabilities.
  • 10. What is an assessment template? ❏ An assessment template is a configuration that you create in Amazon Inspector to define your assessment run. This assessment template includes a rules package against which you want Amazon Inspector to evaluate your assessment target, the duration of the assessment run, Amazon Simple Notification Service (SNS) topics to which you want Amazon Inspector to send notifications about assessment run states and findings, and Amazon Inspector-specific attributes (key/value pairs) that you can assign to findings generated by the assessment run. What is an assessment run? ❏ An assessment run is the process of discovering potential security issues through the analysis of your assessment target's configuration, installed software, and behavior against specified rule packages. If the network reachability rules package is included, Inspector analyzes your network configurations in AWS to find accessibility of your EC2 instances over the network. If the Inspector agent is installed on the instance, the agent collects and sends on-host software and configuration data. Next, the Inspector service analyzes the data and compares it against the rule packages specified. A completed assessment run produces a list of findings for
  • 11. What is an assessment target? An assessment target represents a collection of Amazon EC2 instances that you want assessed, typically a set of instances that work together as a unit to help you accomplish your business goal(s). Amazon Inspector evaluates the security state of these EC2 instances. You can include all of your instances in an assessment target or specify a subset of instances by using Amazon EC2 tags. What is a finding? A finding is a potential security issue discovered during the Amazon Inspector assessment run of the specified target. Findings are displayed in the Amazon Inspector console or retrieved through the API, and contain both a detailed description of the security issue and a recommendation on how to fix it.
  • 12. Can I set up Amazon Inspector assessments through AWS CloudFormation? Yes, you can create Amazon Inspector resource groups, assessment targets, and assessment templates using AWS CloudFormation templates. This allows you to automatically set up security assessments for your EC2 instances as they are deployed. In your CloudFormation template, you can also bootstrap installation of the Inspector Agent on EC2 instances by using agent installation commands in either AWS::CloudFormation::Init or EC2 user data. Alternatively, you can create EC2 instances in your CloudFormation template using an AMI with the Inspector Agent pre-installed Can I define my own rules for assessment templates? No. Only the pre-defined rules are currently allowed for assessment runs.
  • 13. Which on-host software packages can Inspector analyze for vulnerabilities? Amazon Inspector finds applications by querying the package manager or software installation system on the operating system where the agent is installed. This means that software that was installed through the package manager is assessed for vulnerabilities. The version and patch level of software that is not installed through these methods is not recognized by Inspector. For example, software installed via apt, yum, or Microsoft Installer will be assessed by Inspector. Software installed through make config / make install, or binary files copied directly to the system using automation software such as Puppet or Ansible will not be assessed by Inspector.
  • 14. GETTING STARTED ❏ Set up and log into your AWS account ❏ Assess your full account on a schedule with one click, or set up custom assessments ❏ Review findings and start protecting your application