Upstream `aws-inspector`
What
Upstream aws-inspector from past engagement
Why
This component was never upstreamed and now were want to use it again
AWS Inspector is a security assessment service offered by Amazon Web Services (AWS). It helps you analyze and evaluate the security and compliance of your applications and infrastructure deployed on AWS. AWS Inspector automatically assesses the resources within your AWS environment, such as Amazon EC2 instances, for potential security vulnerabilities and deviations from security best practices. Here are some key features and functionalities of AWS Inspector:
Security Assessments: AWS Inspector performs security assessments by analyzing the behavior of your resources and identifying potential security vulnerabilities. It examines the network configuration, operating system settings, and installed software to detect common security issues.
Vulnerability Detection: AWS Inspector uses a predefined set of rules to identify common vulnerabilities, misconfigurations, and security exposures. It leverages industry-standard security best practices and continuously updates its knowledge base to stay current with emerging threats.
Agent-Based Architecture: AWS Inspector utilizes an agent-based approach, where you install an Inspector agent on your EC2 instances. The agent collects data about the system and its configuration, securely sends it to AWS Inspector, and allows for more accurate and detailed assessments.
Security Findings: After performing an assessment, AWS Inspector generates detailed findings that highlight security vulnerabilities, including their severity level, impact, and remediation steps. These findings can help you prioritize and address security issues within your AWS environment.
Integration with AWS Services: AWS Inspector seamlessly integrates with other AWS services, such as AWS CloudFormation, AWS Systems Manager, and AWS Security Hub. This allows you to automate security assessments, manage findings, and centralize security information across your AWS infrastructure.
References
DEV-942