Using AWS inspector to monitor AWS EC2 instance for common vulnerabilities.

AWS Inspector.

This is an automated security assessment service on the AWS console which scans through your environment and provides you with a report of vulnerabilities in it.
this service is useful in that

  • It helps to improve the security and complains of applications deployed in the AWS environment
  • It assesses the application for exposure (vulnerabilities and deviation from best security practices)
  • Shows your changes which took place that exposes your infrastructure.
  • It recommends possible ways of fixing the vulnerabilities.

How to set up the inspector.

To set up and AWS inspector, you need to make sure the service you want to monitor or access is running, in this case, the ec2 has to be running. So with the instance, you want to access running, on the AWS console search for the inspector service.
With the inspector service on focus, click on get started.





Next, you are presented with the page for configuring or choosing the type of assessment of which are network assessment and host assessment both of which are checked by default. allow them as they are or change it if need be for your particular case. then select either of the options run weekly, once or advance for advance settings.  For the purpose of this post, we will go with Run Once options


Create an assessment target, provide the name and select which option you want to go with.

Assessment target on all instance

Without all instances selected, you will have the screenshot below where you can provide the tags of the instance you want to run the assessment on. see screenshot below
Assessment target without all instance instance


Next, Create an assessment template and provide a name, target(which you created earlier), and rules for your assessment and See the screenshot below.


Click on the create and run and then wait for 15 minutes to see the result of your assessment.
when the assessment is complete, click on assessment complete to find the details then

Download the report choose the full report options.
when the report is downloaded it will have been populated with data and analysis as below with all that was tested in various sections.



In conclusion

The inspector service allows us to assess EC2 instances for common vulnerabilities on how to eliminate them etc. so for a continuous basis, it's important to keep the inspector run and feedback you with details of how secure or vulnerable your instance is.

Comments

Popular posts from this blog

Algorithm Design A Call For Concern To Software Engineers

A health wise peep into the life of a home based developer

Week Twelve