Using AWS inspector to monitor AWS EC2 instance for common vulnerabilities.

AWS Inspector.

This is an automated security assessment service on the AWS console which scans through your environment and provides you with a report of vulnerabilities in it.
this service is useful in that

  • It helps to improve the security and complains of applications deployed in the AWS environment
  • It assesses the application for exposure (vulnerabilities and deviation from best security practices)
  • Shows your changes which took place that exposes your infrastructure.
  • It recommends possible ways of fixing the vulnerabilities.

How to set up the inspector.

To set up and AWS inspector, you need to make sure the service you want to monitor or access is running, in this case, the ec2 has to be running. So with the instance, you want to access running, on the AWS console search for the inspector service.
With the inspector service on focus, click on get started.





Next, you are presented with the page for configuring or choosing the type of assessment of which are network assessment and host assessment both of which are checked by default. allow them as they are or change it if need be for your particular case. then select either of the options run weekly, once or advance for advance settings.  For the purpose of this post, we will go with Run Once options


Create an assessment target, provide the name and select which option you want to go with.

Assessment target on all instance

Without all instances selected, you will have the screenshot below where you can provide the tags of the instance you want to run the assessment on. see screenshot below
Assessment target without all instance instance


Next, Create an assessment template and provide a name, target(which you created earlier), and rules for your assessment and See the screenshot below.


Click on the create and run and then wait for 15 minutes to see the result of your assessment.
when the assessment is complete, click on assessment complete to find the details then

Download the report choose the full report options.
when the report is downloaded it will have been populated with data and analysis as below with all that was tested in various sections.



In conclusion

The inspector service allows us to assess EC2 instances for common vulnerabilities on how to eliminate them etc. so for a continuous basis, it's important to keep the inspector run and feedback you with details of how secure or vulnerable your instance is.

Comments

Post a Comment

Popular posts from this blog

Algorithm Design A Call For Concern To Software Engineers

Image
Algorithms in its entirety are often misunderstood and misinterpreted by most of the software engineers or developers. Technically every software or program you develop does use an algorithm and in most cases brute-force that is the obvious solution and at times the easiest. In computer science and software engineering, the concern is in solving problems and any problem that needs to be solved requires a solution in a finite amount of time and using the smallest amount of resources as possible.  In this post is the discussion about the importance and need for a software engineer to be able and capable of designing a good algorithm in his or her software development lifetime. This post will also go further to demonstrate on the side effects that you as a developer have without basic knowledge of algorithms,  the software that you build and the community that uses the software you build. Importance of good algorithm design. Algorithm design is important because They make your prog
Read more

Week Twelve

Image
Week 12. This week commenced and i fully worked on making sure all the hanging pull request with respect to the core have been merged and closed. I accomplished these by hastening up my speed in fixing reviews, then i created new branches called general fix where all the light works related to renaming adding exception modifying exception messages and as well writing tests. Rest webservice. After sucessfully finishing with the core and everything merged, I went straight away to the  rest webservice module where i added 2 endpoint to handle the get with provided activation and a post with new credentials  password and activation key. this i did before consulting my mentor and  after consulting him. There was alot of other design changes such. i had to send and email message to my two mentors ie primary mentor and backup mentor. I also posted on talk here   from this talk post i received many criticism and all of them were positively to my benefits in finishing up with the rest web
Read more

A health wise peep into the life of a home based developer

First look at the lifestyle of a developer: Basically, a home-based developer though it applies to an office developer. It all begins with the lifestyle of the individual. Haven lived in this lifestyle and among other developers who equally lived a similar lifestyle, I can say the following.  Most developers take it as a lifestyle in that skipping breakfast is the order of the day and telling you that the last meal they take was maybe yesterday afternoon is a common wording that you can hear. This is not because they don’t have the means to get the food but most times because they neither felt hungry nor hadn’t any time to look for something and eat. This even goes further when they happened to get something and eat they eat what is termed junk food. Here I mean they go for what is readily available and takes less effort to acquire. They end up with things like bread, or just carbohydrate food. That is if we are to qualify it as food then they might spend their remaining time tak
Read more