Date posted: 9th October 2015
At the recent re:Invent conference Amazon announced the launch of their Inspector tool as part of Amazon Web Services (AWS). This has answered many of the compliance and cloud security concerns that customers had with utilizing the public cloud.
Amazon Inspector is designed to scan applications launched within Amazon Web Services. It is primarily focused on identifying anomalies introduced during or post-deployment. The application allows Amazon Web Services to meet compliance with major regulations including PCI-DSS (Payment Card Industry-Data Security Standard)
Amazon Web Services Chief Evangelist Jeff Barr announced the product on the Amazon blog. “Inspector agents run on Amazon EC2 instances that host applications” Barr stated “[Inspector] monitors network, file system and processes, and watches over whether the app securely connects to AWS services and between instances.”
“This information provides Inspector with a complete picture of the application and its potential security or compliance issues,” Barr wrote.
Any data siphoned up by Inspector is compared to a set of native rules that check for noncompliance with PCI standards, for example. Other rules in the first version of Inspector include Common Vulnerabilities and Exposures (CVEs), and best practices related to network security, operating system security, application security and authentication.
Inspector has the potential to answer a lot of security challenges for cloud computing use cases from SMB to enterprise where simple-block and analysis is difficult due to lack of resources.
Learn more about Netfast Amazon Web Services Consulting Services