SEATTLE, Apr 19, 2016 (BUSINESS WIRE) -- Amazon Web Services, Inc. (AWS), an Amazon.com company today announced that Amazon Inspector, an automated security assessment service, has completed its preview phase and is now generally available to all customers. Amazon Inspector helps customers improve the security and compliance of their applications running on Amazon Elastic Compute Cloud (Amazon EC2) by identifying potential security issues, vulnerabilities, or deviations from security standards. With no up-front costs or infrastructure to manage, Amazon Inspector is easy to deploy and can be integrated into the development lifecycle. With Amazon Inspector, customers pay only for the assessments they run, with the first 250 assessments free for a customer’s first 90 days. To get started with Amazon Inspector, visit .
The flexibility and scale of the AWS Cloud make it possible for customers to build and deploy applications and services faster than ever before. However, the manual effort required to assess these applications for security risks – especially at scale – often slows down both application development and IT operations. While traditional vulnerability assessment solutions can automate assessments, they require customers to deploy and manage back-end infrastructure. As deployment and operations models become more agile, both developers and central security teams are looking for a way to more easily conduct security assessments and integrate them into the development and deployment lifecycle. Amazon Inspector makes this possible by providing a rich set of APIs that customers can use to automate security assessments of production systems, and also easily integrate security assessments directly into their existing application deployment processes. With a few clicks in the AWS Management Console, customers can use AWS tags to identify the Amazon EC2 instances they want to assess, specify the associated applications, select from a pre-built list of tests, and set a time duration. Amazon Inspector analyzes an application’s configuration and activity, looking for a wide spectrum of possible vulnerabilities across Amazon EC2 instances, and collecting information such as how the application communicates with other AWS services, whether it uses secure channels, and the network traffic between instances. Amazon Inspector compares this information against AWS’s extensive rules packages, which represent thousands of potential security vulnerabilities that AWS continuously updates with the latest threat intelligence. Once an assessment of the application’s Amazon EC2 environment is completed, customers can view the findings, along with detailed recommendations for remediation, in the Amazon Inspector console.
“Customers have asked us if we could help them do the same rigorous security assessments on their applications that we do for our AWS services,” said...
More