Posted On: Nov 9, 2017
HAQM Inspector is pleased to announce the addition of native severity data for the Common Vulnerabilities & Exposures (CVE), and CIS Benchmarks rule packages, along with support for security assessments on CentOS Enterprise Linux 7.4 within HAQM EC2.
Prior to this release, HAQM Inspector provided a normalized severity rating for security findings identified by HAQM Inspector. Due to the differences between the severity ratings for rule packages like CVE and CIS Benchmarks, HAQM Inspector transforms these native severities into a standardized 4 tier severity scale of High, Medium, Low, and Informational that is used for all findings regardless of rules package. We will now also expose the Common Vulnerability Scoring System (CVSS) severity and CVSS vector information associated with all CVE findings. For CIS Benchmarks, we have added the information for the CIS Benchmark Weight, which details whether the benchmark is considered as part of the scoring criteria for the hardening guideline used.
In addition to these findings data enhancements, you can now run assessments for Common Vulnerabilities & Exposures (CVE), HAQM Security Best Practices, and Runtime Behavior Analysis on the most recent version of CentOS Enterprise Linux. To run security assessments, simply install the HAQM Inspector AWS Agent on the desired CentOS-based EC2 instance, configure your assessment in the HAQM Inspector console, and run your assessment.
For more information on HAQM Inspector and details on pricing, visit the HAQM Inspector site. To get started, simply login to the HAQM Inspector Console and configure an assessment. Need more information? Check out our Quick Start guide and the Getting Started with HAQM Inspector webinar.