Posted On: Jun 13, 2023
HAQM Inspector now offers the ability to export a consolidated Software Bill of Materials (SBOMs) for all HAQM Inspector monitored resources across your organization in industry standard formats, including CycloneDx and SPDX. With this new capability, you can use automated and centrally managed SBOMs to gain visibility into key information about your software supply chain. This includes details about software packages used in the resource, along with associated vulnerabilities. After HAQM Inspector exports the SBOMs to an HAQM S3 bucket, you have the option to download the SBOM artifacts and use HAQM Athena or HAQM QuickSight to analyze and visualize software supply chain trends. This capability in HAQM Inspector is available with a few clicks in the HAQM Inspector console or using HAQM Inspector APIs. SBOM exports are offered at no additional cost.
HAQM Inspector SBOM exports is available in all commercial Regions where HAQM Inspector is available.
HAQM Inspector is a vulnerability management service that continually scans AWS workloads for software vulnerabilities, code vulnerabilities, and unintended network exposure across your entire AWS Organization. Once activated, HAQM Inspector automatically discovers all of your HAQM Elastic Compute Cloud (EC2) instances, container images in HAQM Elastic Container Registry (ECR), and AWS Lambda functions, at scale, and continuously monitors them for known vulnerabilities, giving you a consolidated view of vulnerabilities across your compute environments.
To learn more and get started with continual vulnerability scanning of your workloads, visit: