Posted On: Nov 27, 2023
HAQM Inspector now offers continuous monitoring of your HAQM EC2 instances for software vulnerabilities without installing an agent or additional software. Currently, HAQM Inspector leverages the widely deployed AWS Systems Manager (SSM) Agent to assess your EC2 instances for third-party software vulnerabilities. With this new capability, you can expand your vulnerability assessment coverage across your EC2 infrastructure with HAQM Inspector agentless scanning for EC2 instances that do not have SSM Agents installed or configured. For agentless scanning, HAQM Inspector takes snapshots of EBS volumes to collect software application inventory from the instances to perform vulnerability assessments. Once you enable EC2 scanning within HAQM Inspector, it automatically discovers all your EC2 instances and starts evaluating them for software vulnerabilities. Customers can enable agentless scanning by simply visiting the EC2 settings page within the HAQM Inspector console and selecting hybrid scan mode. In hybrid scan mode, HAQM Inspector relies on SSM Agents to collect information from instances to perform vulnerability assessments, and automatically switches to agentless scanning for instances that do not have SSM Agents installed or configured.
HAQM Inspector is a vulnerability management service that continually scans AWS workloads for software vulnerabilities, code vulnerabilities, and unintended network exposure across your entire AWS Organization.
HAQM Inspector agentless vulnerability assessments for HAQM EC2 in preview is available in three commercial Regions including US East (N. Virginia), US West (Oregon), and Europe (Ireland).
To learn more and get started with continual vulnerability scanning of your workloads, visit: