All news with #aws inspector tag

🔔 AWS has launched Amazon Inspector in the Asia Pacific (Taipei) Region, extending automated vulnerability management to customers there. The service continuously scans Amazon EC2 instances, container images pushed to Amazon ECR, and AWS Lambda functions for software vulnerabilities and unintended network exposure across an AWS Organization. New accounts are eligible for a 15-day free trial that performs full scans of eligible resources at no cost. After the trial, usage is billed according to public Amazon Inspector pricing.

🔒 AWS Security Hub is now available in the AWS GovCloud (US-East) and AWS GovCloud (US-West) Regions. Security Hub offers a unified cloud security posture by correlating and enriching signals from Amazon GuardDuty, Amazon Inspector, and Security Hub CSPM to prioritize active risks. The service delivers near‑real‑time risk analytics, exposure findings, automated response workflows, attack path visualization, and centralized organization-wide deployment with streamlined pricing for improved cost predictability.

🛡️ Amazon Inspector adds agentless Windows EC2 vulnerability scanning, extending detection to Windows OS issues as well as common applications and packages like WordPress, Apache HTTP Server, Python packages, and Ruby gems. Customers receive findings automatically with no configuration changes. Inspector also replaces per‑CVE Windows findings with consolidated Windows Knowledge Base (KB) findings that group CVEs by patch and surface the highest CVSS, EPSS, and exploit availability. These capabilities are available in all AWS Regions.

🔒 AWS announces general availability of AWS Security Hub, adding near real-time risk analytics, advanced trends, unified enablement, and streamlined pricing across AWS security services. Security Hub correlates and enriches signals from Amazon GuardDuty, Amazon Inspector, and AWS Security Hub CSPM to surface and prioritize active risks. Centralized deployment across AWS Organizations, attack-path visualization, and automated workflows reduce manual correlation and speed remediation at scale.

🔒 Amazon Inspector can now be enabled, configured, and managed centrally across your AWS Organization using a new Inspector policy type in AWS Organizations. Administrators designate a delegated admin, enable the Inspector policies policy type, and create policies that specify scan types (Amazon EC2, ECR, Lambda standard, Code Scanning, Code Security) and Regions. Once attached to a root, OU, or account, the policy automatically enables Inspector for all covered accounts — including new accounts that join or move into covered OUs — ensuring consistent vulnerability scanning coverage and reducing operational overhead.

🔒 This post explains how to plan and implement an AWS Security Hub proof of concept (POC) to evaluate unified cloud security operations. It outlines steps to define success criteria, configure integrations with GuardDuty, Amazon Inspector, Macie, and Security Hub CSPM, and to prepare, enable, and validate the deployment. The guidance recommends using overlapping trial periods, adopting the OCSF standard for normalized findings, and leveraging automation and ticketing integrations to measure operational impact.

🛡️ This post explains how organizations can use AWS security services while keeping data within Dedicated Local Zones. It describes the AWS Nitro System for hardware-enforced isolation, AWS KMS with an external key store option, and continuous protection from Amazon Inspector and GuardDuty. It also covers certificate management via ACM, DDoS mitigation with AWS Shield, and centralized auditing through CloudTrail.