"Amazon Inspector is a new service from AWS that identifies security issues in your application deployments. Use Inspector with your applications to assess your security posture and identify areas that can be improved. Inspector works with your Amazon EC2 instances to monitor activity in your applications and system. This session will cover getting started with Inspector, how to automate the process, how to manage and act on findings, and additional ways you can enhance your development and release lifecycle using Inspector."

1. © 2015, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Alex Lucas, AWS Principal Security Engineer
October 2015
SEC324
Introducing Amazon Inspector:
Security Insight into Your
Application Deployments

2. Session overview
• What is Inspector?
• Concepts and overview
• Demos
• Automation
• Limited preview

3. What is Inspector?
• Application security assessment
• Selectable built-in rules
• Security findings
• Guidance and management
• Automatable via APIs

4. Why?
Securing infrastructure is often expensive and hard to do
effectively.
• Amazon Inspector is automated, repeatable, and designed to
reduce cost.
• Use AWS security knowledge to strengthen customer servers,
services, and infrastructure.
• Delivery of actionable findings that are carefully explained and
help their resolution.

5. How?
1. Install as a service on your Amazon EC2 instances.
2. Tag the instances with application-specific information.
3. Configure Amazon Inspector application and
assessment.
4. Start Inspector.
5. Exercise and test your service.
6. Stop Amazon Inspector or wait for the configurable
timeout.
7. Look at findings and fix as appropriate.

6. Concepts
• Agent
• Application
• Assessment
• Finding
• Rule packages/rule
• Telemetry

7. Rule packages
• CVE (common vulnerabilities and exposures)
• Network security best practices
• Authentication best practices
• Operating system security best practices
• Application security best practices
• PCI DSS 3.0 readiness

8. Demo – Walkthrough

10. Automation
EC2 UserData
AWS CloudFormation
• Install the agent easily into new instance
• Update existing stacks for instance support
Other DevOps tools: Ansible, Chef, Puppet, Salt
• Install and change existing infrastructure
APIs overview

11. Demo – CloudFormation

13. Demo – Automation

15. Demo – Automating Deployment

17. Limited preview
FREE during the limited preview.
Limitations
• Applications: 50
• Assessments: 500
• Agents: 500
• Linux only (AL2015+, Ubuntu 14.04+)
• us-west-2 region (US West [Oregon])

18. Next steps
• Path to general availability
• More rules and packages
• Further integration
• Implement feedback

19. AWS Security and Compliance
AWS Trusted Advisor
AWS Config Rules
Amazon Inspector
Best practices for performance, reliability, and security
Create rules that govern configuration of your resources
Security insights into your applications
AWS Compliance AWS: Security of the cloud
Customer: Security in the cloud

20. Partners

21. Please…
…sign up for our limited preview.
• Look for Amazon Inspector on the AWS Management Console.
…provide feedback about this session.
…provide feedback about Amazon Inspector.
• Via AWS forums.

22. Questions?
• Find me outside the room after this session.

23. Remember to complete
your evaluations!

24. Thank you!