Overview
Amazon Inspector is an automated vulnerability management service that continually scans Amazon EC2 and container workloads for software vulnerabilities and unintended network exposure. AWS Partners offer solutions integrated with Amazon Inspector to simplify deployment and operations across different use cases.
See how AWS Partners provide solutions and services that further enhance the value and experience of Amazon Inspector.
Amazon Inspector use cases
Find an AWS Partner
Software Solution Partners
-
Axonius
The Axonius platform provides hundreds of adapters (pre-built API connections) to deliver a comprehensive asset inventory, identify attack surface coverage gaps, and validate security controls and policies. The Axonius Platform ingests Amazon Inspector findings using a dedicated AWS adapter. Amazon Inspector findings can be viewed alongside other correlated data sources to help with vulnerability prioritization and management. When assets contain vulnerabilities or deviate from desired states, customers can automate enforcement actions and notifications to reduce risk.
-
Cavirin
Cavirin delivers an enterprise-class cyber security framework that presents up-to-the-minute knowledge of system-wide security strengths and weaknesses. Whether in the cloud or the corporate data center, its Cyber Posture Intelligence solution enables cross-platform security monitoring, reporting, remediation, and ensures compliance with standards such as CIS, NIST, HIPAA, PCI, and GDPR. The integration of Amazon Inspector enables the inclusion of discoveries into the prioritized remediation workflow of the Cavirin dashboard. Ensuring rapid remediation of vulnerabilities in the AWS cloud environment is key to keeping systems secure. Cavirin’s posture management, one-click remediation, and integration with major ticketing systems guarantee a fast track to securing AWS instances.
-
FireEye
FireEye Helix, an AWS SaaS security operations platform, ingests Amazon Inspector findings to provide vulnerability and risk context for detection, visibility, and threat hunting activities. FireEye Helix ingests Amazon Inspector findings to identify Amazon EC2 and Amazon ECR vulnerabilities, and correlates this data with data from over 600 different security and business applications. The data is used to establish normal behavior and alert on deviations that may suggest insider threats, lateral movement, or other suspicious activity. This allows customers to prioritize incidents and vulnerabilities to rapidly move from alert to fix.
-
Fortinet
Fortinet's Security Fabric solutions are trusted by over 600,000 organizations around the world. FortiCNP, Fortinet’s cloud-native protection solution, provides customers with actionable insights based on security findings from Amazon Inspector, Amazon GuardDuty, AWS Security Hub, and Fortinet Security Fabric solutions such as FortiGate and FortiWeb. FortiCNP calculates risk for cloud resources by correlating multiple security findings using a patented risk score algorithm and presents customers with a prioritized list of resources that have the most risk impact on their cloud environment. By using FortiCNP Fortinet and AWS joint customers reduce alert fatigue and maximize the value of their security investments.
-
IBM Security
IBM Security QRadar integrates Amazon Inspector findings into an analytics platform that enables security teams to gain comprehensive visibility and insights into risk across hybrid environments. QRadar, a security information and event management platform, integrates with a broad range of AWS services and includes advanced rules, reports, and dashboards, so that teams can easily visualize and prioritize threats wherever and whenever they occur. Amazon Inspector findings, including the latest vulnerabilities and risk scores, are correlated with events across networks, users, and cloud to provide a consolidated view of actionable insights across distributed environments. This prioritized view of findings enables teams to address critical vulnerabilities while delivering faster, more accurate risk mitigation.
-
JupiterOne
The JupiterOne platform enables security teams to discover assets, map relationships, and triage risk. JupiterOne ingests vulnerability information from Amazon Inspector, along with data from over 70 additional AWS services. Amazon Inspector findings are correlated with asset data from across your environment, giving your team deep actionable insights, and the ability to better manage and prioritize vulnerabilities and close compliance gaps. Answer complex questions about your assets and vulnerabilities in minutes, not days or weeks. Visualize the findings, drill down to see additional relationships and context, and automate alerts for high risk findings that impact critical resources.
-
Palo Alto Networks
Prisma Cloud for Amazon Web Services offers cloud-native security and compliance assurance throughout the entire development lifecycle. Prisma Cloud by Palo Alto Networks helps protect AWS environments with comprehensive cloud security posture management with full support for the CIS AWS Foundation Benchmark, as well as cloud workload protection for hosts, containers, and serverless throughout all phases of your cloud adoption journey. Prisma Cloud ingests Amazon Inspector vulnerability data, security best practice deviations, and security assessments of applications deployed on AWS to provide organizations with risk visibility and better compliance.
-
Rezilion
Rezilion is an automated DevSecOps platform that allows organizations to effortlessly control risk across cloud infrastructures and applications. Rezilion reduces 70% of customers' patching backlog by validating which vulnerabilities are exploitable in their environment, and prioritizing them so that teams can focus solely on what constitutes an actual risk. With Rezilion, customers can speed up remediation timelines from months to days, reduce costs, and increase release velocity. Rezilion leverages AWS System Manager to allow 1-click onboarding across AWS instances without adding new software agents. Rezilion's integration with Amazon Inspector empowers businesses to automatically surface and analyze Amazon Inspector vulnerability data to validate which vulnerabilities pose an actual threat. It then consolidates findings by software components, distilling thousands of vulnerabilities to a few remediation actions. In addition, Rezilion aggregates Amazon Inspector results with other vulnerability scanners’ findings side-by-side for full-spectrum understanding and advanced reporting (including vulnerability trends and SLAs).
-
SentinelOne
SentinelOne integrates with Amazon Inspector to provide unified visibility of vulnerabilities and misconfigurations within AWS infrastructure. SentinelOne ingests Amazon Inspector findings from Amazon EventBridge and correlates against logs from additional security and DevOps data sources. SentinelOne’s integration with Amazon Inspector provides global visibility of vulnerabilities and operational dashboards to visualize applications with concerns to trigger response actions and isolate vulnerable workloads.
-
Solvo
Solvo helps identify and prioritize risks and proactively mitigates cloud misconfigurations and vulnerabilities while facilitating collaboration between security, DevOps, and engineering teams. By breaking down application, identity, and data silos, Solvo offers an application and data-aware cloud infrastructure security platform designed for the scale and speed of cloud native environments. By utilizing Solvo to evaluate Amazon Inspector findings through contextual, multi-dimensional analysis and assigning risk scores, customers can prioritize the most significant cloud access risks and establish data-aware least privilege policies accordingly.
-
Sonrai Security
Sonrai Security protects the most critical assets in the heart of your cloud by securing identities and prioritizing the remediation of platform and workload risks based on potential business impact. Sonrai Security believes securing identities is the most efficient way to prevent attacker lateral movement and break down the hidden paths to your high-value data and applications. Sonrai’s integration with Amazon Inspector provides deeper visibility into cloud vulnerabilities and unintended network exposure with its patented identity analytics and graph. This patented technology reveals the true end-to-end scope of every identity’s abilities. This context, combined with AWS Inspector findings around CVEs, network reachability results, and exploitability, informs a Sonrai Severity Score for each cloud vulnerability, and offers prioritization based upon whether misconfigurations or vulnerabilities are tied to data and identity risks. Sonrai’s unique ability to reveal critical identity blind spots like exploitable privilege escalation capabilities on the host, EC2 instances or other compute with unintended access to sensitive privileges, and attack paths leading to data, works with AWS Inspector to enhance automated vulnerability management for cloud workloads.
-
Sophos
Sophos incorporates Amazon Inspector findings into a single view of AWS cloud security posture. Sophos combines AWS security services, including Amazon GuardDuty, AWS CloudTrail, and AWS Security Hub, alongside configuration assessments, IAM role anomaly detection, and firewall and workload protection solutions to provide customers threat detection and response capabilities. Customers benefit from a prioritized view of compliance and security posture with integrated Amazon Inspector vulnerability findings to identify and prevent exposure. Sophos XDR adds context to Amazon Inspector findings by overlaying telemetry from workload protection agents and network access configurations, such as exposed ports, to identify and block potentially harmful access attempts to prevent breaches. Sophos takes the weight of 24/7 monitoring and response off customers' shoulders.
-
StreamSecurity
StreamSecurity harnesses a real-time, cloud-native approach to empower AWS customers in swiftly detecting and responding to misconfigurations and threats with enhanced intelligence and speed. Our innovative CloudTwin™ technology plays a pivotal role, offering a precise and dynamically updated model of your cloud environment by continuously monitoring behavior and configuration changes. By seamlessly integrating with Amazon Inspector findings, our mutual customers can effectively prioritize vulnerabilities, correlating them with key resource risk factors such as external exposure, cloud entitlements, data access, and misconfigurations, while also factoring in elements like active WAF rules. Trusted by a diverse array of organizations, from Fortune 500 enterprises to dynamic startups worldwide.
-
Sumo Logic
The Sumo Logic security intelligence portfolio includes a threat protection solution for security-focused customers that reduces security blind spots across multi-cloud and on-premises sources to identify issues before they become incidents. The platform allows teams to monitor, detect, search, and investigate security incidents with threat benchmarking and analytics. Utilizing Sumo Logic Cloud SIEM, security operations center teams can automatically triage alerts, detect threats, and perform threat hunting investigations. Sumo Logic allows customers to ingest a diverse array of firewall, database, identity/access, and content delivery network data to gain increased visibility when monitoring and analyzing cloud and on-premises data. Analytics capabilities are designed specifically for security teams to be able to prioritize, investigate, and respond to active security incidents. The Sumo Logic integration with Amazon Inspector gives customers the ability to process, analyze, and visualize real-time security scan results.
-
Vulcan Cyber
Vulcan Cyber offers customers a security management platform built to help businesses reduce risk through measured and orchestrated AWS security campaigns. Vulcan Cyber integrates with Amazon Inspector by ingesting vulnerability findings to provide a consolidated, prioritized view into your AWS cyber risk posture. Vulcan Cyber is then used to coordinate actionable mitigation campaigns for customers' AWS environments with any other IT, application, or cloud surface. With this integration, cloud security teams are able to filter and prioritize vulnerabilities, as well as create remediation campaigns and automated playbooks based on Amazon Inspector findings.
-
Wiz
Wiz uses an agentless API-based approach to help increase the security of customers' AWS deployment that takes minutes to set up by scanning cloud platform configurations and workloads, such as virtual machines, containers, and serverless. This approach provides a prioritized security assessment of the cloud environment. By connecting Amazon Inspector to Wiz via AWS Security Hub, Wiz correlates these findings with that assessment. Customers gain actionable, prioritized, and contextually rich security insights.
-
XM Cyber
The XM Cyber Attack Path Management platform integration with AWS Inspector identifies cyber exposures and vulnerabilities, and prioritizes high impact risks. The discovery is done across AWS customers' EC2 Instances by adding the adversarial context layer from XM Cyber. This continuous attack telemetry and attack surface context delivers quick results on what to fix first by prioritizing risks and critical assets to provide the next generation in vulnerability management.
Managed Service Partners
-
CloudHesive
CloudHesive’s managed security service provider (MSSP) practice utilizes Amazon Inspector findings to automatically discover and protect managed compute instances and managed container repositories by identifying vulnerable software and configurations on-instance, in-image, and vulnerable configurations within customers' AWS accounts. Out of compliance and vulnerable resources findings are routed into CloudHesive’s MSSP platform where they are triaged, escalated, and remediated (with automation, where possible). The service helps customers reduce coverage gaps and decrease time-to-remediation. Auto-resolved events are aggregated and reported, and events requiring intervention/coordination with customers are managed via the MSSP team, providing 24x7x365 coverage with SLA-driven response and resolution times.
-
Deloitte
Deloitte’s Cyber Cloud Managed Services (CMS) is an AWS Level 1 MSSP Competency-designated cloud managed security solution that enables clients to accelerate their development in AWS by covering identity, data protection, network/infrastructure security, logging/monitoring, and incident response. Cyber CMS is deployed to client environments through infrastructure-as-code and integrated with the CMS SIEM for 24/7 monitoring of the client’s security capability selection. As part of the strategy to secure the deployment supply chain, Amazon Inspector is leveraged as a part of the network and infrastructure capability. Amazon Inspector is used as the EC2 and container image vulnerability scanning solution, using its AWS Security Hub integration to forward findings to the CMS SIEM. Vulnerability findings are prioritized by severity and alerted to customers when the recommended remediation time frame has passed. Cyber CMS also integrates AWS CodePipeline with Amazon Inspector to scan images in the build phase, allowing customers to remediate vulnerabilities early in development.
Vulnerability Feed Partners
-
Recorded Future
Recorded Future Vulnerability Intelligence instantly identifies newly disclosed vulnerabilities, granting real-time cyber risk visibility into vulnerabilities relevant to your organization. Vulnerability intelligence also helps prioritize the vulnerabilities that matter most - those at active risk of exploitation. Recorded Future now integrates with Amazon Inspector, further expanding Recorded Future’s commitment to securing cloud environments with intelligence-driven workflows. All Amazon Inspector clients can now access select Recorded Future Vulnerability Intelligence within their AWS infrastructure, providing them with deeper insights and refined vulnerability findings to more accurately identify and prioritize risks, and accelerate time to remediation.
-
Snyk
Snyk, an AWS Security Competency Partner, helps AWS customers deliver secure applications deployed on AWS public cloud and AWS GovCloud. Snyk is a source of vulnerability intelligence for the Amazon Inspector service, helping security teams improve accuracy of transient dependency vulnerabilities by enriching findings, and helping practitioners prioritize the management of security issues to avoid impacting production workloads. The Snyk Intel Vulnerability Database is maintained with hand-curated content and enriched meta-data, and identifies vulnerable functions as well as known exploit maturity with a Common Vulnerability Scoring System score and vector assigned to 100% of vulnerabilities. Snyk’s proprietary research, combined with community-powered databases, such as RubySec, Friends of PHP, RustSec, and several others, allows Snyk to discover and disclose new vulnerabilities in the open source ecosystem in a timely and accurate manner, helping users prioritize vulnerability remediation based on accurate data and low false positives ratio.
Become an Amazon Inspector Partner
To become an Amazon Inspector Partner you must have joined the AWS ISV Partner Path and have a product that has earned the “Reviewed by AWS” badge by completing an AWS Foundational Technical Review with Amazon Inspector.
If you have a qualified security solution and are interested in becoming an Amazon Inspector Partner, please send an email to [email protected] with your company and product(s) names and contact information.
To get started, review customer use cases, implementations, API documentation, and download our onboarding documents in Amazon Inspector Resources.