Amazon Inspector
An important component within the security management of organizations is the Technical Vulnerability Management part that involves carrying out a continuous process of reviewing the exposure and vulnerability status of your applications and all their associated components. Aligned with the Well-Architected Framework, precisely in the workload protection component, you have item SEC06-BP01: Perform Vulnerability Management, which recommends that you should “Frequently scan and patch for vulnerabilities in your code, dependencies, and in your infrastructure to help protect against new threats.” In this sense, AWS offers the ability to address this important issue through Amazon Inspector. In Figure 1, you can see the general view. You just need to enable the service and it will automatically start the discovery process for EC2 instances, Container repositories, Container images, and Lambda functions. Figure 1- Amazon Inspector dashboard Amazon Inspector is an automated vulnerabilit...