Monitoring: Amazon Inspector

Amazon Inspector is a security assessment service that helps you identify potential security issues in your applications and infrastructure.
It uses a combination of automated security assessments and manual reviews to analyze your resources for common vulnerabilities and configuration issues. Amazon Inspector provides a detailed list of findings and recommendations, prioritized by severity and ease of remediation, to help you quickly identify and address security issues. It integrates with AWS services like Amazon EC2, AWS Lambda, and Amazon S3, as well as third-party tools, to provide a comprehensive security assessment of your entire environment. Amazon Inspector can be easily configured and automated to run security assessments regularly, allowing you to maintain a continuous and proactive approach to security.

Why should you monitor Amazon Inspector findings?

To benefit from the security monitoring provided by Inspector, responding to potential threats as fast as possible is crucial. Therefore, it is necessary to keep an eye on new Inspector findings. The following figure shows how marbot configures monitoring for Inspector and escalates alerts among team members.

How does monitoring Amazon Inspector work?

Without further ado, marbot notifies you about Amazon Inspector findings. Here is what an alert caused by an Inspector finding looks like in Microsoft Teams.

And here is the same alert in Slack.

How do you set up monitoring of Amazon Inspector?

marbot works with Slack and Microsoft Teams. Please select your platform and follow the Getting Started guide.

• marbot for Slack
• marbot for Microsoft Teams

Which events does marbot monitor in detail?

marbot creates EventBridge rules to monitor the following events automatically.