Amazon Inspector ajoute des informations sur les instances Amazon EC2 aux résultats de sécurité

Amazon Web Services (AWS) a annoncé vendredi le lancement de nouvelles fonctionnalités au sein d’Amazon Inspector, service d’évaluation automatisé de la sécurité permettant de renforcer la sécurité et la conformité des applications déployées sur AWS. Les résultats de sécurité Amazon Inspector incluent désormais l’ID d’Amazon Machine Image (AMI), les balises d’instance, le groupe Auto Scaling, le nom d’hôte, les adresses IP, les noms DNS et l’ID de sous-réseau de l’instance Amazon EC2 présentant une vulnérabilité ou une configuration non sécurisée.

To help customers easily check their network configurations for externally exposed instances, AWS is today launching new functionality in Amazon Inspector. New network assessments added to Amazon Inspector’s existing functionality check for on-host vulnerabilities. The new network assessments can be used without installing any agent and works without sending any packets to your instances. This is the latest feature enhancement release in AWS’s Provable Security initiative, referring to a suite of AWS technology powered by automated reasoning. Automated reasoning uses math-based models to verify and analyse network configurations to find what is accessible over the network.

The threat landscape is constantly evolving, and network assessments are a necessity for any business hoping to avoid being in the next breach headline and also looking to stay ahead of hackers. Many network assessments tools can involve using complex scanners and/or tedious analysis of complex configurations that can be very time-consuming.

Amazon Inspector now provides a simple way for customers to streamline the network assessment process, and they can set up these assessments with a couple of clicks on the AWS getting started page. With the new ‘Network Reachability’ rules package, customers can find the ports on all of their instances that are accessible from outside the VPC, like from the internet, VPN, or a peered VPC. Findings also show which network configurations allow access, to make it easy to know what to change to restrict access. In addition, if the Inspector agent is available on the instance, the network reachability assessment also finds process listening on reachable ports, effectively creating a packet-less and scanner-less network scan.

This enables customers to reap the benefits:

• They can use this new rules package to get findings on the accessibility of all accessible network ports along with information on how to restrict access — saving them time and effort while helping reduce the duration of exposure.
• It also provides peace of mind by giving alerts on the most critical exposures. When critical, well-known ports (based on Amazon’s standard guidance) are reachable, findings will be pointed out with higher severities.
• Using the network assessments together with Amazon Inspector’s host-based rules packages like Common Vulnerabilities and Exposures (CVE), they can better understand the priority of vulnerabilities based on network exposure of the vulnerable instances.

If you want to learn about Provable Security technology for network assessments, ease of implementation and how customers can protect their business by a few simple clicks with Amazon Inspector, see here.

Quote from Ian Massingham, EMEA Technical Evangelist (Or local spokesperson)

“As the threat landscape becomes more volatile, and compliance requirements are  ever-increasing,network assessments are now more important to our customers than ever before. The launch of our new network assessment tool in Amazon Inspector is the next step for customers in creating a seamless and secure way to streamline the assessment of network exposure. Powered by automated reasoning technology, the assessment is intuitive and adaptable, removing complexity and enhancing the user experience for our customers regardless of location.“