(sec324) new! introducing amazon inspector

© 2015, Amazon Web Services, Inc. or its Affiliates. All rights reserved.

Alex Lucas, AWS Principal Security Engineer

October 2015

SEC324

Introducing Amazon Inspector:

Security Insight into Your

Application Deployments

Session overview

• What is Inspector?

• Concepts and overview

• Demos

• Automation

• Limited preview

What is Inspector?

• Application security assessment

• Selectable built-in rules

• Security findings

• Guidance and management

• Automatable via APIs

Why?

Securing infrastructure is often expensive and hard to do

effectively.

• Amazon Inspector is automated, repeatable, and designed to

reduce cost.

• Use AWS security knowledge to strengthen customer servers,

services, and infrastructure.

• Delivery of actionable findings that are carefully explained and

help their resolution.

How?

1. Install as a service on your Amazon EC2 instances.

2. Tag the instances with application-specific information.

3. Configure Amazon Inspector application and assessment.

4. Start Inspector.

5. Exercise and test your service.

6. Stop Amazon Inspector or wait for the configurable timeout.

7. Look at findings and fix as appropriate.

Concepts

• Agent

• Application

• Assessment

• Finding

• Rule packages/rule

• Telemetry

Rule packages

• CVE (common vulnerabilities and exposures)

• Network security best practices

• Authentication best practices

• Operating system security best practices

• Application security best practices

• PCI DSS 3.0 readiness

Demo – Walkthrough

Automation

EC2 UserData

AWS CloudFormation

• Install the agent easily into new instance

• Update existing stacks for instance support

Other DevOps tools: Ansible, Chef, Puppet, Salt

• Install and change existing infrastructure

APIs overview

Demo – CloudFormation

Demo – Automation

Demo – Automating Deployment

Limited preview

FREE during the limited preview.

Limitations

• Applications: 50

• Assessments: 500

• Agents: 500

• Linux only (AL2015+, Ubuntu 14.04+)

• us-west-2 region (US West [Oregon])

Next steps

• Path to general availability

• More rules and packages

• Further integration

• Implement feedback

AWS Security and Compliance

AWS Trusted Advisor

AWS Config Rules

Amazon Inspector

Best practices for performance, reliability, and security

Create rules that govern configuration of your resources

Security insights into your applications

AWS Compliance AWS: Security of the cloud

Customer: Security in the cloud

Partners

Please…

…sign up for our limited preview.

• Look for Amazon Inspector on the AWS Management Console.

…provide feedback about this session.

…provide feedback about Amazon Inspector.

• Via AWS forums.

Questions?

• Find me outside the room after this session.

Remember to complete

your evaluations!

Thank you!