In this lab, you will use Amazon Inspector to run a security assessment of your EC2 instances. You will perform both network and host audits. With the network audit, you will find all ports that are reachable from outside the VPC and processes reachable on the port within the EC2 instance. With the host audit, you will find current patch level information and vulnerabilities by running the CVE (Common Vulnerabilities and Exposure) assessment package, the CIS (Center for Internet Security) Benchmark assessment package, the Runtime Behavior analysis package, and the AWS Security Best Practices assessment package.
Level
Intermediate
Duration
2 Hours 30 MinutesCourse Objectives
In this course, you will learn how to:
- Run an agentless network audit
- Install the Amazon Inspector agent on target hosts to enhance network and host scans
- Investigate Amazon Inspector scan results
- Automate the delivery of Amazon Inspector findings with AWS Lambda and Amazon Simple Notification Service (Amazon SNS) topics
Intended Audience
This course is intended for:
- Architects
- Developers
- Security Engineers
Prerequisites
We recommend that attendees of this course have the following prerequisites:
- Familiar with basic navigation of the AWS Management Console
- Comfortable modifying scripts using a text editor
Course Outline
- Task 1: Run a network scan without the Amazon Inspector agent
- Task 2: Run a network scan with the Amazon Inspector agent
- Task 3: Run a host scan with the Amazon Inspector agent
- Task 4: Automate Amazon Inspector findings notifications