Amazon Inspector enhances EC2 scanning with agentless options and Windows KB findings

Amazon Inspector has expanded its capabilities for agentless scanning of EC2 instances, now including enhanced detection for vulnerabilities in the Windows operating system. This update means security teams and IT administrators can identify vulnerabilities across a wider array of software and applications on their EC2 instances without needing an agent. This includes popular software such as WordPress, Apache HTTP Server, Python packages, and Ruby gems, in addition to Windows OS vulnerabilities.

With this upgrade, customers automatically receive findings for newly supported software and applications without needing to adjust any configurations. This seamless integration allows for a more comprehensive security posture.

Moreover, Amazon Inspector introduces Windows Knowledge Base (KB)-based findings, which significantly improve the process of identifying Windows OS vulnerabilities. Instead of providing separate findings for each CVE addressed by a single Microsoft patch, the service now consolidates these into a single KB finding. This consolidated finding includes the highest Common Vulnerability Scoring System (CVSS) score, Exploit Prediction Scoring System (EPSS) score, and information on exploit availability from the associated CVEs. Additionally, it provides a link to the relevant Microsoft KB article, simplifying the process of determining which patch is necessary and why.

All existing CVE-based findings for Windows OS will automatically transition to KB-based findings, requiring no additional action from customers. These new features are available in all AWS Regions where Amazon Inspector operates. For further details, interested parties can visit the Amazon Inspector product page and consult the Amazon Inspector documentation.