Lab Details

1. This lab walks you through the steps to launch the EC2 instance and configure an Inspector with an Assessment target and template.

2. You will practice using Amazon Inspector target as EC2 Instance having AWS Agent installed. Once the Assessment target and template are created, you will run the template to find the vulnerabilities on the configured instance. 

3. Duration: 45 minutes

4. AWS Region: US East (N. Virginia) us-east-1

Introduction

What is Amazon Inspector

• Amazon Inspector allows us to find vulnerabilities on configured EC2 instances.

• There are 2 types of assessment runs are performed, Network assessment and Host assessment

• Network assessment has Network Reachability package rule while Host assessment has three types of package rule i.e. Common vulnerabilities and exposures, Center for Internet Security (CIS) Benchmarks, Security best practices for Amazon Inspector.

• There are mainly three types of Severity levels for rules in Amazon Inspector i.e. High, Medium, and Low.

• Informational severity of findings is just best practices recommended by Amazon Inspector. 

Architecture Diagram

Task Details

1. Launching Lab Environment

2. Launching an EC2 Instance

3. SSH into EC2 Instance

4. Install an AWS Agent

5. Create an assessment target

6. Create an assessment template

7. Run the assessment template

8. Download the assessment run report

9. Validation of the Lab