Amazon Inspector expands agentless EC2 scanning and introduces Windows KB-based findings

Amazon Inspector has enhanced its agentless scanning capabilities for EC2 instances, now providing broader detection coverage that includes support for scanning vulnerabilities in the Windows operating system without the need for an agent. This update allows security teams and IT administrators to identify vulnerabilities in a wider range of software and applications on their EC2 instances. The supported software includes platforms such as WordPress, Apache HTTP Server, Python packages, and Ruby gems, in addition to Windows OS vulnerabilities, all through agentless scanning. Customers will automatically receive findings for these newly supported software and applications without needing to make any configuration changes.

Additionally, Amazon Inspector has introduced Windows Knowledge Base (KB)-based findings for Windows OS vulnerabilities. Instead of generating separate findings for each Common Vulnerabilities and Exposures (CVE) addressed by a single Microsoft patch, customers will now receive a consolidated KB finding that groups all related CVEs together. Each KB finding will provide the highest Common Vulnerability Scoring System (CVSS) score, Exploit Prediction Scoring System (EPSS) score, and exploit availability from the included CVEs, along with a direct link to the relevant Microsoft KB article. This consolidation makes it easier for users to understand which patch to apply and the reasons behind it. All existing CVE-based Windows OS findings will automatically transition to KB-based findings, requiring no additional action from customers.

These new capabilities are available in all AWS Regions where Amazon Inspector is offered. For more information, users can visit the Amazon Inspector product page and consult the Amazon Inspector documentation.