Our next-gen architecture is built to help you make sense of your ever-growing data. Watch a 4-min demo video!

Quick Start Security for AWS Inspector

AWS Inspector
AWS Inspector icon

Out-of-the-Box Security For AWS Inspector Includes:

Alerts - 6

Stay on top of AWS Inspector key performance metrics. Keep everyone in the know with integration with Slack, PagerDuty and more.

Low Severity Event

This alert gets triggered on low severity event. Summary AWS Inspector is a security assessment service provided by Amazon Web Services (AWS). It helps you to identify potential security vulnerabilities and compliance issues in your applications running on the AWS infrastructure. AWS Inspector automates the security assessment process by analyzing the behavior of your AWS resources and providing insights into potential security issues. It uses a combination of predefined rules and your customized rules to evaluate your AWS resources. Impact Depends on the type of granular alert. Check the corresponding log for more detail. Mitigation Depends on the type of granular alert. Check the corresponding log for more detail.

Untriaged Severity Event

This alert gets triggered on untriaged severity event. Summary AWS Inspector is a security assessment service provided by Amazon Web Services (AWS). It helps you to identify potential security vulnerabilities and compliance issues in your applications running on the AWS infrastructure. AWS Inspector automates the security assessment process by analyzing the behavior of your AWS resources and providing insights into potential security issues. It uses a combination of predefined rules and your customized rules to evaluate your AWS resources. Impact Depends on the type of granular alert. Check the corresponding log for more detail. Mitigation Depends on the type of granular alert. Check the corresponding log for more detail.

High Severity Event

This alert gets triggered on High severity event. Summary AWS Inspector is a security assessment service provided by Amazon Web Services (AWS). It helps you to identify potential security vulnerabilities and compliance issues in your applications running on the AWS infrastructure. AWS Inspector automates the security assessment process by analyzing the behavior of your AWS resources and providing insights into potential security issues. It uses a combination of predefined rules and your customized rules to evaluate your AWS resources. Impact Depends on the type of granular alert. Check the corresponding log for more detail. Mitigation Depends on the type of granular alert. Check the corresponding log for more detail.

Medium Severity Event

This alert gets triggered on medium severity event. Summary AWS Inspector is a security assessment service provided by Amazon Web Services (AWS). It helps you to identify potential security vulnerabilities and compliance issues in your applications running on the AWS infrastructure. AWS Inspector automates the security assessment process by analyzing the behavior of your AWS resources and providing insights into potential security issues. It uses a combination of predefined rules and your customized rules to evaluate your AWS resources. Impact Depends on the type of granular alert. Check the corresponding log for more detail. Mitigation Depends on the type of granular alert. Check the corresponding log for more detail.

Critical Severity Event

This alert gets triggered on critical severity event. Summary AWS Inspector is a security assessment service provided by Amazon Web Services (AWS). It helps you to identify potential security vulnerabilities and compliance issues in your applications running on the AWS infrastructure. AWS Inspector automates the security assessment process by analyzing the behavior of your AWS resources and providing insights into potential security issues. It uses a combination of predefined rules and your customized rules to evaluate your AWS resources. Impact Depends on the type of granular alert. Check the corresponding log for more detail. Mitigation Depends on the type of granular alert. Check the corresponding log for more detail.

No logs from AWS Inspector

This rule detects if there are no logs in the last 36 hours for AWS Inspector in the customer account. Note- This alert should configured with relevant app & subsystem. Impact Disabling logging is a tactic that adversaries might employ as part of various MITRE ATT&CK techniques to avoid detection, cover their tracks, or impede incident response investigations. Mitigation Address logging concerns to ensure comprehensive monitoring within the Coralogix SIEM system. MITRE Tactic: TA0005 MITRE Technique:T1562

Documentation

Learn more about Coralogix's out-of-the-box integration with AWS Inspector in our documentation.

Read More
Schedule Demo