A naukri.com initiative
Amazon
1w
163
Image Credit: Amazon
Amazon Inspector suppression rules best practices for AWS Organizations
- Amazon Inspector is a vulnerability management service that continuously scans your Amazon Web Services (AWS) workloads for software vulnerabilities and unintended network exposure.
- To prioritize vulnerabilities, AWS recommends using risk-based prioritization and proper resource tagging.
- Best practices for managing vulnerabilities include suppressing findings based on Amazon Inspector score and using tags to enable risk-based prioritization.
- You can create suppression rules in Amazon Inspector to suppress findings that are less critical, so that you can focus on higher-priority findings.
- Member accounts in an organization cannot create or manage suppression rules. Only standalone accounts and Amazon Inspector delegated administrators can create and manage suppression rules.
- You can integrate Amazon Inspector with AWS Security Hub to send findings from Amazon Inspector to Security Hub, and Security Hub can include these findings in its analysis of your security posture.
- It’s important to maintain a careful, measured approach when applying suppression rules. Maintaining visibility into the true risk profile for each finding is essential for proactive, comprehensive vulnerability management.
- Vulnerability management includes performing a risk assessment to determine which vulnerabilities pose the greatest risk and assessing the relevant regulatory requirements.
- Amazon Inspector is a regional service, meaning you must designate a delegated administrator, add member accounts, and activate scan types in each AWS Region you want to use Amazon Inspector in.
- Best practices for vulnerability management in AWS Organizations include setting up a delegated admin to manage vulnerability scanning for multiple AWS accounts in an organization.
Read Full Article
9 Likes
For uninterrupted reading, download the app