1. What is Inspector?
Amazon Inspector is an automated vulnerability management service that continually scans AWS workloads for software vulnerabilities and unintended network exposure.
Core Concept Inspector = automated vulnerability scanning. It scans EC2 instances, container images in ECR, and Lambda functions for known vulnerabilities (CVEs) and network reachability issues. Findings are prioritized by risk score. No agents needed for most scans (uses SSM Agent for EC2).
2. What Inspector Scans
3. Key Features
- Continuous scanning: automatic re-scan when new CVEs are published, or resources change
- Risk-based prioritization: Inspector Score (0–100) considering exploit availability, network exposure, and CVSS
- No manual scheduling needed: scans are event-driven and continuous
- Software Bill of Materials (SBOM): export a complete inventory of packages per resource
- Findings sent to: Inspector Console, Security Hub, EventBridge
- Multi-account via Organizations (delegated administrator)
4. Inspector vs GuardDuty
4. When to use
Use Inspector when you need to automatically scan AWS workloads for software vulnerabilities and unintended network exposure.
Common scenarios:
- Vulnerability management — Continuously scan EC2, Lambda, and ECR container images for known CVEs.
- Patch compliance — Identify missing OS and software patches.
- Network exposure — Find EC2 instances with unintended open ports or public accessibility.
- Container security — Scan Docker images in ECR for vulnerabilities before deployment.
- CI/CD integration — Scan images in the build pipeline before pushing to production.
- Compliance — Demonstrate ongoing vulnerability assessment for audit requirements.
Exam Tip Inspector: "Vulnerability scanning" = Inspector. "Scan EC2 for CVEs" = Inspector. "Scan ECR images for vulnerabilities" = Inspector (also ECR Enhanced Scanning uses Inspector). "Scan Lambda dependencies" = Inspector. Proactive (find before exploit). GuardDuty = reactive (detect during exploit). The inspector needs SSM Agent on EC2.