Amazon Inspector Reviews

Name: Amazon Inspector
Brand: Amazon Web Services (AWS)
Rating: 4.0 (5 reviews)

4.0 out of 5

5 reviews
85% willing to recommend

What is Amazon Inspector?

Amazon Inspector is an automated security assessment service that helps improve the security and compliance of applications deployed on AWS. Amazon Inspector automatically assesses applications for exposure, vulnerabilities, and deviations from best practices. After performing an assessment, Amazon Inspector produces a detailed list of security findings prioritized by level of severity. These findings can be reviewed directly or as part of detailed assessment reports which are available via the Amazon Inspector console or API.

Get the Amazon Inspector Buyer's Guide and find out what your peers are saying about Amazon Inspector, Wiz, Microsoft Defender for Cloud and more!

Amazon Inspector is the #9 ranked solution in top IT Vendor Risk Management solutions and #24 ranked solution in top Vulnerability Management solutions. PeerSpot users give Amazon Inspector an average rating of 8.0 out of 10. Based on the analysis of the 5 most recent Amazon Inspector reviews, the overall sentiment is positive, with a sentiment score of 8.0. Amazon Inspector is most commonly compared to Wiz: Amazon Inspector vs Wiz. Amazon Inspector is popular among the large enterprise segment, accounting for 66% of users researching this solution on PeerSpot. The top industry researching this solution are professionals from a computer software company, accounting for 13% of all views.

Helped 816,406 peers since 2012

Featured reviews

Nikhil Sehgal

Lead Solution Advisor (Cyber Security) at Deloitte

It has a limited scope. So, AWS Inspector primarily focuses on the security of the EC2 instance. So, if your architecture includes other AWS services, then you may need to use additional tools for your comprehensive security assessment. So that is one con. Another is, like, we have a dependency on agents. So other is dependency on agents, like, Inspector relies on agents installed on instances for deeper assessment. So managing these agents can be additional overhead. So these kinds of things. It does not even provide real-time protection. So, Inspector provides point-in-time assessment rather than continuous monitoring. So these are all cons. When it comes to false positives, it is there for most security tools as of now. I would not consider false positives a major concern. So, these are the major concerns that I found: dependency on agents, limited scope, and no real-time protection.

Read full review

Johnny Suleiman

MS AWS expert at Bespin Global MEA, an e& enterprise Company

Amazon Inspector is used for vulnerability assessment and provides detailed reports for infrastructure security. It's primarily used for vulnerability assessments and scans multiple types of resources, providing a report with findings and CVEs Amazon Inspector impacts operations primarily from a…

Read full review

Derek Justinger

Director Of Engineering at E Source Companies LLC

It is scanning the whole repository for any sort of vulnerabilities. So, it allows us to be more confident in our DevSecOps and not put a lot of folks or attention to it. We can trust the solution. Before anything gets out to deployment, we have to be SOC 2 compliant. It gives us the ability to pretty much approach and implement a solution before anything gets out to our staging or production environment. We check in our code very frequently, and we're able to discover and get rid of any vulnerabilities before they make it to our cloud platform.

Read full review

Amazon Inspector mindshare

Product category:

As of November 2024, the mindshare of Amazon Inspector in the Vulnerability Management category stands at 2.7%, up from 0.6% compared to the previous year, according to calculations based on PeerSpot user engagement data.

Vulnerability Management

Key learnings from peers

Last updated Nov 8, 2024

Valuable Features

Amazon Inspector excels in vulnerability detection and ranking, enabling quick responses to critical issues. It continuously scans AWS workloads for vulnerabilities and network exposure. The feature for reporting vulnerabilities across various resources like containers and servers in one view is vital. It supports CIS benchmarks, categorizes findings by instance and function, and scans container repositories. Users find Security Hub effective for compliance, though they note a lack of custom compliance rule definition.

"Amazon Inspector is highly stable, rated ten out of ten, and this stability impacts business security and administration positively."
"The most valuable feature of Amazon Inspector is the categorization of findings, which filters vulnerabilities by instance, container image, container repository, and Lambda function."
"The integration of Amazon Inspector with other AWS services has enhanced our security.Security Hub is a major asset because it allows us to centralize data from various AWS services. We can integrate third-party tools as well. It is just a single-click option."

Room for Improvement

Amazon Inspector users suggest improvements in on-demand scanning and enhanced integration with Amazon's patching services. They find the tool's scope limited since it mostly targets EC2 instances and does not provide real-time protection. Users also note the dependency on agents as an additional overhead. There is a desire for better automation options, like scheduling operations and broader vulnerability coverage. False positives are acknowledged but not seen as a significant issue.

"One area for improvement in Amazon Inspector is the automation aspect."
"There is room for improvement in the scanning capabilities. I'd like to see broader coverage in terms of the vulnerabilities detected."
"One major area for improvement is remediation. My team works on remediating findings over time, likely using available patches. However, easier integration with Amazon's patching services would be very helpful."

Pricing

Amazon Inspector offers a tiered pricing model that is affordable and scalable. Users report that initial scans can be free, with low incremental costs as usage increases. Pricing clarity and transparency are praised, with a per-scan approach viewed as market-appropriate. Enterprises find the costs fair, citing Amazon Inspector as a budget-friendly option compared to competitors, often rating the expense low on a ten-point scale for overall affordability. No additional setup or licensing fees are noted.

"The pricing is very transparent and clear."
"It's priced according to market standards for its services."
"It is scaled as you go. There are probably a certain number of scans per month, and there are tiers. If you're under a certain tier, it is free. The second level is pennies, and then all the way up to like a million. So, it has a tiered pricing program. They're pretty good with your initial scanning, and there is room to scale based on being affordable, but it is fairly cheap.There are no additional costs. They pretty much think about it as a pay-per-scan type model."

Popular Use Cases

Organizations use Amazon Inspector primarily for automated vulnerability detection in deployable containers within public cloud infrastructure. It scans containers in Elastic Container Registry automatically upon deployment, ensuring continuous assessment every hour. Integrated into the cloud environment, it pulls vulnerability data for access and management. Employed alongside third-party security tools, Amazon Inspector feeds data into systems like Sumo Logic for compliance, security posture management, and alerts via email or Jira tickets.

Service and Support

Customer service and support for Amazon Inspector are considered decent, with quality depending on the subscription tier. Paying users experience better responsiveness. Most users express contentment with support levels, noting quick turn-around for premium accounts. Even non-premium users report satisfactory assistance. Some have not needed to use AWS support, implying high service reliability.

Deployment

Amazon Inspector's initial setup is simple, involving a few clicks and is often rated highly for ease. Users find it intuitive, with experiences described as smooth and effortless, requiring minimal operational management. The process is typically a one-click setup at the account level, with additional steps needed for centralized visibility across multiple accounts. Deployment time varies with the environment but can be completed in minutes for single accounts. Similarities with other Amazon services enhance user familiarity.

Scalability

Amazon Inspector demonstrates effective scalability. Engineering teams can deploy it for continuous feedback with microservices, utilizing it extensively in Amazon ECR pipelines. Adaptability is key, and teams embrace the DevOps mindset, regularly monitoring and addressing vulnerabilities. It effectively manages large-scale production, although tools like Qualys are sometimes preferred for robust management. Scalability is largely dependent on available AWS resources, with Inspector receiving high ratings for handling scalability across business scales.

Stability

Amazon Inspector demonstrates exceptional stability. Users rate it ten out of ten for reliability and continuous availability. Many have not faced issues or downtime. The strong partnership with AWS provides effective support if needed. This stability significantly enhances business security and administration.

These insights are based on the in-depth reviews provided by peers to help you make a better buying decision.

Download our Amazon Inspector Buyer's Guide for additional reliable information.

Review data by company size

By reviewers

By visitors reading reviews

Top industries

By visitors reading reviews

Computer Software Company

13%

Financial Services Firm

12%

Government

Manufacturing Company

University

Insurance Company

Healthcare Company

Educational Organization

Recreational Facilities/Services Company

Retailer

Non Profit

Comms Service Provider

Performing Arts

Media Company

Construction Company

Wholesaler/Distributor

Logistics Company

Pharma/Biotech Company

Real Estate/Law Firm

Hospitality Company

Transportation Company

Energy/Utilities Company

Consumer Goods Company

Aerospace/Defense Firm

Legal Firm

Outsourcing Company

Wellness & Fitness Company

Marketing Services Firm

Compare Amazon Inspector with alternative products

Learn more about Amazon Inspector

Amazon Inspector security assessments help you check for unintended network accessibility of your Amazon EC2 instances and for vulnerabilities on those EC2 instances. Amazon Inspector assessments are offered to you as pre-defined rules packages mapped to common security best practices and vulnerability definitions. Examples of built-in rules include checking for access to your EC2 instances from the internet, remote root login being enabled, or vulnerable software versions installed. These rules are regularly updated by AWS security researchers.