Axonius, a leader in cybersecurity asset management, announced an integration with Amazon Inspector, an automated security assessment service. The integration will enable mutual customers to understand and manage vulnerabilities across their Amazon Web Services (AWS) infrastructure better.
Amazon Inspector is a vulnerability management service that scans AWS workloads for software vulnerabilities and unintended network exposure. The solution discovers all running Amazon Elastic Compute Cloud (Amazon EC2) instances and container images residing in Amazon Elastic Container Registry (Amazon ECR) and starts assessing them for known vulnerabilities.
Because Axonius delivers a complete inventory of assets from many correlated data sources, customers can gain a comprehensive view of their cloud security posture, including vulnerability data found from Amazon Inspector.
“Customers are burdened by the increasing number of security tools to protect the sprawl of cloud, physical, and virtual assets in their environments,” said Mark Daggett, vice president of worldwide channels and alliances, Axonius. “It’s not easy for them to surface which assets are not covered by their security controls that should be, or if they are covered, whether the control is actually working.
“Customers are exhausted with the highly manual, slow, and error-prone processes that negatively impact their risk mitigation, threat management, and compliance. With Axonius, customers can get a unified view of their assets and dramatically accelerate the process of strengthening security posture across all of their assets,” he said.
The Axonius integration of Amazon Inspector provides these key capabilities:
- Comprehensively Track and Assess the Security of AWS Assets – In a few clicks, the Axonius Query Wizard can identify AWS assets that have not been assessed with Amazon Inspector. Customers can search for a set of assets based on their last scan time, or segment AWS assets with known vulnerabilities by common vulnerabilities and exposures (CVE) severity, CVE ID, and more. It can be used to track the Amazon Inspector usage and coverage.
- Manage Vulnerabilities Within a Broader Context – Axonius delivers correlated data from tools such as endpoint detection and response, privilege access management to help cloud security, DevOps, and security operations teams prioritize which vulnerabilities to remediate first. With an endless backlog of vulnerabilities to manage, this level of context is imperative to helping teams mitigate the vulnerabilities that are likely to be exploited or that would have the most impact if exploited.
- Improve Cloud Compliance Based on Industry Benchmarks – Customers can ensure their AWS assets adhere to security best practices, such as the CIS AWS Foundations Benchmark. Using Axonius and Amazon Inspector, cloud security teams can prioritize which assets pose the most risk due to any detected vulnerability or deviation from security standards and best practices.