Amazon Inspector Classic terminology and concepts - Amazon Inspector Classic

This is the user guide for Amazon Inspector Classic. For information about the new Amazon Inspector, see the Amazon Inspector User Guide. To access the Amazon Inspector Classic console, open the Amazon Inspector console at https://console.aws.amazon.com/inspector/, and then choose Amazon Inspector Classic in the navigation pane.

Amazon Inspector Classic terminology and concepts

As you get started with Amazon Inspector Classic, you can benefit from learning about its key concepts.

Amazon Inspector Classic agent

A software agent that you can install on the EC2 instances that are included in the assessment target. The agent collects a wide set of configuration data (telemetry). For more information, see Amazon Inspector Classic agents.

Assessment run

The process of discovering potential security issues through the analysis of your assessment target's configuration against specified rules packages. During an assessment run, Amazon Inspector monitors, collects, and analyzes configuration data (telemetry) from resources within the specified target. Next, Amazon Inspector analyzes the data and compares it against a set of security rules packages that are specified in the assessment template used during the assessment run. A completed assessment run produces a list of findings, which are potential security issues of various levels of severity. For more information, see Amazon Inspector Classic assessment templates and assessment runs.

Assessment target

In the context of Amazon Inspector Classic, a collection of AWS resources that work together as a unit to help you accomplish your business goals. Amazon Inspector Classic evaluates the security state of the resources that constitute the assessment target.

Important

Currently, your Amazon Inspector Classic assessment targets can consist only of EC2 instances. For more information, see Amazon Inspector Classic service limits

To create an Amazon Inspector Classic assessment target, you must first tag your EC2 instances with key-value pairs of your choice. Next, you can create a view of these tagged EC2 instances that have common keys or common values. For more information, see Amazon Inspector Classic assessment targets.

Assessment template

A configuration that is used during your assessment run. The template includes the following:

  • Rules packages that Amazon Inspector Classic uses to evaluate your assessment target

  • Amazon SNS topics that you want Amazon Inspector Classic to send notifications to about assessment run states and findings

  • Tags (key-value pairs) that you can assign to findings that are generated by the assessment run

  • The duration of the assessment run

Finding

A potential security issue that Amazon Inspector Classic discovers during an assessment run of the specified target. Findings are displayed in the Amazon Inspector Classic console or retrieved through the API. They contain both a detailed description of the security issue and a recommendation on how to fix it. For more information, see Amazon Inspector Classic findings.

Rule

In the context of Amazon Inspector Classic, a security check performed during an assessment run. When a rule detects a potential security issue, Amazon Inspector Classic generates a finding that describes the issue.

Rules package

In the context of Amazon Inspector Classic, a collection of rules. A rules package corresponds to a security goal that you might have. You can specify your security goal by selecting the appropriate rules package when you create an Amazon Inspector Classic assessment template. For more information, see Amazon Inspector Classic rules packages and rules.

Telemetry

Installed package information and software configuration for an EC2 instance. Amazon Inspector Classic collects the data during an assessment run.