We’re excited to announce that Axonius is now an AWS partner! By partnering with AWS, we’ll be helping more companies understand and manage their attack surface across their cloud infrastructure.
In our quest to help AWS customers improve their cloud security visibility, we are building multiple integrations with the AWS platform. As a first step, we’ve built a new Axonius integration for Amazon Inspector to help customers manage vulnerabilities across AWS infrastructure by prioritizing vulnerabilities that are more impactful to their security posture.
The new version of Amazon Inspector automatically discovers all running Amazon EC2 instances and container images residing in Amazon Elastic Container Registry (ECR) – at any scale – and immediately starts assessing them for known vulnerabilities.
What Axonius Plus Amazon Inspector Delivers
Customers of AWS and Axonius can view Inspector findings alongside other correlated data sources in Axonius to strengthen cloud security posture in a variety of areas, including:
1> Vulnerability Prioritization
By ingesting Inspector findings into Axonius, customers can manage and prioritize vulnerabilities within a broader context. Beyond simply identifying known vulnerabilities, Axonius delivers correlated data to help cloud security, DevOps, and security operations teams prioritize which vulnerabilities to act on first.
For example, customers can prioritize actions for any cloud asset with a known vulnerability identified that is:
- Found across one or multiple Amazon Machine Images (AMIs)
- Open and accessible to the internet
- Often accessed by users
- Lacking endpoint or cloud workload protection
Once vulnerabilities have been prioritized, customers can automate action and trigger workflows, such as stopping an EC2 instance that may have a critical vulnerability, creating a Jira issue, or more.
With a never-ending backlog of vulnerabilities to manage, this level of context and ability to automate response is needed to help close out vulnerabilities that are most likely to be exploited or would have the most impact if exploited.2> Cloud Compliance
AWS and Axonius can be used to track and improve compliance for AWS assets based on industry benchmarks. Using Axonius Cloud Asset Compliance, customers can also ensure that AWS assets adhere to security best practices frameworks, such as the CIS AWS Foundations Benchmark. Using Axonius and Amazon Inspector, cloud security teams can gain out-of-the-box reporting on assets deviating from security standards and best practices. Cloud security and compliance teams can also easily report on vulnerability assessment frequency and coverage to demonstrate compliance with certain regulations.3> Proactive Cyber Risk Management
When customers pair Inspector findings with correlated asset data on asset configuration, installed software applications, associated user accounts, and more, they can turn any set of conditions that pose risk for their company into continuously run queries. In turn, these queries can be used as triggers to enforce policies programmatically.
How the Integration Works
The Axonius Platform ingests Amazon Inspector findings within the AWS adapter. Existing customers will be able to fetch Inspector findings as part of the AWS configuration tab on the Adapters page. When enabled, Inspector data automatically correlated with other data sources known to AWS assets. For new Axonius customers who connect the AWS adapter, Inspector findings will be fetched by default.
Try it for yourself in early 2022.
Inspector data will be generally available as part of the AWS adapter in early 2022.
Until then, you can sign up for a free 30 day trial of Axonius to start managing your entire attack surface today.