Scanning base on EBS snapshot
Agentless không thể quét Network exposure.
Use the combine of both agent-based and agentless methods.
If
SSM managed instances: use agent-based method
No SSM: use agentless method.
Exclusive use Agent-based method for scanning
Only scan SSM managed instances.
Super-detailed security scanner for EC2
Looking for vulnerabilities in
OS (Linux, Windows, Mac) system packages
Application code and programming (Linux only)
You can exclude an instance from Inspector scan by using InspectorEc2Exclusion key.
InspectorEc2Exclusion
If you not sure all agent have SSM Agent, then use hybrid scanning mode.
Agent-less scanning cant not scan Network exposure, because it scan on EBS snapshot.
Last updated 3 months ago
