AWS Inspector - Scan on-premise VMs - CIS Benchmarks

Question

Hello,

I would like to ask about the possibility to run Inspector Scan from AWS account to scan VMs which are existing in on-premise network.

If that not doable at this time, could you please advise with any alternative tool to scan same Rules Package that Inspector does: **CIS Operating System Security Configuration Benchmarks-1.0**

Many thanks,
Maan

Accepted Answer

Hello Maan,
 
Thank you for your question.
 
At this time, it is not possible to run Inspector Scan for on premise servers and it currently only works for EC2 and container workloads on AWS.
 
There is an existing feature request for this and you can keep track of this through our what's new page - https://aws.amazon.com/new/
We do not have an ETA as to when this feature will be implemented.
 
However, an alternative tool is available by CIS called CIS-CAT Pro which is available for on premise environments. Please be aware that since this is a third party tool, AWS cannot speak to its validity and does not offer support for this tool. 
Regardless, I have linked the alternative tool below for reference. 
 
CIS-CAT Pro:
 
https://www.cisecurity.org/cybersecurity-tools/cis-cat-pro_pre

AWS Inspector - Scan on-premise VMs - CIS Benchmarks

관련 콘텐츠