Skip to content

Beginner Lab blue team icon   aws

Remediate Vulnerabilities with Amazon Inspector

Get hands-on with Amazon Inspector in this beginner-friendly lab and use it to harden the attack surface!

Description

As a blue teamer, vulnerability scanning and management tools are a perfect complement to more manual red team activities. Let's get hands-on with Amazon Inspector in this beginner-friendly lab and use it to harden our attack surface!

Scenario

As part of our efforts to increase buy-in and to drive-forward security improvements in engineering, we are collaborating with the DevOps team in a security assessment of their Elastic Container Registry (ECR) image deployment templates and Lambda functions. Let's show them how they can proactively secure their resources!

Lab prerequisites
  • Basic knowledge of vulnerability classes affecting web applications
  • Basic knowledge of Docker / Podman
Learning outcomes
  • Use Amazon Inspector to remediate vulnerabilities in Lambda and ECR
  • Use various third-party tools to assess ECR image security
  • Evaluate risk and impact, and decide whether to action or suppress findings
Real-world context

Vulnerability management is a key aspect of enterprise security. Having "always-on" tools that can automate the process of uncoverinbg vulnerabilities is a perfect complement to manual penetration testing and red teaming. Amazon Inspector can be great as part of a layered defensive suite and identify exploitable vulnerabilities in Lambda packages and code, EC2 instances and Elastic Container Registry (ECR).

platform mock(1)

Cloud Security Training To Protect Your Business

Pwned Labs for Business gives your team access to dedicated business content, including labs and cyber ranges.

We also offer in-person or remote workshops, and our cloud penetration services are helping businesses become more secure!