Product logo
DocsBlogPricing
← Back to blog
Announcement

Turbot Guardrails for Amazon Inspector

Turbot provides Guardrails for a number of AWS security, identity, and compliance products. Turbot has recently expanded our Guardrail policies for Amazon Inspector to help Enterprises ensure Amazon Inspector is setup and configured consistently across large scale multi-account AWS implementations.

Turbot Team
5 min. read - Aug 17, 2018
Turbot provides Guardrails for a number of AWS security, identity, and compliance products. Turbot has recently expanded our Guardrail policies for Amazon Inspector to help Enterprises ensure Amazon Inspector is setup and configured consistently across large scale multi-account AWS implementations.

Amazon Inspector + Turbot Guardrails:

Turbot Guardrails provides for a number of AWS Security, Identity, and Compliance products, including Operating System Guardrails for Windows and Linux. Turbot Guardrails existing Operating System Guardrails automatically apply best practice configurations based on company policies for patching, user management, and environment variables, including hardening configurations based on the Center for Internet Security (CIS) Level 1 or 2 Benchmarks.

Turbot Inspector

For an additional audit layer to identify potential security issues, vulnerabilities or deviations from best security practices, Amazon Inspector can be used to identify findings on EC2 Instances while Turbot Guardrails is enforcing configurations based on corporate policies. Turbot Guardrails has recently expanded our Guardrail policies for Amazon Inspector to help Enterprises ensure Amazon Inspector is setup and configured consistently across large scale multi-account AWS implementations.

Turbot Guardrails Enables Amazon Inspector at Scale:

  • Turbot Guardrails allows you to enable / disable Amazon Inspector in multiple AWS accounts. This will block users from managing Inspector per account and allow central configuration management to be enforced globally or managed through exceptions per account and per instance.
  • Turbot Guardrails can be set to enable / disable specific regions allowed for Amazon Inspector resources.
  • As part of Turbot Guardrails Identity Engine, Enterprises can easily assign Amazon Inspector Role Based Access Controls (RBAC) and identity policies consistent with other Turbot - AWS IAM Policies being managed. In addition, Turbot Guardrails RBAC policies can be applied with time-based grants.
  • Turbot Guardrails allows you to enforce the Inspector agent installation on Linux and Windows Operating Systems.
  • Turbot Guardrails will auto-create the required Amazon Inspector IAM role with least privilege policies, while providing protection for the role to ensure it is not altered or assumed.
  • Turbot Guardrails will enforce the creation of Inspector Targets and Templates and global or explicit EC2 Instance associations per instance.

Contact us to learn more about Turbot Guardrails for Amazon Inspector or schedule a demo to see how Turbot Guardrails can fully automate Cloud Governance for your organization.