What is Amazon Inspector and How Does It Work?
Amazon Inspector is an automated security assessment service that scans AWS workloads for vulnerabilities, misconfigurations, unintended network exposure and compliance risks, helping organizations enhance cloud security, detect threats, and meet regulatory requirements (such as ISO/IEC 27001, HIPAA, NIS 2 and SOC 2 Type 2) in real time.
Amazon Inspector discovers and scans Amazon EC2 instances, container images in Amazon ECR (Elastic Container Registry), and Lambda functions. When Inspector detects a software vulnerability or unintended network exposure, it creates a “finding”, which is a detailed report about the issue.
How to View and Manage Amazon Inspector Findings
Using native tooling you can manage findings via the Inspector console or API. Amazon also provides the Amazon Inspector dashboard which offers a high-level view of findings from across your AWS environment.
Out-of-the-box these tools require manual inspection by a human operator. If you want to automate near real-time monitoring and alerting on Inspector findings you need to tool your own integration against the API or the Amazon EventBridge. Inspector publishes findings to Amazon EventBridge as “finding” events. EventBridge is a serverless event bus service that can route findings data to targets such as AWS Lambda functions and Amazon Simple Notification Service (Amazon SNS) topics. With EventBridge, you can monitor and process findings in near-real time as part of your existing security and compliance workflows. Beyond the official documentation, some community advice on how to do this is available.
- Inspector Findings : r/aws
- amazon web services – Get AWS Inspector findings report from AWS Inspector in mail – Stack Overflow
Automating Amazon Inspector Monitoring & Alerting
Many organizations prefer to adopt third-party AI-powered observability solutions such as eG Enterprise which can provide out-of-the-box monitoring, alerting and root-cause analytics on Inspector findings. Reasons to choose eG Enterprise include:
- Removes the need to build and maintain bespoke tooling and the skilled staffing requirements associated
- Supports cloud-agnostic, multi-cloud, cloud-exit and hybrid cloud strategies, a AI-powered observability solution such as eG Enterprise supports over 650 application, infrastructure and technology stacks. So, if in the future your platform needs move away from AWS you will not need to build yet another platform-specific monitoring stack
-
eG Enterprise already integrates with a vast range of ITSM and notification systems so you can track security issues raised by Inspector in your preferred system (or even multiple systems)

- The audit trails of Inspector findings recorded by eG Enterprise ensure that you can track incidents and automate reports needed for regulatory compliance with risk management frameworks and regulations such as NIS2, DORA, ISO 27001 and so on.
- eG Enterprise includes powerful AI-driven auto-baselining and anomaly detection so you get alerting configured out-of-the-box
- eG Enterprise provides external visibility on cloud outages, whilst you can leverage EventBridge and Amazon’s SNS services, these can leave you blind in the event of an AWS failure. See: How to Protect your IT Ops from Cloud Outages
- For MSPs running multi-tenant AWS deployments, eG Enterprise’s support for multi-tenancy enables them to provide per tenant / customer reports and management
How eG Enterprise Tracks Amazon Inspector Findings
eG Enterprise’s domain aware layer models for AWS now include an AWS Security layer within which AWS Inspector Findings are reported.
Can eG Enterprise Monitor “Amazon Inspector Classic”?
Yes, it can. Amazon Inspector Classic tests the network accessibility of your Amazon EC2 instances and the security state of your applications that run on those instances. Amazon strongly encourages users to explore and use the newer Amazon Inspector Service as described above, see: What is Amazon Inspector Classic? – Amazon Inspector Classic. However, for our customers who continue to use the “Classic” version we can offer them comparable monitoring and alerting in the same familiar single console.
How is Amazon Inspector different from Amazon Inspector Classic?
The new Amazon Inspector has expanded coverage to add support for container images residing in Amazon Elastic Container Registry (Amazon ECR) in addition to EC2 instances. It also offers multi-account support through integration with AWS Organizations, and continual software vulnerability and network reachability scanning based on common vulnerabilities and exposures (CVEs).
More details on this and other FAQs relating to Inspector are available, see: Automated Vulnerability Management – Inspector FAQs – AWS.
Monitor AWS and Azure Security Recommendations from One Console
Yes, eG Enterprise can monitor Azure recommendation services in a comparable manner to those in AWS, again in the same familiar, single console. Some information on how eG Enterprise monitors and alerts on security recommendations from Azure Advisor is covered in a previous article, see Azure Advisor Integration | eG Innovations.
Benefits of Automated Amazon Inspector Monitoring
Automating Amazon Inspector monitoring helps security teams move from reactive checks to continuous visibility. With eG Enterprise, Inspector findings can be surfaced in a single console, tracked alongside other infrastructure and application signals.
Faster vulnerability detection
Automated monitoring reduces the time between a new Amazon Inspector finding and the moment your team sees it. Since Inspector publishes findings to Amazon EventBridge, alerts can be triggered as soon as critical or high-severity issues appear, instead of waiting for manual review.
Reduced security risks
Early alerting helps teams respond before vulnerable workloads are exposed for too long. Amazon Inspector continuously scans EC2 instances, container images in Amazon ECR, and Lambda functions for vulnerabilities and unintended network exposure, which helps shrink the window of risk.
Improved compliance readiness
eG Enterprise monitoring supports compliance by making it easier to track findings over time. Amazon Inspector is designed to help meet compliance requirements and best practices such as NIST CSF and PCI DSS, while eG Enterprise adds centralized visibility and incident history that can support broader regulatory reporting.
Centralized security visibility
Instead of forcing teams to switch between the Inspector console, EventBridge rules, and notification tools, eG Enterprise can bring AWS Security-related findings into one operational view. That makes it easier to correlate Inspector issues with other cloud, application, and infrastructure signals in the same dashboard.
Reduced manual monitoring effort
Manual inspection of Inspector findings can become repetitive, especially in environments with many accounts, regions, and workloads. eG Enterprise helps reduce that effort by providing out-of-the-box monitoring and alerting for Inspector findings, so teams spend less time checking consoles and more time remediating issues.
eG Enterprise is an Observability solution for Modern IT. Monitor digital workspaces,
web applications, SaaS services, cloud and containers from a single pane of glass.
Related Articles
- If you’d like to explore how Advanced AWS Monitoring Solutions can help you go beyond native cloud capabilities and provide automated AI-powered correlation between Applications, User Experience and Amazon’s AWS platform / services, please see: How to Achieve Full Observability in the Cloud: Nine Practical Steps to Go Beyond Cloud-Native Monitoring.
- Learn more about our partnerships with Amazon, see: eG Innovations achieves Amazon Web Services (AWS) Digital Workplace Competency status | eG Innovations
- If you are an SRE, IT Sys Admin, DevOps or generally just interested in IT Operational Resilience using AIOps, please see: How to Protect your IT Ops from Cloud Outages.
- Take a quick look at some of our Amazon infrastructure dashboards, see: AWS monitoring dashboards for EC2, EBS, RDS and S3
Frequently Asked Questions
Amazon Inspector is an automated security assessment service used to scan AWS workloads for vulnerabilities, misconfigurations, unintended network exposure, and compliance risks. It helps organizations identify issues in EC2 instances, container images in Amazon ECR, and Lambda functions.
Amazon Inspector automatically discovers supported workloads and scans them for software vulnerabilities and exposure risks. It uses vulnerability intelligence and contextual risk scoring to help prioritize remediation, including network accessibility and CVE-based analysis.
Amazon Inspector Classic is the older version, focused on testing EC2 instance network accessibility and the security state of applications running on those instances. The newer Amazon Inspector expands coverage to include container images and Lambda functions, adds broader vulnerability scanning, and supports more modern AWS security workflows.
Yes. Amazon Inspector scans container images stored in Amazon ECR for software vulnerabilities and unintended exposure. This is one of the key improvements over Inspector Classic, which was primarily centered on EC2 security assessment.
Amazon Inspector findings are published to Amazon EventBridge, where you can create rules to route alerts to targets such as Amazon SNS, Lambda, or other downstream systems. This lets you automate notifications for high-severity or critical findings and embed them into existing response workflows.
Yes. Amazon Inspector findings can be routed through EventBridge and then forwarded into notification or workflow systems, which makes ITSM integration possible through automation or middleware. eG Enterprise also positions Inspector findings inside a broader observability and operations workflow, which helps connect security events with incident handling processes.
eG Enterprise can surface AWS Inspector findings in its AWS Security layer and provide out-of-the-box monitoring, alerting, and root-cause visibility from a single console. It also supports alert routing and audit-friendly tracking, which helps teams manage Inspector findings alongside the rest of their cloud and application environment.


Babu is Head of Product Engineering at eG Innovations, having joined the company back in 2001 as one of our first software developers following undergraduate and masters degrees in Computer Science, he knows the product inside and out. Based within our Singapore R&D Management team, Babu has undertaken various roles in engineering and product management becoming a certified PMP along the way.


