Understanding the Amazon Inspector dashboard - Amazon Inspector
Displaying the dashboardUnderstanding dashboard components and interpreting data
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China (PDF).

Understanding the Amazon Inspector dashboard

The Amazon Inspector dashboard provides a snapshot of aggregated statistics for your Amazon resources in the current Amazon Region. These statistics include key metrics for resource coverage and active vulnerabilities. The dashboard also displays groups of aggregated findings data for your account, such as Amazon Elastic Compute Cloud (Amazon EC2) instances, Amazon Elastic Container Registry (Amazon ECR) and Amazon Lambda functions with most critical findings. To perform deeper analysis, you can view the supporting data for dashboard items.

If your account is the Amazon Inspector delegated administrator account for an organization, the dashboard includes account coverage, aggregated statistics, and findings data for all accounts in your organization, including your own account.

Displaying the dashboard

The dashboard shows an overview of your environment coverage and critical findings.

To display the dashboard:

  1. Open the Amazon Inspector console https://console.aws.amazon.com/inspector/v2/home.

  2. In the navigation pane, choose Dashboard.

  3. You can interact with the dashboard in the following ways:

    • The dashboard refreshes automatically every five minutes. However, you can refresh the data manually by selecting the refresh icon at the top-right corner of the page.

    • To view the supporting data for an item on the dashboard, choose the item.

    • If you manage multiple accounts through Amazon organizations as an Amazon Inspector delegated administrator, the dashboard displays aggregated statistics for your member accounts. To filter the dashboard and display data only for a particular account, enter the account ID in the Account box.

Understanding dashboard components and interpreting data

Each section of the Amazon Inspector dashboard provides insight into key metrics or active findings data that can help you understand the vulnerability posture of your Amazon resources in the current Amazon Web Services Region.

Environment coverage

The Environment coverage section provides statistics about the resources scanned by Amazon Inspector. In this section, you can see the count and percentage of Amazon EC2 instances, Amazon ECR images and Amazon Lambda functions scanned by Amazon Inspector. If you manage multiple accounts through Amazon Organizations as an Amazon Inspector delegated administrator, you will also see the total number of organization accounts, the number with Amazon Inspector activated, and the resulting coverage percentage for the organization. You can also use this section to determine which resources are not covered by Amazon Inspector. These resources may contain vulnerabilities that could be exploited to put your organization at risk. For more details, see Assessing Amazon Inspector coverage of your Amazon environment.

Choosing a coverage group takes you to the Account management page for the grouping you select. The account management page shows you details about which accounts, Amazon EC2 instances, and Amazon ECR repositories are covered by Amazon Inspector.

The following coverage groups are available:

  • Account

  • Instances

  • Container repositories

  • Container images

  • Lambda

Critical findings

The Critical findings section provides a count of the critical vulnerabilities in your environment and a total count of all findings in your environment. In this section, the counts are shown per resource and assessment type. For more information about critical findings and how Amazon Inspector determines criticality, see Understanding findings in Amazon Inspector.

Choosing a critical finding group takes you to the All findings page and automatically applies filters to show all critical findings that match the grouping you selected.

The following critical finding groups are available:

  • ECR container images findings

  • Amazon EC2 findings

  • Network reachability findings

  • Amazon Lambda function findings

Risk-based remediations

The Risk-based remediations section shows the top five software packages with critical vulnerabilities that affect the most resources in your environment. Remediating these packages can significantly reduce the number of critical risks to your environment. Choose the software package name to see associated vulnerability details and affected resources.

Accounts with the most critical findings

The Accounts with the most critical findings section shows the top five Amazon accounts in your environment with the most critical findings, and the total number of findings for that account. This section is only viewable from the delegated administrator account when Amazon Inspector is configured for multi-account scanning with Amazon Organizations. This view helps delegated administrators understand which accounts may be most at risk within the organization.

Choose Account ID to see more information about the affected member account.

Amazon ECR repositories with most critical findings

The Elastic Container Registry (ECR) Repositories with most critical findings section shows the top five Amazon ECR repositories in your environment with the most critical container image findings. The view shows the repository name, Amazon account identifier, the repository creation date, number of critical vulnerabilities, and total number of vulnerabilities. This view helps you identify which repositories may be most at risk.

Choose Repository name to see more information about the affected repository.

Container images with most critical findings

The Container images with most critical findings section shows the top five container images in your environment with the most critical findings. The view shows image tag data, repository name, image digest, Amazon account identifier, number of critical vulnerabilities, and total number of vulnerabilities. This view helps application owners identify which container images may need to be rebuilt and relaunched.

Choose Container image to see more information about the affected container image.

Instances with most critical findings

The Instances with most critical findings section shows the top five Amazon EC2 instances with the most critical findings. The view shows instance identifier, Amazon account identifier, Amazon Machine Image (AMI) identifier, number of critical vulnerabilities, and total number of vulnerabilities. This view helps infrastructure owners identify which instances may require patching.

Choose Instance ID to see more information about the affected Amazon EC2 instance.

Amazon Machine Images (AMI) with most critical findings

The Amazon Machine Images (AMIs) with most critical findings section shows the top five AMIs in your environment with the most critical findings. The view shows the AMI identifier, Amazon account identifier, number of affected EC2 instances running in the environment, the AMI creation date, the operating system platform of the AMI, the number of critical vulnerabilities, and the total number of vulnerabilities. This view helps infrastructure owners identify which AMIs may require rebuilding.

Choose Affected instances to see more information about the instances launched from the affected AMI.

Amazon Lambda functions with most critical findings

The Amazon Lambda functions with most critical findings section shows the top five Lambda functions in your environment with the most critical findings. The view shows the Lambda function name, Amazon account identifier, runtime environment, the number of critical vulnerabilities, the number of high vulnerabilities, and the total number of vulnerabilities. This view helps infrastructure owners identify which Lambda functions may require remediation.

Choose Function name to see more information about the affected Amazon Lambda function.