Home
Mapping Frameworks
AWS Home
Amazon Inspector

AWS amazon_inspector Mappings

Amazon Inspector is an automated assessment service that evaluates the security and compliance of applications in AWS. It supports assessment packages for CVEs, CIS Benchmarks (various Windows and Linux platforms), Best Practices (Linux only), and Network Reachability. The result of running an assessment is a list of findings that can be used to inform decision-making processes that improve the security of applications.

Mappings

Capability ID	Capability Description	Category	Value	ATT&CK ID	ATT&CK Name
amazon_inspector	Amazon Inspector	protect	partial	T1189	Drive-by Compromise
amazon_inspector	Amazon Inspector	protect	partial	T1190	Exploit Public-Facing Application
amazon_inspector	Amazon Inspector	protect	partial	T1203	Exploitation for Client Execution
amazon_inspector	Amazon Inspector	protect	partial	T1068	Exploitation for Privilege Escalation
amazon_inspector	Amazon Inspector	protect	partial	T1211	Exploitation for Defense Evasion
amazon_inspector	Amazon Inspector	protect	partial	T1212	Exploitation for Credential Access
amazon_inspector	Amazon Inspector	protect	partial	T1210	Exploitation of Remote Services
amazon_inspector	Amazon Inspector	protect	minimal	T1110	Brute Force
amazon_inspector	Amazon Inspector	protect	minimal	T1110.001	Password Guessing
amazon_inspector	Amazon Inspector	protect	minimal	T1110.002	Password Cracking
amazon_inspector	Amazon Inspector	protect	minimal	T1110.003	Password Spraying
amazon_inspector	Amazon Inspector	protect	minimal	T1110.004	Credential Stuffing
amazon_inspector	Amazon Inspector	protect	minimal	T1133	External Remote Services
amazon_inspector	Amazon Inspector	protect	minimal	T1021	Remote Services
amazon_inspector	Amazon Inspector	protect	minimal	T1021.004	SSH
amazon_inspector	Amazon Inspector	protect	minimal	T1222	File and Directory Permissions Modification
amazon_inspector	Amazon Inspector	protect	partial	T1222.002	Linux and Mac File and Directory Permissions Modification
amazon_inspector	Amazon Inspector	protect	minimal	T1562	Impair Defenses
amazon_inspector	Amazon Inspector	protect	minimal	T1562.001	Disable or Modify Tools
amazon_inspector	Amazon Inspector	protect	minimal	T1562.003	Impair Command History Logging
amazon_inspector	Amazon Inspector	protect	minimal	T1562.004	Disable or Modify System Firewall
amazon_inspector	Amazon Inspector	protect	minimal	T1562.006	Indicator Blocking
amazon_inspector	Amazon Inspector	protect	minimal	T1070	Indicator Removal on Host
amazon_inspector	Amazon Inspector	protect	minimal	T1070.002	Clear Linux or Mac System Logs
amazon_inspector	Amazon Inspector	protect	minimal	T1070.003	Clear Command History
amazon_inspector	Amazon Inspector	protect	minimal	T1070.004	File Deletion
amazon_inspector	Amazon Inspector	protect	minimal	T1070.005	Network Share Connection Removal
amazon_inspector	Amazon Inspector	protect	minimal	T1070.006	Timestomp
amazon_inspector	Amazon Inspector	protect	minimal	T1599	Network Boundary Bridging
amazon_inspector	Amazon Inspector	protect	minimal	T1599.001	Network Address Translation Traversal
amazon_inspector	Amazon Inspector	protect	minimal	T1003	OS Credential Dumping
amazon_inspector	Amazon Inspector	protect	minimal	T1003.007	Proc Filesystem
amazon_inspector	Amazon Inspector	protect	minimal	T1003.008	/etc/passwd and /etc/shadow
amazon_inspector	Amazon Inspector	protect	minimal	T1053	Scheduled Task/Job
amazon_inspector	Amazon Inspector	protect	minimal	T1053.001	At (Linux)
amazon_inspector	Amazon Inspector	protect	minimal	T1053.003	Cron
amazon_inspector	Amazon Inspector	protect	minimal	T1053.006	Systemd Timers
amazon_inspector	Amazon Inspector	protect	minimal	T1489	Service Stop
amazon_inspector	Amazon Inspector	protect	minimal	T1529	System Shutdown/Reboot
amazon_inspector	Amazon Inspector	protect	minimal	T1548	Abuse Elevation Control Mechanism
amazon_inspector	Amazon Inspector	protect	minimal	T1548.003	Sudo and Sudo Caching
amazon_inspector	Amazon Inspector	protect	minimal	T1037	Boot or Logon Initialization Scripts
amazon_inspector	Amazon Inspector	protect	partial	T1037.004	RC Scripts
amazon_inspector	Amazon Inspector	protect	minimal	T1543	Create or Modify System Process
amazon_inspector	Amazon Inspector	protect	partial	T1543.002	Systemd Service
amazon_inspector	Amazon Inspector	protect	partial	T1046	Network Service Scanning
amazon_inspector	Amazon Inspector	protect	partial	T1595	Active Scanning
amazon_inspector	Amazon Inspector	protect	partial	T1595.001	Scanning IP Blocks
amazon_inspector	Amazon Inspector	protect	partial	T1595.002	Vulnerability Scanning