Reveal Vulnerabilities in AWS EC2 Instances with cnspec

Vulnerabilities are bad. We all know this. They expose your infrastructure to attackers.

reveal vuln featured image-1

How do you get vulnerabilities in EC2 instances?

Images come with packages, and installed packages don't automatically update for you. Stuff gets out of date.

It might be the EC2 instances that run your production apps, or it might just be that EC2 instance you or your developers use to test stuff, the one with a public IP and port 22 open. Would it really be okay if someone got in there? Are any important creds possibly exposed via env var? Source code? How sure are you? What kind of lateral access could an attacker gain?

Find 'em!

Take a minute to check for vulnerabilities with open source cnspec and quickly assess the state of your EC2 instance.  Here are the results from an instance created with the latest Amazon Linux 2 image available via the EC2 instance-create wizard:

AWS_REGION=us-east-1 AWS_PROFILE="vvdefault" cnspec vuln aws ec2 instance-connect ec2-user@i-0d22a683bacf1c30c
terminal screenshot

You've got a full list of results, and scores to tell you what should be prioritized. So what's next?

Monitor your infrastructure for security misconfigurations and maps those checks automatically to top compliance frameworks.

Fix 'em!

SSH to the instance and run a sudo yum update -y.

That should actually take care of most (if not all) of these.

Check again 🎉

AWS_REGION=us-east-1 AWS_PROFILE="vvdefault" cnspec vuln aws ec2 instance-connect ec2-user@i-0d22a683bacf1c30c

In this case, we didn't install any additional packages, so a simple update took care of it all! 🎉

Victoria Jeffrey

Victoria Jeffrey (also known as vj) is an Engineering Manager/Software Engineer living near Denver, Colorado. She's been doing this coding and DevOps and security thing for over seven years now, and still loves every minute of it. Vj spends her free time hanging with her family, binging too much tv, and fulfilling her suburban mom obligations by going to pilates and trying to maintain a small herb garden.

You might also like

Mondoo May 2024 Release Highlights
Mondoo April 2024 Release Highlights
Exploring the Latest Security Features in Ubuntu 24.04