Enable Agentless Vulnerability & Threat Detection to start scanning for vulnerabilities and malware across your EBS volumes, ECR images, and serverless Lambda functions in AWS cloud accounts.
To start scanning for vulnerabilities and malware in your cloud resources, add your
AWS account to Trend Vision One in Cloud Accounts using the CloudFormation template. Enable Agentless Vulnerability & Threat Detection,
and then click Scanner Settings to choose the resource types to scan and whether to scan for vulnerabilities, malware,
or both. Vulnerability scanning is enabled by default. You can change the scanning
configuration at any time. For detailed instructions, see Adding an AWS account using CloudFormation.
Agentless Vulnerability & Threat Detection scans the following AWS resource types:
-
EBS volumes attached to EC2 instances
-
ECR images that have the "latest" tag
-
Lambda functions and attached Lambda layers
Important
|
Agentless Vulnerability & Threat Detection scans once per day, starting when you first
deploy the CloudFormation template. Anti-malware scans begin at the next daily scan
after you enable the feature. Scan times are not configurable after deployment.
Scan results are sent to Trend Vision One when the scan is complete and can be seen in Cloud Posture, Executive Dashboard, Operations Dashboard, and asset profile screens in Attack Surface
Discovery. After you patch vulnerabilities or remediate malware in EBS volumes, Lambda functions,
or Lambda layers, the detections no longer appear after the next daily scan. Vulnerability
detections in ECR images remain in for seven days after patching. Malware detections in ECR images remain in for seven days after remediation.
Supported Operating Systems
Distribution
|
Operating system
|
Amazon Linux
|
|
CentOS
|
|
Red Hat Enterprise Linux
|
|
Ubuntu
|
|
Supported AWS regions
Region code
|
Region name (Location)
|
us-east-1
|
US East (N. Virginia)
|
us-east-2
|
US East (Ohio)
|
us-west-1
|
US West (N. California)
|
us-west-2
|
US West (Oregon)
|
af-south-1
|
Africa (Cape Town)
|
ap-east-1
|
Asia Pacific (Hong Kong)
|
ap-northeast-1
|
Asia Pacific (Tokyo)
|
ap-northeast-2
|
Asia Pacific (Seoul)
|
ap-northeast-3
|
Asia Pacific (Osaka)
|
ap-south-1
|
Asia Pacific (Mumbai)
|
ap-southeast-1
|
Asia Pacific (Singapore)
|
ap-southeast-2
|
Asia Pacific (Sydney)
|
ca-central-1
|
Canada (Central)
|
eu-central-1
|
Europe (Frankfurt)
|
eu-north-1
|
Europe (Stockholm)
|
eu-west-1
|
Europe (Ireland)
|
eu-west-2
|
Europe (London)
|
eu-west-3
|
Europe (Paris)
|
sa-east-1
|
South America (São Paulo)
|
me-central-1
|
Middle East (UAE)
|
me-south-1
|
Middle East (Bahrain)
|
Unsupported AWS Regions
Region code
|
Region name (Location)
|
ap-southeast-3
|
Asia Pacific (Jakarta)
|
eu-south-1
|
Europe (Milan)
|