Start scanning for vulnerabilities across your EBS volumes and ECR images on AWS cloud accounts.
To start scanning for vulnerabilities, enroll your AWS cloud account with Trend Vision One and enable Agentless Vulnerability & Threat
Detection. You can add new cloud accounts using the Cloud
Accounts app. For detailed instructions, see Adding an AWS account.
Agentless Vulnerability & Threat Detection scans for vulnerabilities on the following
AWS
resource types:
-
EBS volumes attached to EC2 instances
-
ECR images that have the "latest" tag
 |
ImportantAgentless Vulnerability & Threat Detection only supports scanning EBS volumes attached
to
supported Linux instances. Scans performed on EBS volumes that are attached to instances
with
unsupported platforms (like Windows) will use resources, but will not provide vulnerability
information.
|
 |
NoteIf the limit for pending EBS snapshot in your AWS account is reached, you may encounter
one or
more "PendingSnapshotLimitExceeded" errors when the scan begins. This may cause the
scanning
process to take longer than usual.
|
Agentless Vulnerability & Threat Detection will scan once per day, starting upon first
deployment of the CloudFormation template. The time at which the scan takes place
is not
configurable after deployment. The scan results are sent to Executive Dashboard when the scan is complete. Patched vulnerabilities for EBS volumes will no longer
appear after
the next daily scan results are available. ECR images will remain in the Images with
Highly Exploitable CVEs table for seven days after their vulnerabilities are
patched.
Supported Operating Systems
|
Distribution
|
Operating System
|
|
Amazon Linux
|
|
|
CentOS
|
|
|
Red Hat Enterprise Linux
|
|
|
Ubuntu
|
|
Supported AWS regions
|
Region code
|
Region name (Location)
|
|
us-east-1
|
US East (N. Virginia)
|
|
us-east-2
|
US East (Ohio)
|
|
us-west-1
|
US West (N. California)
|
|
us-west-2
|
US West (Oregon)
|
|
af-south-1
|
Africa (Cape Town)
|
|
ap-east-1
|
Asia Pacific (Hong Kong)
|
|
ap-northeast-1
|
Asia Pacific (Tokyo)
|
|
ap-northeast-2
|
Asia Pacific (Seoul)
|
|
ap-northeast-3
|
Asia Pacific (Osaka)
|
|
ap-south-1
|
Asia Pacific (Mumbai)
|
|
ap-southeast-1
|
Asia Pacific (Singapore)
|
|
ap-southeast-2
|
Asia Pacific (Sydney)
|
|
ca-central-1
|
Canada (Central)
|
|
eu-central-1
|
Europe (Frankfurt)
|
|
eu-north-1
|
Europe (Stockholm)
|
|
eu-west-1
|
Europe (Ireland)
|
|
eu-west-2
|
Europe (London)
|
|
eu-west-3
|
Europe (Paris)
|
|
sa-east-1
|
South America (São Paulo)
|
|
me-central-1
|
Middle East (UAE)
|
Unsupported AWS Regions
|
Region code
|
Region name (Location)
|
|
ap-southeast-3
|
Asia Pacific (Jakarta)
|
|
eu-south-1
|
Europe (Milan)
|
|
me-south-1
|
Middle East (Bahrain)
|