Home > Glossary > AWS Certified Cloud Practitioner > AWS Inspector

📖 What is AWS Inspector?

AWS Inspector is an automated vulnerability management service that continually scans AWS workloads for software vulnerabilities and unintended network exposure. It helps improve security and compliance by providing a detailed list of security findings and remediation steps.

🥋 Sensei Says:

"Contrast this with GuardDuty. GuardDuty monitors for threats/attacks (behavior), while Inspector scans for vulnerabilities (weaknesses) in the software or configuration."

📚 Certification: AWS Certified Cloud Practitioner (CLF-C02)

🔑 What are the Key Concepts of AWS Inspector?

▸ Automated vulnerability scanning for EC2 instances and container images in Amazon ECR to identify software flaws and security gaps.
▸ Identification of Common Vulnerabilities and Exposures (CVEs) to ensure that operating systems and applications are patched and up-to-date.
▸ Network reachability analysis that detects unintended network exposure, helping prevent unauthorized access through misconfigured security groups or ACLs.
▸ Continuous monitoring capabilities that automatically scan new workloads as they are launched, reducing the manual effort of security audits.

🎯 How does AWS Inspector appear on the CLF-C02 Exam?

You may be asked to identify the service that automatically scans EC2 instances for software vulnerabilities and unintended network exposure, ensuring that your workloads are patched against known threats.

Expect questions where you must distinguish between detecting an active attack and finding a vulnerability; choose Inspector when the goal is identifying unpatched software or misconfigurations rather than monitoring for malicious behavior.

❓ Frequently Asked Questions

What is the primary difference between AWS Inspector and AWS GuardDuty?

Inspector is a vulnerability scanner that looks for 'holes' or weaknesses in your software and configuration. GuardDuty is a threat detection service that monitors for 'attacks' or malicious activity occurring in real-time.

Does AWS Inspector automatically fix the vulnerabilities it discovers?

No, Inspector only identifies and reports vulnerabilities. To remediate these findings, you would typically use AWS Systems Manager Patch Manager to apply the necessary software updates and security patches.

Related Terms from AWS Certified Cloud Practitioner

Auto Scaling Amazon ElastiCache Shared Responsibility Model AWS IAM AWS CloudTrail Object Storage

📝 Related Study Guides

Study Guide 8 min read

AWS Cloud Practitioner (CLF-C02): Complete 2026 Study Guide

The AWS Cloud Practitioner CLF-C02 certification validates foundational cloud knowledge across four domains: Cloud Concepts, Security and Compliance, Cloud Technology and Services, and Billing and Pricing. Prepare with a 4-week study plan focusing on core AWS services like EC2, S3, IAM, and Lambda, combined with scenario-based practice questions to build exam confidence.

Study Guide 10 min read

AWS Cloud Practitioner (CLF-C02) Study Guide for 2026

The AWS Cloud Practitioner (CLF-C02) exam validates overall understanding of the AWS Cloud platform. To pass, you must master four domains: Cloud Concepts, Security and Compliance, Technology, and Billing and Pricing. A successful strategy combines official AWS documentation with rigorous practice exams to benchmark your knowledge across all service categories.

Deep Dive 8 min read

AWS Support Plans & Pricing: CLF-C02 Exam Guide

AWS offers four support plans—Basic, Developer, Business, and Enterprise—differing by response time, access to engineers, and the inclusion of a Technical Account Manager (TAM). For the CLF-C02 exam, you must distinguish these tiers and understand pricing models like On-Demand, Reserved, Spot, and Savings Plans to optimize cloud costs.