Amazon Inspector vs RiskRecon comparison

Amazon Inspector is an automated security assessment service that helps improve the security and compliance of applications deployed on AWS. Amazon Inspector automatically assesses applications for exposure, vulnerabilities, and deviations from best practices. After performing an assessment, Amazon Inspector produces a detailed list of security findings prioritized by level of severity. These findings can be reviewed directly or as part of detailed assessment reports which are available via the Amazon Inspector console or API.

Amazon Inspector security assessments help you check for unintended network accessibility of your Amazon EC2 instances and for vulnerabilities on those EC2 instances. Amazon Inspector assessments are offered to you as pre-defined rules packages mapped to common security best practices and vulnerability definitions. Examples of built-in rules include checking for access to your EC2 instances from the internet, remote root login being enabled, or vulnerable software versions installed. These rules are regularly updated by AWS security researchers.

RiskRecon provides a SaaS platform that helps organizations more effectively manage the risk reality of increasingly interconnected IT ecosystems by delivering frequent, comprehensive and actionable security performance measurements.

Using proprietary data gathering techniques, RiskRecon creates a 360-degree risk profile of an enterprise's public IT footprint. Based on that footprint and a detailed analysis, a RiskRecon rating and report is generated providing detailed, actionable information with context. No additional analysis is required.

Clients rely on RiskRecon to bring greater transparency, accountability and productivity to their vulnerability and third-party risk management processes. And, they trust that RiskRecon's continuous monitoring solution employs only ethical techniques - no proprietary vendor data, no permissions and no invasive scans.