In Q4 2021, Vanta Vulnerability Scanning for Servers was deprecated and replaced with native integration with AWS's vulnerability scanning product, Amazon Inspector.
Why deprecate Vanta Server Vulnerability Scanning?
We've received lots of feedback on Vanta's Server Vulnerability Scanner. The Vanta Agent for Servers had limited support for several configurations and setups that our customers use (such as autoscaling, AMIs, and network setups), and the installation process was often confusing and repetitive. Going forwards, we've decided to instead integrate with the scanners you already use.
How does AWS Inspector work?
The new Amazon Inspector is a 1:1 replacement for the Vanta Server Agent, and supports continuous scans on EC2 instances and ECR containers. You can configure Inspector to install automatically on servers and scan for Common Vulnerabilities & Exposures (CVEs) which will then be reported to Vanta. Learn more at AWS's website
Why move to AWS Inspector?
- Reliable installation process: Amazon provides one-click installation processes, as well as custom AMIs with AWS Inspector preinstalled. This means that the install process can be completely automated, and the customer workflow is simpler. More details on setup here.
- Support for more server configurations: Inspector supports more operating systems than the Vanta Agent. This includes ARM and Windows servers.
- Detailed reporting: While Vanta will continue to help you track Inspector vulnerability findings and SLA deadlines, AWS also provides a powerful console to drill deeper into found vulnerabilities.
How do I set up AWS Inspector?
First, set Inspector up in AWS: A how-to guide is available
here.
Then, go to the Vulnerabilities page to connect Inspector to Vanta.
What is the cost?
Amazon Inspector is quite cost effective. More pricing info here.
To quote AWS: "10 EC2 instances scanned for all 30 days would be $12.50/mo".
I have more questions. What's next?
As always, don’t hesitate to reach out with any questions or concerns. Your feedback is extremely important to our team and we are looking forward to supporting your company in a more secure and robust way!