Amazon Inspector

Receive Amazon Inspector vulnerability scan findings via EventBridge.

InboundCloud Platforms

Start Free Trial

Quick Setup

Copy Webhook URL

Go to your Alert24 dashboard and copy the webhook URL for Amazon Inspector.

Configure Amazon Inspector

Add the webhook URL in your Amazon Inspector settings.

Auto-Detected

Alert24 auto-detects Amazon Inspector payloads and maps them to incidents.

Step-by-Step Setup Instructions

Amazon Inspector Webhook Setup

1.In EventBridge, create a rule with source aws.inspector2 and detail-type Inspector2 Finding

2.Set the target to an SNS topic

3.Add an HTTPS subscription to the SNS topic using the webhook URL above

4.Confirm the subscription when you receive the confirmation request

5.Inspector automatically scans EC2, Lambda, and ECR — findings will arrive as they are discovered

Example Webhook Payload

This is a sample payload that Amazon Inspector sends to Alert24 when an alert fires.

{
  "version": "0",
  "source": "aws.inspector2",
  "detail-type": "Inspector2 Finding",
  "detail": {
    "awsAccountId": "123456789012",
    "findingArn": "arn:aws:inspector2:us-east-1:123456789012:finding/abcdef123456",
    "severity": "HIGH",
    "title": "CVE-2024-1234 - Remote code execution in libcurl",
    "description": "A vulnerability in libcurl allows remote code execution via crafted HTTP requests.",
    "type": "PACKAGE_VULNERABILITY",
    "resources": [
      {
        "type": "AWS_ECR_CONTAINER_IMAGE",
        "id": "arn:aws:ecr:us-east-1:123456789012:repository/my-app"
      }
    ],
    "status": "ACTIVE"
  }
}

How Alert24 Maps Amazon Inspector Data

Status Field

detail.severity

Message Field

detail.title

Auto-Create Incidents

Yes

Auto-Resolve Incidents

Status Mapping

Alert24 Status	Amazon Inspector Values
operational	`LOWINFORMATIONAL`
degraded	`MEDIUM`
down	`CRITICALHIGH`

Connect Amazon Inspector to Alert24 in minutes

Free plan includes 5 monitors, 1 status page, and incident management. No credit card required.

Start Free Trial See Pricing

More Cloud Platforms Integrations

AWS CloudWatch

Inbound

Receive CloudWatch alarm notifications via SNS webhook.

Azure Monitor

Inbound

Receive Azure Monitor alerts and log Activity Log changes to correlate infrastructure changes with incidents.

Azure Service Health

Inbound

Receive Azure Service Health incident, maintenance, and advisory notifications.

Azure Resource Health

Inbound

Receive Azure Resource Health notifications for individual resource availability.

Google Cloud Monitoring

Inbound

Receive Google Cloud Monitoring (formerly Stackdriver) alerts.

Google Cloud SCC

Inbound

Receive Google Cloud Security Command Center threat and vulnerability findings via Pub/Sub.