Solution Briefs

XM Cyber for Amazon Inspector

Layering on XM Cyber attack path visibility provides actionable detail to help customers prioritize their remediation efforts and quickly respond to protect critical resources

Prioritized High Impact Risk in AWS Security Hub

Migrating to and maintaining a hybrid cloud environment continues to be challenging from a cybersecurity point of view. New security gaps are constantly being created due to new ways of working in a hybrid network environment. Cyber attackers take advantage of this change to obtain the initial foothold and breach an organization leveraging misconfigurations, overly permissive identities, vulnerabilities, and human errors.

It’s important to implement cloud-based vulnerability assessment tools to strengthen the core of your security in the cloud. In order to gain the upper hand against threat actors, organizations should also include the adversarial context in their security arsenal. By understanding the true risk of a vulnerability as it relates to an exploitable attack path, you can reduce the risk it holds to your organization’s critical assets and prevent an attacker from compromising your network and moving laterally.

In an ever-changing elastic environment, it is crucial to prioritize high impact risks and know what to fix first. XM Cyber partnered with Amazon Web Services to help organizations proactively manage cloud security and accelerate digital transformation. XM Cyber is now an AWS Select Technology Partner by integrating the XM Cyber Exposure Management Platform with Amazon Inspector.

The XM Cyber Exposure Management integration with Amazon Inspector

The XM Cyber Exposure Management platform integration with Amazon Inspector identifies all cyber exposures, vulnerabilities and prioritizes high impact risks. In addition, API attacks are now a threat vector many companies are facing. Due to the scale and number of configurations for AWS, understanding the risk from the configurations and changes to the cloud policies is imperative. XM Cyber can identify for customers how an attacker can elevate privileges in the cloud.

The discovery is done across AWS customers’ EC2 Instances by enhancing the discovery with the adversarial context layer from XM Cyber. This continuous attack insight & attack surface context delivers quick results on what to fix first by prioritizing risks to critical assets to provide the new breed in security posture management.
XM Cyber provides specific context around the potential paths that attackers might take to reach an organization’s critical asset and pinpoints key intersections that multiple attack paths can flow through to then prescribe guidance to mitigate the risk in the most cost-effective manner. This data is then funneled to AWS Security Hub in a common format, enabling customers to take immediate action to address the riskiest vulnerabilities first.

Key Benefits of the XM Cyber Exposure Management Platform:

Reveal the chain of attack in the context of your critical assets

Know how you could be attacked from on-premise to the cloud and back again

Continuous visibility of new exposures

Pinpoint what to remediate first to mitigate risk most efficiently

XM Cyber and Amazon Inspector – How we have helped

Reinforce AWS Security with Continuous and Automated Mitigation of Hybrid Cyber Risk

ATTACK PATH INSIGHT – Feed Amazon Inspector users with a map outlining all the ways that attackers can compromise critical assets through lateral movement across on-premise, cloud and hybrid networks.

PRIORITIZATION – Prioritize the vulnerabilities that have the highest risk impact to your critical assets for cost-effective and rapid remediation

PINPOINT HIGH RISK – Identify the specific points within the network that allow for maximum risk reduction with minimum effort and disruption. This data is then funneled to AWS Security Hub which performs security best practice checks, aggregates alerts, and enables automated remediation

GUIDED REMEDIATION – XM Cyber continuously provides enriched data to AWS Security Hub with guided remediation steps, enabling customers to take immediate action to address the riskiest vulnerabilities first

How the integration works

XM Cyber Exposure Management Platform listens to AWS Security Hub specifically for Amazon Inspector events. It proactively and continuously identifies cyber exposures as new workloads are deployed, illuminating high risk weaknesses such as misconfigurations, vulnerabilities, overly permissive identities and more, that combined together enable the execution of multiple attack paths towards critical assets that often originate from threats outside the cloud. The platform then
correlates Inspector findings with XM Cyber’s Exposure Management tool to show all risks towards critical assets. By ingesting information from a variety of data sources XM Cyber provides a clear visibility and context of all exposed issues that lead to critical assets, resulting in improved vulnerability prioritization.

Based on Amazon Inspector vulnerability findings, XM Cyber enriches the data by modeling attack paths from high-risk devices towards critical assets and pinpoints key intersections multiple attack paths can flow through, aka choke points. Focusing on the highest impact risks first, organizations can reduce their attack surface in the most cost-effective manner. XM Cyber prioritizes risks based on the complexity of the attack, ie. how many steps it takes to compromise a critical asset and how many attack paths pass through them. By remediating the exposures on the choke points, you mitigate the risk that can compromise your critical assets,
driving focused, timely and resource- efficient remediation efforts. XM Cyber continuously provides enriched data to AWS Security Hub in a common format, enabling customers to automate immediate action to address the riskiest vulnerabilities first.


Find and fix the exposures that put your critical assets at risk with ultra-efficient remediation.

See what attackers see, so you can stop them from doing what attackers do.