
Amazon Inspector (Preview) - polmolea
http://aws.amazon.com/inspector/
======
rwmj
I wonder if they're using OpenSCAP for this. It's an XML document that (at
least) Red Hat and Microsoft publish which contains the lists of known good
hashes for every file we publish, and also a set of rules for common
vulnerabilities (things like "if a directory is public writable, flag an
error" \-- but lots of them, and more complex). Also CVE data is published in
a machine-readable format.

Here's the data that Red Hat publishes:
[https://www.redhat.com/security/data/oval/](https://www.redhat.com/security/data/oval/)

I'll pimp my own experiments scanning offline guests using SCAP:

[https://rwmj.wordpress.com/2013/05/16/scanning-offline-
guest...](https://rwmj.wordpress.com/2013/05/16/scanning-offline-guests-using-
openscap-and-guestmount/#content)

