Article Publication Date: 9th May 2024 Article Version: 1.0
Scanning by AWS tags
      Back to home
      1. Help Center
      2. Advanced Features & Customizations
      3. Scanning by AWS tags

      Can I setup assets using AWS tags as locations?

      A lot of AWS users use tags to identify EC2 instances, and Edgescan is able to use these instead of IP addresses to identify scan targets.

      Version Number: v1.0.1

      Published Date: 9 May 2024

      ____________________________________________________________________________

      When scanning infrastructure on AWS internal networks, one of the challenges lies in correlating vulnerability data from scan to scan. This is mainly due to the dynamic nature of IP addresses, which often change with each deployment.

      Many AWS users rely on tags to identify their EC2 instances. Utilizing these tags instead of IP addresses as scan targets enable us to track vulnerabilities across multiple scans but also provide a more descriptive approach for our customers.

      If you have PCI scanning requirements, you may have an audit headache with ephemeral addresses on cloud environments. Edgescan AWS tagging can be used to keep track of your instances if they have different IPs each time they are deployed.

      We use a custom DNS server that automatically updates DNS records based on the tags on your EC2 instances in order to allow scanners to target them.

      Not all customers will require this. You should talk to your internal AWS team to see if this functionality is relevant to your teams.