How can the Application team satisfy the Security team’s requirement?
Perform regular assessments with Amazon Inspector
Perform regular assessments with AWS Trusted Advisor
Integrate AWS Personal Health Dashboard with Amazon CloudWatch events to get security notifications
Grant the Administrator and Security team access to AWS Artifact
Explanations:
Amazon Inspector is an automated security assessment service that helps identify common vulnerabilities and exposures (CVEs) in applications running on Amazon EC2 instances. It can be used for regular assessments to ensure that vulnerabilities are addressed continuously throughout the application’s lifecycle.
AWS Trusted Advisor provides best practices for optimizing AWS accounts, but it does not specifically address CVEs or perform regular vulnerability assessments on EC2 instances. It focuses more on cost optimization, performance, security, and fault tolerance.
AWS Personal Health Dashboard provides alerts and notifications about AWS service events impacting the infrastructure, but it does not perform vulnerability assessments. It is not designed for ongoing CVE identification or security validation.
AWS Artifact provides access to compliance reports and security and compliance documentation, but it does not offer tools for regular vulnerability assessments or continuous monitoring of CVEs in applications.
I figure that the answer is:
Perform regular assessments with Amazon Inspector