EC2 Instance

Continuously audit and monitor EC2 Instance configurations and enforce security compliance as code with Panther.

Amazon EC2 provides different instance types to enable you to choose the CPU, memory, storage, and networking capacity that you need to run your applications. Use Panther to track real-time changes to your EC2 instances to ensure configurations meet your business requirements for security and compliance.

Monitoring EC2 is critical for understanding the history of EC2 metrics changes and detecting suspicious activity. Use Panther’s built in policies for continuous monitoring of EC2 instances, or write your own detections in Python to fit your internal business use cases.

Use Cases

Common security use cases for EC2 Instance with Panther include:

• Check if given EC2 Instance is running in an approved VPC
• Check if an EC2 Instance is running with an approved tenancy option - dedicated, host, and default.
• Ensure that an EC2 instance is running on one of the approved instance types.

How it Works

The integration is simple and fast:

• Connect your AWS account to Panther
• A baseline scan is performed to identify all existing EC2 Instances enabled in your AWS account(s)
• Built-in detections identify security issues
• Alerts will be sent if non-compliant security group exists

Use Panther to search all EC2 Instances in an AWS account by name, view their compliance status, associated policies, and configured remediations. Learn more about using Panther to analyze your AWS logs for security insights.