Home › Forums › AWS › AWS Certified DevOps Engineer Professional › DOP- Review Mode Set 2 › Reply To: DOP- Review Mode Set 2
-
Hello AnkitPanchotiya,
Thank you for your feedback. It’s important to differentiate between assessing the application code and the overall application environment. The question specifies the need to assess applications for exposure, vulnerabilities, and deviations from AWS best practices.
- Amazon CodeGuru: Primarily focuses on code reviews and performance recommendations, making it ideal for assessing the application code.
- Amazon Inspector: Designed to assess the security and compliance of applications running on EC2 instances, including identifying vulnerabilities and deviations from best practices in the application environment.
Given the broader scope of the question, which includes assessing the application environment, Amazon Inspector is the most suitable for this scenario. It provides a comprehensive assessment of the application’s security posture, covering both the infrastructure and the application running on it.
I hope this helps!
Regards,
JR @ Tutorials Dojo