Amazon Inspector Boosts Security with Java Gradle Support
Amazon Inspector has rolled out significant updates to its automated vulnerability management capabilities, expanding coverage to include Java Gradle support and several other critical technologies. For organizations running AWS workloads, these enhancements mean more comprehensive security scanning across a broader range of applications and dependencies.

What’s New in Amazon Inspector

Amazon Inspector automatically discovers and continuously scans AWS resources — including EC2 instances, container images in Amazon ECR, and AWS Lambda functions for software vulnerabilities and unintended network exposure. The service generates prioritized findings by severity, helping teams focus on critical issues first.

Java Gradle Support

The standout feature is new support for Java Gradle projects in AWS Lambda functions and Amazon ECR images. Inspector now analyzes gradle.lockfile files to scan Java dependencies, including transitive dependencies, for known CVEs. For organizations with complex Gradle dependency trees, this automates what previously required specialized tooling or manual inspection, helping identify software supply chain risks earlier in the development lifecycle.

Expanded Technology Coverage

The update extends scanning to several widely-used technologies:

MySQL and MariaDB – Inspector now monitors these database systems for vulnerabilities, crucial for data-driven applications. This coverage applies even when databases are deployed within application containers rather than as managed AWS RDS instances.

PHP and Jenkins-core – With PHP powering countless web applications and Jenkins being critical for CI/CD pipelines, securing both the application runtime and build infrastructure prevents compromises that could cascade throughout development and production environments.

7zip (Windows) and Elasticsearch – Windows-based workloads using 7zip and environments leveraging Elasticsearch for search and analytics now benefit from automated vulnerability detection, protecting system utilities and data indexing infrastructure.

Curl/LibCurl – These ubiquitous libraries for data transfer are now covered, helping prevent man-in-the-middle attacks and other network-based exploits that could originate from compromised components.

How to Get Started

These capabilities are available in all AWS Regions where Amazon Inspector is offered. For ECR images and Lambda functions, Inspector automatically discovers and scans resources upon activation, continuously monitoring for changes. EC2 instances use agent-based or agentless scanning approaches, leveraging the AWS Systems Manager agent for inventory collection.

Organizations should consult the Amazon Inspector user guide for the complete list of supported operating systems and programming languages to ensure comprehensive coverage for their specific environments.

By expanding scanning to cover Java Gradle and other critical technologies, Inspector empowers development and security teams to proactively identify and mitigate risks across a broader array of AWS workloads. This enhanced visibility and automation are essential for maintaining strong security postures in complex cloud environments, helping organizations deliver more secure applications with greater confidence.

Follow us on Bluesky, LinkedIn, and X to Get Instant Updates