From helpnetsecurity.com
Amazon Inspector is designed to manage vulnerabilities by continuously scanning your AWS workloads for software vulnerabilities and unintended network exposure across your entire organization.
Upon activation, Amazon Inspector automatically detects all your Amazon Elastic Compute Cloud (EC2) instances, container images in Amazon Elastic Container Registry (ECR), and AWS Lambda functions on a large scale. It then continuously monitors them for known vulnerabilities, providing you with a unified view of vulnerabilities across your compute environments.
It also provides a highly-contextualized vulnerability risk score by correlating vulnerability information with environmental factors such as external network accessibility to help you prioritize the highest risks to address.