Fortinet black logo

online help

Common Vulnerability and Exposures

Copy Link
Copy Doc ID 317ac0d2-6ad6-11ea-9384-00505692583a:785673

Common Vulnerability and Exposures (CVE)

Common Vulnerability and Exposures (CVE) is a standardized list of publicly known vulnerabilities and security exposures. FortiCWP integrates AWS Inspector CVE analysis using Inspector Agents installed on EC2 instances. Follow steps below to create Assessment templates to generate CVE analysis. After CVE setup is completed, the CVE findings will be displayed in Resources > Asset View in FortiCWP.

Create EC2 role for AWS SSM agent

Amazon EC2 instances communicate through ec2messages. By installing an SSM agent on an EC2 instance, it allows the EC2 instance to send SSM Agent logs.

  1. Log into AWS console with the accounts that have running EC2 instances.
  2. Search and click on IAM from AWS navigation menu.
  3. In the left navigation pane, click on Roles under the Access management drop down menu, and click Create role.
  4. Select AWS service in Type of trusted entity, and EC2 in the common use case, then click Next: Permissions.
  5. In the Policy search field, search and select AmazonSSMManagedInstanceCore, then click Next: Tags.
  6. Click Next: Review.
  7. In the Role name field, give any name for the EC2 role. (Keep the name of EC2 role for use later in attaching the role to the EC2 instance)
  8. Click Create role to finish creating the role.

Attach the EC2 role to all EC2 instances

  1. Search and click on EC2 from AWS navigation menu.
  2. In the left navigation pane, click on Instances under Instances drop down menu.
  3. Click on a running instance, click Actions drop down menu > Instance Settings > Attach/Replace IAM role.

  4. Click on the IAM role drop down menu, and select the EC2 role created earlier.
  5. Click Apply to finish attaching the EC2 role.
  6. Repeat steps 3-5 above to attach the EC2 role to the rest of the running EC2 instances.

Create an Assessment Target on AWS Inspector

  1. Search and click on Inspector from AWS navigation menu.
  2. In the left navigation pane, click on Assessment targets.
  3. Click Create to create an Assessment Target.
  4. In the Name field enter "FortiCWP-Assessment-target".
  5. In All Instances, click to Include all EC2 instances in this AWS account and region.
  6. Click Save.
  7. Click on the drop down menu next to the Assessment Target created, and click Preview Target.
  8. Only the servers that support the Inspector agent will show HEALTHY status.
  9. Click OK.

Continue to the next section to create Assessment run using the template.

Create Assessment Template for Assessment Run

  1. In the Inspector left navigation pane, click on the Assessment template.
  2. Click Create to create an Assessment Template.
  3. In the Name field enter "FortiCWP-Assessment-template".
  4. In the Target name field choose FortiCWP-Assessment-target.
  5. In the Rules packages field, choose Common Vulnerabilities and Exposures-1.1.
  6. In the Assessment Schedule, click Set up recurring assessment runs once every X days. The default is set to 7 days or choose any date range for the assessment to run.
  7. Click Create.

After the Assessment Template is created, you may go to Assessment Runs to review CVE findings and history. The CVE findings will be displayed in Resources > Asset View in FortiCWP.

To activate CVE for EC2 instances in other regions, go back to the AWS dashboard, click on your AWS account drop down menu, select another region then repeat this entire tutorial again from creating EC2 role.

Common Vulnerability and Exposures (CVE)

Common Vulnerability and Exposures (CVE) is a standardized list of publicly known vulnerabilities and security exposures. FortiCWP integrates AWS Inspector CVE analysis using Inspector Agents installed on EC2 instances. Follow steps below to create Assessment templates to generate CVE analysis. After CVE setup is completed, the CVE findings will be displayed in Resources > Asset View in FortiCWP.

Create EC2 role for AWS SSM agent

Amazon EC2 instances communicate through ec2messages. By installing an SSM agent on an EC2 instance, it allows the EC2 instance to send SSM Agent logs.

  1. Log into AWS console with the accounts that have running EC2 instances.
  2. Search and click on IAM from AWS navigation menu.
  3. In the left navigation pane, click on Roles under the Access management drop down menu, and click Create role.
  4. Select AWS service in Type of trusted entity, and EC2 in the common use case, then click Next: Permissions.
  5. In the Policy search field, search and select AmazonSSMManagedInstanceCore, then click Next: Tags.
  6. Click Next: Review.
  7. In the Role name field, give any name for the EC2 role. (Keep the name of EC2 role for use later in attaching the role to the EC2 instance)
  8. Click Create role to finish creating the role.

Attach the EC2 role to all EC2 instances

  1. Search and click on EC2 from AWS navigation menu.
  2. In the left navigation pane, click on Instances under Instances drop down menu.
  3. Click on a running instance, click Actions drop down menu > Instance Settings > Attach/Replace IAM role.

  4. Click on the IAM role drop down menu, and select the EC2 role created earlier.
  5. Click Apply to finish attaching the EC2 role.
  6. Repeat steps 3-5 above to attach the EC2 role to the rest of the running EC2 instances.

Create an Assessment Target on AWS Inspector

  1. Search and click on Inspector from AWS navigation menu.
  2. In the left navigation pane, click on Assessment targets.
  3. Click Create to create an Assessment Target.
  4. In the Name field enter "FortiCWP-Assessment-target".
  5. In All Instances, click to Include all EC2 instances in this AWS account and region.
  6. Click Save.
  7. Click on the drop down menu next to the Assessment Target created, and click Preview Target.
  8. Only the servers that support the Inspector agent will show HEALTHY status.
  9. Click OK.

Continue to the next section to create Assessment run using the template.

Create Assessment Template for Assessment Run

  1. In the Inspector left navigation pane, click on the Assessment template.
  2. Click Create to create an Assessment Template.
  3. In the Name field enter "FortiCWP-Assessment-template".
  4. In the Target name field choose FortiCWP-Assessment-target.
  5. In the Rules packages field, choose Common Vulnerabilities and Exposures-1.1.
  6. In the Assessment Schedule, click Set up recurring assessment runs once every X days. The default is set to 7 days or choose any date range for the assessment to run.
  7. Click Create.

After the Assessment Template is created, you may go to Assessment Runs to review CVE findings and history. The CVE findings will be displayed in Resources > Asset View in FortiCWP.

To activate CVE for EC2 instances in other regions, go back to the AWS dashboard, click on your AWS account drop down menu, select another region then repeat this entire tutorial again from creating EC2 role.