Automate Scanning into DevOps Process to Harden the AMI

In AWS, it is a best practice to create your own custom Amazon Machine Images (AMIs) using the publicly available AMI. You can then customize the pre-configured OS & software to run your application. However, you must comprehensively test such custom AMI before using it for production workload. You  also need to run a vulnerability scan against the AMI to assess applications for vulnerabilities or deviations from the best practices. Qualys provides out-of-box API’s to integrate into your DevOps process for scanning the AMI images.

For example, here are the typical steps involved in AMI creation and how Qualys APIs can be used for hardening the AMI.

For detailed information on using Qualys APIs related to AWS, see the Asset Management and Tagging API v2 User Guide.

© 2025 Qualys, Inc. All rights reserved. Privacy Policy.