Amazon Inspector is an automated security assessment service that helps improve the security
and compliance of applications deployed on AWS. Amazon Inspector automatically assesses
applications for exposure, vulnerabilities, and deviations from best practices
You can use AWS Lambda, Amazon EMR, the Amazon Elasticsearch Service, or third- party tools
from the AWS Marketplace to scan logs to detect things like unused permissions, overuse of
privileged accounts, usage of keys, anomalous logins, policy violations, and system abuse
CloudWatch is used for performance monitoring whereas CloudTrail is used for logging API
calls