Amazon Inspector now supports deep inspection of EC2 instances when the continual EC2 scanning feature is activated. With this expanded capability, Inspector now identifies software vulnerabilities in application programming packages including Python, Java, and Node.js packages in addition to operating system packages. Inspector discovers these application programming packages installed in default directory paths, and also allows customers to provide additional custom directory paths for Inspector discovery. This feature is activated by default for all new customers, and existing customers can activate this feature across their organization with a single click in the console. Deep inspection of EC2 instances is offered at no additional cost to Inspector customers.
Source:: Amazon AWS