A standard three-tier application is hosted on Amazon EC2 instances that are fronted by an Application Load Balancer. The application maintenance team has reported several small-scale malicious attacks on the application. The solutions architect wants to ramp up the security of the application. Which of the following would you recommend as part of the best practices to scan and mitigate the known vulnerabilities?