aws-guard-rules-registry icon indicating copy to clipboard operation
aws-guard-rules-registry copied to clipboard

Published 20 hours ago verified publisher icon aws-cloudformation

(rules): Create an AWS Foundational Security Best Practices (FSBP) rule set

Open benbridts opened this issue 3 years ago • 2 comments

Description

Security Hub has the AWS Foundational Security Best Practices standard: https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-standards-fsbp.html

It would be nice if there was a rule set for this standard too

Use Case

Customers Using Security Hub can prevent misconfigured resources from being deployed

Proposed Solution

  • Most of the Controls are based on Config, so the files probably already exist
  • A map file can be created
  • There were recently new rules announced, they probably have to be written

Other information

List of the controls: https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-standards-fsbp-controls.html New control: https://aws.amazon.com/about-aws/whats-new/2022/09/aws-security-hub-new-security-best-practice-control/

Acknowledge

  • [ ] I may be able to implement this feature request
  • [ ] This feature might incur a breaking change

benbridts avatar Sep 13 '22 10:09 benbridts

Initially the conformance pack sample templates were used to create the first set of mapping files. This additional mapping could be pulled out from the documentation and mapped, though not all controls could be implemented.

grolston avatar Sep 19 '22 20:09 grolston

I am actually working on plugging the gaps for this standard and contributing the mapping. Aiming to be done by end of November or before.

drmmarsunited avatar Oct 18 '22 19:10 drmmarsunited