Scott Piper

icon indicating a website link https://SummitRoute.com

icon location Salt Lake City, UT icon location AWS security; Developed flaws.cloud, flaws2.cloud, CloudMapper, CloudTracker, and Parliament. https://infosec.exchange/@scottpiper

Results 109 issues of Scott Piper

Separate out new principals from ones that have not been used for 90 days in the IAM report

2 comment

bug
iam_report

Fix find_admins

1 comment

Indentation needs to be removed here: https://github.com/duo-labs/cloudmapper/blob/4f5ec6f6eaffdef4c8d14a628215747b548fbc2d/shared/iam_audit.py#L368 It is not reporting admins when it should

bug

Report showing what regions are in use is wrong

I generated a report and it showed all regions as being used, when some were not.

bug

Add securityhub vendors

1 comment

https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-partner-providers.html

good first issue
weboftrust

Identify vendors that are not publicly documented

1 comment

We've had some PRs to add vendor accounts that aren't publicly documented. I've generally avoided these because: 1) The vendor might not want their account ID to be publicly known...

enhancement

Look for AmazonMachineLearningRoleforRedshiftDataSourceV2

1 comment

Add that as another bad policy, as they had updated it. https://github.com/duo-labs/cloudmapper/pull/808/files#diff-a677e8d531c79c66b32bb42a929952e558fa87d15fa70e4f9bc539fedeffa094R21

audit

Add useragent to identify cloudmapper

1 comment

enhancement
good first issue

Check if GuardDuty S3 data events is enabled

https://aws.amazon.com/blogs/aws/new-using-amazon-guardduty-to-protect-your-s3-buckets/

audit

Ensure all SNS have authenticate on unsubscribe

audit

S3 Control Access Block should be renamed to S3 Public Access Block

audit