cloudiscovery icon indicating copy to clipboard operation
cloudiscovery copied to clipboard
verified publisher icon Cloud-Architects

(AWS) Command for security and data checks

Open leandrodamascena opened this issue 5 years ago • 1 comments

Might be interesting to add a command to check security in AWS. This command must analyze the following itens:

[ ] - CloudFront distributions without HTTPS [ ] - Unencrypted EBS Volumes [ ] - Dynamodb with Point-in-Time Recovery (PITR) disabled [ ] - Over-permissive IAM policies [ ] - S3 bucket with public policies [ ] - S3 bucket versioning disabled [ ] - S3 bucket without SSE

leandrodamascena avatar Jul 05 '20 17:07 leandrodamascena

A good point of reference might be https://github.com/toniblyx/prowler, https://github.com/nccgroup/ScoutSuite (this one is multi cloud) or AWS Config with conformance templates/managed rules.

The problem with Config is that it's overcomplicated, especially if you want to integrate it with AWS Security Hub. The configuration overhead is also problematic.

If it would be possible to have a command that would provide preselected rules and make use of ready rules, that would be great to have.

patrykorwat avatar Jul 06 '20 08:07 patrykorwat