cloudsploit

cloudsploit copied to clipboard

Feature/plugin/ses validated domains

1

This plugin produces a failing result for any validated SES domain. SES Domains (vs SES email identities) present a phishing/forgery risk in accounts with loose IAM access or in event...

jchrisfarris

Feature/plugin/cloudtrail bucket ignore

1

Adds option to ignore buckets outside the account These plugins were developed by Trek10 under contract to WarnerMedia for release back into the main CloudSploit Scanning Engine. WarnerMedia expressly authorizes...

jchrisfarris

Bugfix/fix skip pagination

1

the --skip-pagination option is inverted and the code was unclear.

hauboldj

feature/AKD-191: Added Azure 'Automated Backups Configured' Plugin and test cases

1

ali-imran7

CIS compliance missing in Azure & GCP plugins.

5

Whenever I try to run the report for Azure Cloud using CIS compliance, I get the error as Nothing to collect as there is no compliance object there for CIS...

tusharMathurImpetus

…ugin

sadeed12345

Feature/lambdafication revised

1

This PR provides a way to run the engine via AWS Lambda. A new file lambda_index.js is provided which contains the lambda_handler. A SAM CloudFormation Template and Makefile exist for...

jchrisfarris

SAAS-3999: GCP Remediation for Ingress All Traffic Disabled Plugin

1

mehakseedat63

Fixing the potential false-negative on plugin eksPrivateEndpoint.js reported on issue 823

2

The EKS endpoint setting can have endpointPublicAccess as true, and endpointPrivateAccess as **true** too. So, just checking if endpointPrivateAccess is true can result in a false-negative. The right way to...

celsogbezerra

sadeed12345