automated-security-response-on-aws

automated-security-response-on-aws copied to clipboard

CIS 1.4.0 finding Eventbridge rule pattern not matching Security Hub event

1

**Describe the bug** The Amazon Eventbridge rules for CIS 1.4.0 framework that are enabled to start the Automated Response and triggered after matching the AWS Security Hub event have a...

hamzahvolvo

SC_SNS.2 Not executing due to wrong automation document

1

**Describe the bug** When executing ASR-SC_2.0.0_SNS.2 the automation returns 'Invalid document: ASR-EnableDeliveryLoggingForSNSTopic' When executing ASR-ASFBP_SNS.2 the automation succeeds as it executes the document 'ASR-EnableDeliveryStatusLoggingForSNSTopic' which is the correct name for...

Bradfordio

RDS.4 remediation failing to remediate

1

*Issue #, if available:* *BUG:* The control RDS.4 for the AFSBP standards contains an SSM document uses a line of Regex to find matched ARN's for RDS backups to encrypt,...

jacobtb23

fix: Improve the SHARR notification messages to include more relevant info for administrators receiving the events #185

1

*Issue #185 * *Description of changes:* Added additional properties to the Notification that is sent by SHARR on the SNS Topic when a Remediation is initiated and it's state changes....

thesuavehog

Print out the name of the SNS topic that a Notification is published to for clarity in the logs

1

**Is your feature request related to a problem? Please describe.** When debugging issues with the solution, the logging is not identifying the SNS topic that is being used which makes...

thesuavehog

fix: Print out the name of the SNS topic that a Notification is published to for clarity in the logs #183

2

Print out the name of the SNS topic that a Notification is published to for clarity in the logs. *Issue #183 * *Description of changes:* Updated log message to include...

thesuavehog

Optional customer managed keys

2

KMS Customer Managed Keys are expensive. I'm looking at the [cost examples](https://docs.aws.amazon.com/solutions/latest/automated-security-response-on-aws/cost.html) in the documentation. Take the first one, $3.30/month. I believe it's wrong. 10 accounts is 10 keys. That's...

camitz

1. | EC2.8 | Amazon EC2 instances should use Instance Metadata Service Version 2 (IMDSv2) | Applicable standards: AWS Foundational Security Best Practices v1.0.0, NIST SP 800-53 Rev. 5 2....

rakshb

Lambda.2 - Lambda functions should be in a VPC

rakshb

DynamoDB table created by AdminStack is non compliant

1

**Describe the bug** DynamoDB table created by AdminStack is non compliant with 2 security controls - DynamoDB.1 & DynamoDB.6 (AFSBP & SC) **To Reproduce** Deploy Admin stack as per implementation...

k4n30