-
Notifications
You must be signed in to change notification settings - Fork 88
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
(AWS) Command for security and data checks #127
Comments
A good point of reference might be https://github.com/toniblyx/prowler, https://github.com/nccgroup/ScoutSuite (this one is multi cloud) or AWS Config with conformance templates/managed rules. The problem with Config is that it's overcomplicated, especially if you want to integrate it with AWS Security Hub. The configuration overhead is also problematic. If it would be possible to have a command that would provide preselected rules and make use of ready rules, that would be great to have. |
Might be interesting to add a command to check security in AWS.
This command must analyze the following itens:
[ ] - CloudFront distributions without HTTPS
[ ] - Unencrypted EBS Volumes
[ ] - Dynamodb with Point-in-Time Recovery (PITR) disabled
[ ] - Over-permissive IAM policies
[ ] - S3 bucket with public policies
[ ] - S3 bucket versioning disabled
[ ] - S3 bucket without SSE
The text was updated successfully, but these errors were encountered: