Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

(AWS) Command for security and data checks #127

Open
leandrodamascena opened this issue Jul 5, 2020 · 1 comment
Open

(AWS) Command for security and data checks #127

leandrodamascena opened this issue Jul 5, 2020 · 1 comment
Labels
AWS AWS - Amazon Web Services enhancement New feature or request
Milestone
Version 3.0.0

Comments

@leandrodamascena
Copy link
Member

Might be interesting to add a command to check security in AWS.
This command must analyze the following itens:

[ ] - CloudFront distributions without HTTPS
[ ] - Unencrypted EBS Volumes
[ ] - Dynamodb with Point-in-Time Recovery (PITR) disabled
[ ] - Over-permissive IAM policies
[ ] - S3 bucket with public policies
[ ] - S3 bucket versioning disabled
[ ] - S3 bucket without SSE
@leandrodamascena leandrodamascena added AWS AWS - Amazon Web Services enhancement New feature or request labels Jul 5, 2020
@leandrodamascena leandrodamascena added this to the Version 3.0.0 milestone Jul 5, 2020
@meshuga
Copy link
Member

meshuga commented Jul 6, 2020
edited
Loading

A good point of reference might be https://github.com/toniblyx/prowler, https://github.com/nccgroup/ScoutSuite (this one is multi cloud) or AWS Config with conformance templates/managed rules.

The problem with Config is that it's overcomplicated, especially if you want to integrate it with AWS Security Hub. The configuration overhead is also problematic.

If it would be possible to have a command that would provide preselected rules and make use of ready rules, that would be great to have.

leandrodamascena added a commit that referenced this issue Jul 16, 2020
@leandrodamascena
Security commands initial commit #127
1034f7a
leandrodamascena added a commit that referenced this issue Aug 17, 2020
@leandrodamascena
Additional Security commands #127
b408422
leandrodamascena added a commit that referenced this issue Aug 17, 2020
@leandrodamascena
Additional Security commands - pitr to dynamodb #127
ce6a95c
meshuga added a commit that referenced this issue Aug 19, 2020
@meshuga
#127 code review
57ed8ec
meshuga added a commit that referenced this issue Aug 19, 2020
@meshuga
#127 report adjustment
bb0d871
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
AWS AWS - Amazon Web Services enhancement New feature or request
Projects
None yet
Milestone
Version 3.0.0
Development

No branches or pull requests
2 participants
@meshuga @leandrodamascena