We’re proud to announce the release of a new version of our open-source, multi-cloud auditing tool ScoutSuite (on Github)!
Notable improvements and features include:
- Core
- Breaking change: support for Python 3.5 has been deprecated
- Moved unit tests from nose to pytest improved coverage
- Bug fixes and improved error handling
- AWS
- Created a ruleset for the AWS CIS Benchmark version 1.2
- Can be run with the
--ruleset cis-1.2.0.json
parameter - This included the addition of 23 new rules, most of which where also added to the default ruleset
- Can be run with the
- Added support for
- DynamoDB
- VPC Peering Connections Flow Logs (Subnet VPC)
- CloudWatch Metric Filters
- Improved the report and processing for AWS resources
- Created a ruleset for the AWS CIS Benchmark version 1.2
- Azure
- Improved support for App Services web apps, including 5 new rules
- Improved the NSG implementation, decreasing the report size by orders of magnitude
- Added Azure Tags and Resource Groups to all resources
- GCP
- Added support for Google Kubernetes Engine, including 19 new rules
- Improved reporting for Compute Engine instances, networks, subnetworks and firewall rules
- Implemented exponential backoff to handle API quotas
Check out the Github page for additional information, as well as the wiki documentation!
For those wanting a Software-as-a-Service version, we also offer NCC Scout. This service includes persistent monitoring, as well as coverage of additional services across the three major public cloud platforms. If you would like to hear more, reach out to scout@nccgroup.com or visit our cyberstore!