G-Scout is a tool made to help assess the security of Google Cloud Platform (GCP) environment configurations. By leveraging the Google Cloud API, G-Scout automatically gathers a variety of configuration data, and analyzes this data to determine security risks. It produces HTML output, which allows for convenient browsing of results.
The audited data relates to:
- IAM roles
- Compute engine instances
- Storage buckets
- Firewall rules
- SQL and noSQL databases
- Service account keys
G-Scout also allows users to create and customize rulesets simply by creating Python functions.
You can find G-Scout at https://github.com/nccgroup/G-Scout. It’s free to use and modify.
For more information on G-Scout, read the blog by Angelo Mellos.
