Cloud Safety Audit - A Dominance Draw Of Piece Of Occupation Safety Audit Tool For Amazon Spider Web Services
Tuesday, August 6, 2013
Edit
Cloud Safety Audit - A Dominance Draw Of Piece Of Occupation Safety Audit Tool For Amazon Spider Web Services - Hi friends mederc, In the article that you read this time with the title Cloud Safety Audit - A Dominance Draw Of Piece Of Occupation Safety Audit Tool For Amazon Spider Web Services, We have prepared this article well for you to read and retrieve information from it. hopefully fill the posts
Article Amazon,
Article Amazon Web Services,
Article Audit Tool,
Article AWS,
Article AWS Security,
Article Cloud Security Audit,
Article Command Line,
Article EC2,
Article golang,
Article S3,
Article Security Audit,
Article Security Audit Tool,
Article vulnerabilities, we write this you can understand. Alright, happy reading.
Title : Cloud Safety Audit - A Dominance Draw Of Piece Of Occupation Safety Audit Tool For Amazon Spider Web Services
link : Cloud Safety Audit - A Dominance Draw Of Piece Of Occupation Safety Audit Tool For Amazon Spider Web Services
Influenza A virus subtype H5N1 command line safety audit tool for Amazon Web Services
About
Cloud Security Audit is a ascendence draw tool that scans for vulnerabilities inwards your AWS Account. In slowly means y'all volition survive able to position unsecure parts of your infrastructure in addition to railroad train your AWS draw of piece of work organisation human relationship for safety audit.
Installation
Currently Cloud Security Audit does non back upwardly whatsoever packet managers, merely the function is inwards progress.
Building from sources
First of all y'all necessitate to download Cloud Security Audit to your GO workspace:
Then construct in addition to install configuration for the application within cloud-security-audit directory yesteryear executing:
Usage
Initialising Session
If you're using MFA y'all necessitate to say Cloud Security Audit to authenticate y'all earlier trying to connect yesteryear using flag
EC2 Scan
How to use
To perform audit on all EC2 instances, type:
Example output
How to read it
Docs
You tin rank the axe honour to a greater extent than information near encryption inwards the next documentation:
S3 Scan
How to use
To perform audit on all S3 buckets, type:
Example output
How to read it
Docs
You tin rank the axe honour to a greater extent than near securing your S3's inwards the next documentations:
License
Apache License 2.0
Maintainers
You are now reading the article Cloud Safety Audit - A Dominance Draw Of Piece Of Occupation Safety Audit Tool For Amazon Spider Web Services with the link address https://mederc.blogspot.com/2013/08/cloud-safety-audit-dominance-draw-of.html
Title : Cloud Safety Audit - A Dominance Draw Of Piece Of Occupation Safety Audit Tool For Amazon Spider Web Services
Cloud Safety Audit - A Dominance Draw Of Piece Of Occupation Safety Audit Tool For Amazon Spider Web Services
Influenza A virus subtype H5N1 command line safety audit tool for Amazon Web Services
About
Cloud Security Audit is a ascendence draw tool that scans for vulnerabilities inwards your AWS Account. In slowly means y'all volition survive able to position unsecure parts of your infrastructure in addition to railroad train your AWS draw of piece of work organisation human relationship for safety audit.
Currently Cloud Security Audit does non back upwardly whatsoever packet managers, merely the function is inwards progress.
Building from sources
First of all y'all necessitate to download Cloud Security Audit to your GO workspace:
$GOPATH $ larn begin github.com/Appliscale/cloud-security-audit $GOPATH $ cd cloud-security-audit
cloud-security-audit $ brand all
Usage
Initialising Session
If you're using MFA y'all necessitate to say Cloud Security Audit to authenticate y'all earlier trying to connect yesteryear using flag
--mfa
. Example:$ cloud-security-audit --service s3 --mfa --mfa-duration 3600
EC2 Scan
How to use
To perform audit on all EC2 instances, type:
$ cloud-security-audit --service ec2
You tin rank the axe narrow the audit to a region, yesteryear using the flag -r
or --region
. Cloud Security Audit also supports AWS profiles - to specify profile work the flag -p
or --profile
.Example output
+---------------+---------------------+--------------------------------+-----------------------------------+----------+ | AVAILABILITY | EC2 | VOLUMES | SECURITY | | | | | | | EC2 TAGS | | ZONE | | (NONE) - NOT ENCRYPTED | GROUPS | | | | | | | | | | | (DKMS) - ENCRYPTED WITH | (INCOMING CIDR = 0.0.0.0/0) | | | | | DEFAULT KMSKEY | | | | | | | ID : PROTOCOL : PORT | | +---------------+---------------------+--------------------------------+-----------------------------------+----------+ | eu-central-1a | i-0fa345j6756nb3v23 | vol-0a81288qjd188424d[DKMS] | sg-aaaaaaaa : tcp : 22 | App:some | | | | vol-0c2834re8dfsd8sdf[NONE] | sg-aaaaaaaa : tcp : 22 | Key:Val | +---------------+---------------------+--------------------------------+-----------------------------------+----------+
How to read it
- First column
AVAILABILITY ZONE
contains information where the instance is placed - Second column
EC2
contains instance ID. - Third column
Volumes
contains IDs of attached volumes(virtual disks) to given EC2. Suffixes meaning:[NONE]
- Volume non encrypted.[DKMS]
- Volume encrypted using AWS Default KMS Key. More near KMS y'all tin rank the axe honour here
- Fourth column
Security Groups
contains IDs of safety groups that convey likewise opened upwardly permissions. e.g. CIDR block is equal to0.0.0.0/0
(open to the whole world). - Fifth column
EC2 TAGS
contains tags of a given EC2 instance to assistance y'all position role of this instance.
Docs
You tin rank the axe honour to a greater extent than information near encryption inwards the next documentation:
S3 Scan
How to use
To perform audit on all S3 buckets, type:
$ cloud-security-audit --service s3
Cloud Security Audit supports AWS profiles - to specify profile work the flag -p
or --profile
.Example output
+------------------------------+---------+---------+-------------+------------+ | BUCKET NAME | DEFAULT | LOGGING | ACL | POLICY | | | | | | | | | SSE | ENABLED | IS PUBLIC | IS PUBLIC | | | | | | | | | | | R - READ | R - READ | | | | | | | | | | | westward - WRITE | westward - WRITE | | | | | | | | | | | D - DELETE | D - DELETE | +------------------------------+---------+---------+-------------+------------+ | bucket1 | NONE | truthful | faux | faux | +------------------------------+---------+---------+-------------+------------+ | bucket2 | DKMS | faux | faux | truthful [R] | +------------------------------+---------+---------+-------------+------------+ | bucket3 | AES256 | faux | truthful [RWD] | faux | +--------------------------- --+---------+---------+-------------+------------+
How to read it
- First column
BUCKET NAME
contains names of the s3 buckets. - Second column
DEFAULT SSE
gives y'all information on which default type of server side encryption was used inwards your S3 bucket:
NONE
- Default SSE non enabled.DKMS
- Default SSE enabled, AWS KMS Key used to encrypt data.AES256
- Default SSE enabled, AES256.
- Third column
LOGGING ENABLED
contains information if Server access logging was enabled for a given S3 bucket. This provides detailed records for the requests that are made to an S3 bucket. More information near Server Access Logging tin rank the axe survive constitute here - Fourth column
ACL IS PUBLIC
provides information if ACL (Access Control List) contains permissions, that brand the bucket world (allow read/writes for anyone). More information near ACLs here - Fifth column
POLICY IS PUBLIC
contains information if bucket's policy allows whatsoever activeness (read/write) for an anonymous user. More near bucket policies here R, westward in addition to D letters depict what type of activeness is available for everyone.
Docs
You tin rank the axe honour to a greater extent than near securing your S3's inwards the next documentations:
- https://docs.aws.amazon.com/AmazonS3/latest/dev/serv-side-encryption.html
- https://docs.aws.amazon.com/AmazonS3/latest/dev/ServerLogs.html
- https://docs.aws.amazon.com/AmazonS3/latest/user-guide/server-access-logging.html
License
Apache License 2.0
Maintainers
Thus the article Cloud Safety Audit - A Dominance Draw Of Piece Of Occupation Safety Audit Tool For Amazon Spider Web Services
That's all the article Cloud Safety Audit - A Dominance Draw Of Piece Of Occupation Safety Audit Tool For Amazon Spider Web Services this time, hopefully can benefit you all. okay, see you in another article posting.
You are now reading the article Cloud Safety Audit - A Dominance Draw Of Piece Of Occupation Safety Audit Tool For Amazon Spider Web Services with the link address https://mederc.blogspot.com/2013/08/cloud-safety-audit-dominance-draw-of.html