Closed scriptsrc closed 6 years ago
cstewart87
commented
7 years ago We have some issues we're more worried about than others, so it would be nice to allow users to define their own "Reports" template. Maybe have a default one in this code base, then make the location configurable in config-*.py.
mikegrima
commented
7 years ago I wonder if it makes sense to consolidate Unknown Cross Account into Top Issues instead of listing each technology. Is there interest in having Unknown Cross Account exploded per technology?
scriptsrc
commented
7 years ago Maybe it could be related to #535. After you select an issue score, you could also select whether the issue type should appear as a menu link (and under which heading). (We have an additional feature where we'd like to select certain issues for special handling like filing a jira or calling out to pager duty.)
Good discussion.
kuberkaul
commented
7 years ago Adding to this issue. The reports drop down doesn't scroll down for me even though once I inspect element I can see there are more options in dropdown available
fyi - as i move to a bigger screen , I can see the entire dropdown (of course)
scriptsrc
commented
6 years ago Fixed in #757
The reports dropdown is a somewhat random list of issue searches.
It should be refactored to be more organized.
Idea: Break it into multiple (3) dropdowns
Publicly Accessible -- S3 -- SNS -- KMS -- SQS -- ES -- SG -- ANY
Unknown Cross Account -- S3 -- SNS -- KMS -- SQS -- ES -- SG -- IAM Role Trust Policy -- ANY
Top Issues (?? Misconfigured?) -- Access Keys (active/inactive/unused) -- CloudTrail (disabled/not multi-region) -- ELB TLS Policies (Support SSLv3, old ciphers, etc) -- SSL (Expired/Revoked, Poorly Created) -- IAM sensitive actions (user/role/group/policy with things like
iam:passrole) -- VPC (Flowlogs not enabled) -- SES (email/domain not verified)Review the auditors for more.