Closed scriptsrc closed 6 years ago
We have some issues we're more worried about than others, so it would be nice to allow users to define their own "Reports" template. Maybe have a default one in this code base, then make the location configurable in config-*.py.
I wonder if it makes sense to consolidate Unknown Cross Account
into Top Issues
instead of listing each technology. Is there interest in having Unknown Cross Account
exploded per technology?
Maybe it could be related to #535. After you select an issue score, you could also select whether the issue type should appear as a menu link (and under which heading). (We have an additional feature where we'd like to select certain issues for special handling like filing a jira or calling out to pager duty.)
Good discussion.
Adding to this issue. The reports drop down doesn't scroll down for me even though once I inspect element I can see there are more options in dropdown available
fyi - as i move to a bigger screen , I can see the entire dropdown (of course)
Fixed in #757
The reports dropdown is a somewhat random list of issue searches.
It should be refactored to be more organized.
Idea: Break it into multiple (3) dropdowns
Publicly Accessible -- S3 -- SNS -- KMS -- SQS -- ES -- SG -- ANY
Unknown Cross Account -- S3 -- SNS -- KMS -- SQS -- ES -- SG -- IAM Role Trust Policy -- ANY
Top Issues (?? Misconfigured?) -- Access Keys (active/inactive/unused) -- CloudTrail (disabled/not multi-region) -- ELB TLS Policies (Support SSLv3, old ciphers, etc) -- SSL (Expired/Revoked, Poorly Created) -- IAM sensitive actions (user/role/group/policy with things like
iam:passrole
) -- VPC (Flowlogs not enabled) -- SES (email/domain not verified)Review the auditors for more.