TjebbeVQ
commented
3 years ago I second this. Both CIS1 and CIS2 don't seem to have CIS compliance plugins. When could we expect an update on this?
Open tusharMathurImpetus opened 3 years ago
TjebbeVQ
commented
3 years ago I second this. Both CIS1 and CIS2 don't seem to have CIS compliance plugins. When could we expect an update on this?
octopop
commented
2 years ago I do not think there will be an update on this given the paid product has all these features and compliance mapping to each plugin. It is unfortunate and contrary because Aqua claims that they do not limit the OSS version -- as published here on their website:
Scan Without Limits All of CloudSploit's core scanning engine has been open sourced. We do not limit the services, plugins, or scanning features exposed via our open source tools.
jessequinn
commented
2 years ago any update from Aquasecurity here?
hi-artem
commented
1 year ago Any comments from Aqua engineers/product team?
hi-artem
commented
1 year ago Looks like this one is a duplicate https://github.com/aquasecurity/cloudsploit/issues/526
But it has a good explanation of what needs to be added to GCP plugins to make address the issue.
Whenever I try to run the report for Azure Cloud using CIS compliance, I get the error as Nothing to collect as there is no compliance object there for CIS benchmark unlike for HIPAA and PCI. Please do let me know if there is going to be any update on this.