ElectricEye is a multi-cloud, multi-SaaS Python CLI tool for Asset Management, Security Posture Management & Attack Surface Monitoring supporting 100s of services and evaluations to harden your CSP & SaaS environments with controls mapped to over 20 industry, regulatory, and best practice controls frameworks
Azure has sent me to the depths of despair. Maybe one day I will get back to it, despite the SDK being about as well documented as Neo-Assyrian civilization. Which is to say: Azure docs are on a scale not-at-fucking-all making sense and misleading.
Recap:
Added 110 checks across 9 Auditors and 12 services/components for Azure (a bulk are EASM and NSG checks)
Added more logging, revamped cloud utils for Azure, M365 and OCI
Redid the roadmap, Snowflake and Google Workspace is next for SaaS, everything else is removed. Alibaba and maybe something else is next. No VMC given license changes.
Fixed several documentation errors
Retired 5 AWS checks to match Security Hub
Updated several AWS checks for retirement or updating of logic: SNS, EKS, ACM, S3, CloudFormation
Azure has sent me to the depths of despair. Maybe one day I will get back to it, despite the SDK being about as well documented as Neo-Assyrian civilization. Which is to say: Azure docs are on a scale not-at-fucking-all making sense and misleading.
Recap:
Probably some other stuff I forgot too.