ElectricEye is a multi-cloud, multi-SaaS Python CLI tool for Asset Management, Security Posture Management & Attack Surface Monitoring supporting 100s of services and evaluations to harden your CSP & SaaS environments with controls mapped to over 20 industry, regulatory, and best practice controls frameworks
Apache License 2.0
904
stars
121
forks
source link
Fix missing standards frameworks, add AWS AI Services #277
TL;DR = Fixed missing CIS Benchmarks and control information for the HTML Compliance report. Added AWS AI Service auditors for Bedrock and Q Business.
Closes #276
Overview of changes
Improved logic in AWS Auditor for Amazon EKS, now only the most recent (1.30 as of 21 JUNE 2024) K8s version is accepted for "use the latest K8s release"
Added AWS Auditor for Amazon Bedrock to check for usage of foundation and custom models, may expand in the future...
Added AWS Auditor for Amazon Q Business to check for the usage of Q Biz Apps and if the Apps use KMS CMKs
Updated IAM Role for QBiz and Bedrock
Added missing Azure CIS Benchmark v2.0.0 control information
Fixed all Outputs that report on Compliance controls by adding missing AWS and Azure Benchmarks
Re-added FAQ to main readme
Removed CodeQL sensitive information logging for Salesforce and M365
Small future fixes for Google Workspace (G-Suite) and Snowflake in CloudUtils and EEAuditor
TL;DR = Fixed missing CIS Benchmarks and control information for the HTML Compliance report. Added AWS AI Service auditors for Bedrock and Q Business.
Closes #276
Overview of changes