Open davidkelliott opened 2 years ago
dms1981
commented
1 year ago The most obvious tool to use here would be AWS Firewall Manager, as it can be used to audit security groups across, for example, a OU: How to continuously audit and limit security groups with AWS Firewall Manager
An alternative option would be something like (https://steampipe.io/), but I think that would require an account-by-account approach.
dms1981
commented
1 year ago The most obvious tool to use here would be AWS Firewall Manager, as it can be used to audit security groups across, for example, a OU: How to continuously audit and limit security groups with AWS Firewall Manager
An alternative option would be something like (https://steampipe.io/), but I think that would require an account-by-account approach.
github-actions[bot]
commented
1 year ago This issue is stale because it has been open 90 days with no activity.
davidkelliott
commented
9 months ago These are also currently raised by security hub
dms1981
commented
4 months ago We do also have our secure analysis tools to check these things.
github-actions[bot]
commented
2 weeks ago This issue is stale because it has been open 90 days with no activity.
User Story
As a Modernisation Platform Engineer I want to investigate methods for auditing AWS Security Group rules So that we are appropriately using open SG rules
User Type(s)
Modernisation Platform Customer
Value
Review how we check and monitor security group access, this is to ensure customers don't configure unprotected access points to the modernisation platform.
Does SecurityHub do enough? Is it just a question of correlating the results so that we can take action?
Questions / Assumptions / Hypothesis
Definition of done
Reference
How to write good user stories