Ruleset cis-02-29-2016.json contains malformed JSON

nccgroup / Scout2

Security auditing tool for AWS environments

http://nccgroup.github.io/Scout2/

GNU General Public License v2.0

1.73k stars 300 forks source link

Ruleset cis-02-29-2016.json contains malformed JSON #217

Closed brunns closed 6 years ago

brunns commented 6 years ago

As of revision 1ad27b8, cis-02-29-2016.json is reported as malformed.

git co 3f8e672
python setup.py install && Scout2 --ruleset cis-02-29-2016.json --no-browser

works fine.

git co 1ad27b8
python setup.py install && Scout2 --ruleset cis-02-29-2016.json --no-browser

fails with:

Error: ruleset filecis-02-29-2016.json contains malformed JSON

l01cd3v commented 6 years ago

Thanks ! Should be fixed now - Note that this ruleset is not a complete match w/ the CIS benchmark as Scout2 does not support several services related to monitoring

brunns commented 6 years ago

Cool, thank you very much! We may be able to commit some time to add any services which aren't currently supported - do you have a list of them anywhere?

l01cd3v commented 6 years ago

I don't have the list handy, but it's pretty much the difference between services mentioned in the CIS benchmark and the list of services you see in the Scout2 navbar.

I have a number of higher priority issues to take care of so adding support for these may not happen for a while; PRs are welcome though :) Check out the wiki if you're curious about the tools internals and how to fetch config for new services and create rules.

Basically, the main reason for not putting much effort towards implementing checks for the logging/monitoring section is that most AWS accounts I've reviewed had logging/monitoring implemented outside of the AWS account.