search

nccgroup / Scout2

Security auditing tool for AWS environments
http://nccgroup.github.io/Scout2/
GNU General Public License v2.0
1.73k stars 300 forks source link

Ruleset Generator #244

Closed timktran closed 6 years ago

timktran commented 6 years ago

A) Wondering if there is a way to customize the Rule Set Generator anymore? like the rule "IAM: Password reuse enabled", instead of just true of false, can we configure it to check for number of passwords to remember?

B) is there any way to import Audit Policies from like CIS?

l01cd3v commented 6 years ago

A) Yes, you probably want to create a new rule first (see https://github.com/nccgroup/Scout2/wiki/HowTo:-Create-a-new-rule), then run the ruleset generator to enable it.

B) There is a ruleset that partially implements an old version of the CIS benchmark for AWS (https://github.com/nccgroup/Scout2/blob/master/AWSScout2/rules/data/rulesets/cis-02-29-2016.json). It's only partial and not up-to-date though. Are there rule definitions somewhere that I could import? I'm only aware of the CIS benchmark document (not an importable format).

x4v13r64 commented 6 years ago

Closed as no update.