prowler
CIS-Ubuntu-20.04-Ansible
Our great sponsors
prowler | CIS-Ubuntu-20.04-Ansible | |
---|---|---|
24 | 4 | |
9,424 | 240 | |
3.7% | - | |
9.9 | 2.8 | |
about 23 hours ago | 17 days ago | |
Python | HTML | |
Apache License 2.0 | GNU General Public License v3.0 only |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
prowler
-
Azure and M365 Secure Config Review
Prowler and ScoutSuite are a good start for cloud stuff.
-
Open source alternative cloud security tool that works like Wiz/Lacework/Aqua
Im using prowler for aws and recently they added support for Azure, which ia great. Prowler Its not exactly a 100% cspm, but with some tweaking and integrations, it might be. Im usually running this is a 1 time assessment to see the current status of the environment.
Yes! There are open source cloud security tools! Here are some open source tools out there: steampipe, prowler, cloudquery, and ZeusCloud.
-
CSPM opensource suggestions
If AWS is in use then i would add prowler to the list - https://github.com/prowler-cloud/prowler This is the best open source cspm for aws.
-
Automated penetration testing for a cloud infrastructure
Here is a good open source option to get started: https://github.com/prowler-cloud/prowler
-
Pentesting
To add onto what /u/mekkr_ has said; you can also use tools like Prowler to ensure your environment is compliant. Prowler also has conmon and forensic capabilities.
-
Using Prowler to Audit your AWS account for vulnerabilities.
Few days ago I came across this repository and I found Prowler(Go Star the repo).
-
About Optimizing for Speed: How to do complete AWS Security&Compliance Scans in 5 minutes
Prowler
-
Automating Prowler for Compliance Checking in AWS
AWSTemplateFormatVersion: "2010-09-09" Description: "Create EC2 instanace with Prowler pre-configured and tied to roles to run" # Template Parameters # ImageId : Default is AWS Linux 2 ami-0e1d30f2c40c4c701 # InstanceType : Default is t3.micro # VpcId : VPC to launch in # SubnetId : Subnet to connect # KeyName : Keypair to use # CidrIp : CIDR range for SSH x.x.x.x/x Resources: # Create Prowler Instance - Parameters for ImageId, InstanceType, SubnetId, SecurityGroupIds, and KeyName ProwlerInstance: Type: 'AWS::EC2::Instance' Properties: ImageId: !Ref ImageId InstanceType: !Ref InstanceType SubnetId: !Ref SubnetId SecurityGroupIds: - !Ref InstanceSecurityGroup KeyName: !Ref KeyName IamInstanceProfile: !Ref ProwlerInstanceProfile Tags: - Key: Name Value: Prowler BlockDeviceMappings: - DeviceName: /dev/xvda Ebs: VolumeSize: 8 Encrypted: true # Run bash to install and configure Prowler UserData: Fn::Base64: !Sub | #!/bin/bash -xe sudo yum update -y sudo yum remove -y awscli cd /home/ec2-user curl "https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip" -o "/home/ec2-user/awscliv2.zip" unzip /home/ec2-user/awscliv2.zip sudo /home/ec2-user/aws/install sudo yum install -y python3 jq git sudo pip3 install detect-secrets==1.0.3 git clone https://github.com/prowler-cloud/prowler /home/ec2-user/prowler chown -R ec2-user:ec2-user /home/ec2-user/prowler ProwlerInstanceProfile: Type: AWS::IAM::InstanceProfile Properties: InstanceProfileName: prowler-ec2-instance-profile Path: / Roles: - !Ref ProwlerEc2InstanceRole # Create Security Group InstanceSecurityGroup: Type: AWS::EC2::SecurityGroup Properties: GroupDescription: Allow ssh from specific host GroupName: ProwlerSecurityGroup VpcId: !Ref VpcId SecurityGroupIngress: - IpProtocol: 'tcp' FromPort: '22' ToPort: '22' CidrIp: !Ref CidrIp # Create EC2 Instance Role to run security checks and attach to instance ProwlerEc2InstanceRole: Type: AWS::IAM::Role Properties: RoleName: prowler-ec2-instance-role AssumeRolePolicyDocument: Version: 2012-10-17 Statement: - Effect: Allow Principal: Service: - ec2.amazonaws.com Action: - sts:AssumeRole ManagedPolicyArns: - arn:aws:iam::aws:policy/SecurityAudit - arn:aws:iam::aws:policy/job-function/ViewOnlyAccess Path: / # Parameters for cloudformation template with some defaults Parameters: ImageId: Type: String Description: AMI - Linux 2 Default: 'ami-0e1d30f2c40c4c701' InstanceType: Type: String Description: Instance type to be used - t3.micro default Default: t3.micro VpcId: Type: AWS::EC2::VPC::Id Description: VPC to be used SubnetId: Type: AWS::EC2::Subnet::Id Description: Subnet to be used KeyName: Type: AWS::EC2::KeyPair::KeyName Description: Keyname CidrIp: Type: String Description: CidrIp to be used to connect from x.x.x.x/x Metadata: AWS::CloudFormation::Interface: ParameterGroups: - Label: default: "Network Configuration" Parameters: - ImageId - InstanceType - VpcId - SubnetId - KeyName - CidrIp Conditions: {}
-
Starting to use AWS CLI at work. Need beginner tips.
For SecOps often a wrapper library like https://github.com/toniblyx/prowler will provide you the results you need for audits. If they don't exist natively then you can extend the library to add them for future use.
CIS-Ubuntu-20.04-Ansible
- CIS Roles
-
Sending pretty HTML job reports with Ansible
yes it is :) this is the github repo: CIS-Ubuntu-20.04-Ansible
What are some alternatives?
ScoutSuite - Multi-Cloud Security Auditing Tool
ansible-role-hardening - Ansible role to apply a security baseline. Systemd edition.
packer-ubuntu20.04 - Packer vsphere-iso builder for Ubuntu-20.04
terraform-aws-secure-baseline - Terraform module to set up your AWS account with the secure baseline configuration based on CIS Amazon Web Services Foundations and AWS Foundational Security Best Practices.
cloudmapper - CloudMapper helps you analyze your Amazon Web Services (AWS) environments.
steampipe-mod-aws-compliance - Run individual controls or full compliance benchmarks for CIS, PCI, NIST, HIPAA and more across all of your AWS accounts using Powerpipe and Steampipe.
opencspm - Open Cloud Security Posture Management Engine
terraform-security-scan - Run a security scan on your terraform with the very nice https://github.com/aquasecurity/tfsec
Android-PIN-Bruteforce - Unlock an Android phone (or device) by bruteforcing the lockscreen PIN. Turn your Kali Nethunter phone into a bruteforce PIN cracker for Android devices! (no root, no adb)
ara - ARA Records Ansible and makes it easier to understand and troubleshoot.
lynis - Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.