steampipe-mod-aws-compliance
prowler
Our great sponsors
steampipe-mod-aws-compliance | prowler | |
---|---|---|
18 | 24 | |
343 | 9,403 | |
2.6% | 3.7% | |
8.4 | 9.9 | |
6 days ago | 7 days ago | |
HCL | Python | |
Apache License 2.0 | Apache License 2.0 |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
steampipe-mod-aws-compliance
-
How to run an AWS CIS v3.0 assessment in CloudShell
In a prior post I showed how to install Steampipe in AWS CloudShell to instantly query over 460+ resource types from your AWS APIs using SQL, and another post on how to use the Steampipe AWS Compliance mod to assess over 25+ security benchmarks across your AWS accounts.
-
Open source automated AWS CIS v2.0 benchmark assessment just released by Steampipe.io
GitHub: https://github.com/turbot/steampipe-mod-aws-compliance
The Steampipe AWS Compliance mod, is packed with hundreds of open source controls that evaluate your AWS accounts for compliance with 25 benchmarks (NIST, PCI, HIPAA, etc). The mod now also includes new controls for AWS CIS v2.0.
-
Steampipe vs aws security hub
The Steampipe AWS Compliance mod has more coverage with 21 security benchmarks (e.g. CIS v1.5, PCI, Foundations, NIST 800-53 rev5, etc).
- Scanning for AWS Security Issues with Trivy
-
Open source AWS Dashboards: Visualize your AWS assets & security reports; 100+ dashboards out of the box; Build your own with HCL & SQL.
AWS Compliance mod: includes instant compliance reports for CIS, PCI, NIST, HIPAA, SOC2 & more: https://hub.steampipe.io/mods/turbot/aws_compliance
-
How to perform a security audit of your AWS account in AWS CloudShell
For example, the AWS Compliance Mod layers benchmarks and controls covering 13 compliance standards including CIS, HIPAA, NIST, PCI, FedRAMP, SOC 2 and more. Each benchmark includes a set of pass/fail controls. Each control tests for a compliance recommendation such as "EC2 instances" should be managed by AWS Systems Manager" and reports OK or Alarm.
git clone https://github.com/turbot/steampipe-mod-aws-compliance cd steampipe-mod-aws-compliance
-
Compliance as code for AWS
Steampipe (https://steampipe.io) is an open source CLI to query AWS and more with SQL. The AWS Compliance mod (https://hub.steampipe.io/mods/turbot/aws_compliance) has over 500 controls out of the box covering CIS, PCI, NIST, HIPAA, SOC2 & more you can run in your terminal across all your AWS accounts.
-
About Optimizing for Speed: How to do complete AWS Security&Compliance Scans in 5 minutes
sudo /bin/sh -c "$(curl -fsSL https://raw.githubusercontent.com/turbot/steampipe/main/install.sh)" steampipe plugin install steampipe steampipe plugin install aws git clone https://github.com/turbot/steampipe-mod-aws-compliance.git cd steampipe-mod-aws-compliance aws iam generate-credential-report
prowler
-
Azure and M365 Secure Config Review
Prowler and ScoutSuite are a good start for cloud stuff.
-
Open source alternative cloud security tool that works like Wiz/Lacework/Aqua
Im using prowler for aws and recently they added support for Azure, which ia great. Prowler Its not exactly a 100% cspm, but with some tweaking and integrations, it might be. Im usually running this is a 1 time assessment to see the current status of the environment.
Yes! There are open source cloud security tools! Here are some open source tools out there: steampipe, prowler, cloudquery, and ZeusCloud.
-
CSPM opensource suggestions
If AWS is in use then i would add prowler to the list - https://github.com/prowler-cloud/prowler This is the best open source cspm for aws.
-
Automated penetration testing for a cloud infrastructure
Here is a good open source option to get started: https://github.com/prowler-cloud/prowler
-
Pentesting
To add onto what /u/mekkr_ has said; you can also use tools like Prowler to ensure your environment is compliant. Prowler also has conmon and forensic capabilities.
-
Using Prowler to Audit your AWS account for vulnerabilities.
Few days ago I came across this repository and I found Prowler(Go Star the repo).
-
About Optimizing for Speed: How to do complete AWS Security&Compliance Scans in 5 minutes
Prowler
-
Automating Prowler for Compliance Checking in AWS
AWSTemplateFormatVersion: "2010-09-09" Description: "Create EC2 instanace with Prowler pre-configured and tied to roles to run" # Template Parameters # ImageId : Default is AWS Linux 2 ami-0e1d30f2c40c4c701 # InstanceType : Default is t3.micro # VpcId : VPC to launch in # SubnetId : Subnet to connect # KeyName : Keypair to use # CidrIp : CIDR range for SSH x.x.x.x/x Resources: # Create Prowler Instance - Parameters for ImageId, InstanceType, SubnetId, SecurityGroupIds, and KeyName ProwlerInstance: Type: 'AWS::EC2::Instance' Properties: ImageId: !Ref ImageId InstanceType: !Ref InstanceType SubnetId: !Ref SubnetId SecurityGroupIds: - !Ref InstanceSecurityGroup KeyName: !Ref KeyName IamInstanceProfile: !Ref ProwlerInstanceProfile Tags: - Key: Name Value: Prowler BlockDeviceMappings: - DeviceName: /dev/xvda Ebs: VolumeSize: 8 Encrypted: true # Run bash to install and configure Prowler UserData: Fn::Base64: !Sub | #!/bin/bash -xe sudo yum update -y sudo yum remove -y awscli cd /home/ec2-user curl "https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip" -o "/home/ec2-user/awscliv2.zip" unzip /home/ec2-user/awscliv2.zip sudo /home/ec2-user/aws/install sudo yum install -y python3 jq git sudo pip3 install detect-secrets==1.0.3 git clone https://github.com/prowler-cloud/prowler /home/ec2-user/prowler chown -R ec2-user:ec2-user /home/ec2-user/prowler ProwlerInstanceProfile: Type: AWS::IAM::InstanceProfile Properties: InstanceProfileName: prowler-ec2-instance-profile Path: / Roles: - !Ref ProwlerEc2InstanceRole # Create Security Group InstanceSecurityGroup: Type: AWS::EC2::SecurityGroup Properties: GroupDescription: Allow ssh from specific host GroupName: ProwlerSecurityGroup VpcId: !Ref VpcId SecurityGroupIngress: - IpProtocol: 'tcp' FromPort: '22' ToPort: '22' CidrIp: !Ref CidrIp # Create EC2 Instance Role to run security checks and attach to instance ProwlerEc2InstanceRole: Type: AWS::IAM::Role Properties: RoleName: prowler-ec2-instance-role AssumeRolePolicyDocument: Version: 2012-10-17 Statement: - Effect: Allow Principal: Service: - ec2.amazonaws.com Action: - sts:AssumeRole ManagedPolicyArns: - arn:aws:iam::aws:policy/SecurityAudit - arn:aws:iam::aws:policy/job-function/ViewOnlyAccess Path: / # Parameters for cloudformation template with some defaults Parameters: ImageId: Type: String Description: AMI - Linux 2 Default: 'ami-0e1d30f2c40c4c701' InstanceType: Type: String Description: Instance type to be used - t3.micro default Default: t3.micro VpcId: Type: AWS::EC2::VPC::Id Description: VPC to be used SubnetId: Type: AWS::EC2::Subnet::Id Description: Subnet to be used KeyName: Type: AWS::EC2::KeyPair::KeyName Description: Keyname CidrIp: Type: String Description: CidrIp to be used to connect from x.x.x.x/x Metadata: AWS::CloudFormation::Interface: ParameterGroups: - Label: default: "Network Configuration" Parameters: - ImageId - InstanceType - VpcId - SubnetId - KeyName - CidrIp Conditions: {}
-
Starting to use AWS CLI at work. Need beginner tips.
For SecOps often a wrapper library like https://github.com/toniblyx/prowler will provide you the results you need for audits. If they don't exist natively then you can extend the library to add them for future use.
What are some alternatives?
ScoutSuite - Multi-Cloud Security Auditing Tool
cloudquery - The open source high performance data integration platform built for developers.
cloudmapper - CloudMapper helps you analyze your Amazon Web Services (AWS) environments.
terraform-aws-secure-baseline - Terraform module to set up your AWS account with the secure baseline configuration based on CIS Amazon Web Services Foundations and AWS Foundational Security Best Practices.
opencspm - Open Cloud Security Posture Management Engine
CIS-Ubuntu-20.04-Ansible - Ansible Role to Automate CIS v1.1.0 Ubuntu Linux 18.04 LTS, 20.04 LTS Remediation
terraform-security-scan - Run a security scan on your terraform with the very nice https://github.com/aquasecurity/tfsec
Android-PIN-Bruteforce - Unlock an Android phone (or device) by bruteforcing the lockscreen PIN. Turn your Kali Nethunter phone into a bruteforce PIN cracker for Android devices! (no root, no adb)
lynis - Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.
steampipe-mod-zoom-compliance - Run individual configuration, compliance and security controls or full compliance benchmarks for CIS for Zoom using Powerpipe and Steampipe.
aws-wsl2-environment - Bash script to setup development environment for AWS under WSL2 for Windows 10 using Ubuntu 20-04. aws-cli, aws-cdk, SSH for git, AWS utilities cfn-diagram and cfn-lint, jq JSON parser and associated dependencies.