Scout Suite v5.2 releases: Multi-Cloud Security Auditing Tool
Scout Suite is a multi-cloud security auditing tool, which enables assessing the security posture of cloud environments. Using the APIs exposed by cloud providers, Scout gathers configuration data for manual inspection and highlights risk areas. Rather than pouring through dozens of pages on the web consoles, Scout provides a clear view of the attack surface automatically.
Scout Suite is stable and actively maintained, but a number of features and internals may change. As such, please bear with us as we find time to work on, and improve the tool. Feel free to report a bug with details (please provide console output using the –debug argument), request a new feature, or send a pull request.
The latest (and final) version of Scout2 can be found in https://github.com/nccgroup/Scout2/releases andhttps://pypi.org/project/AWSScout2. Further work is not planned for Scout2. Fixes will be implemented in Scout Suite.
The following cloud providers are currently supported/planned:
- Amazon Web Services
- Google Cloud Platform (beta)
- Azure (early alpha)
- Adds GCP and Azure CIS benchmark rulesets
- Renames AWS CIS ruleset to
- Adds a number of GCP findings
- Improves the implementation of Azure’s authentication strategy
- Updates to finding rationales and descriptions for all providers
- Updates to default rulesets for all providers
- Improves the UI
- Bug fixes, improved error handling
Install via pip:
$ pip install scoutsuite
Install from source:
$ git clone https://github.com/nccgroup/ScoutSuite $ cd ScoutSuite $ virtualenv -p python3 venv $ source venv/bin/activate $ pip install -r requirements.txt $ python Scout.py --help
Copyright (C) 2018 nccgroup