Security Monkey: monitors AWS and GCP accounts for policy changes and alerts on insecure configurations
Security Monkey
Security Monkey monitors your AWS and GCP accounts for policy changes and alerts on insecure configurations. It provides a single UI to browse and search through all of your accounts, regions, and cloud services. The monkey remembers previous states and can show you exactly what changed, and when.
Security Monkey can be extended with custom account types, custom watchers, custom auditors, and custom alerts.
It works on CPython 2.7. It is known to work on Ubuntu Linux and OS X.
Install Security Monkey
Create the logging folders:
sudo mkdir /var/log/security_monkey
sudo mkdir /var/www
sudo chown -R `whoami`:www-data /var/log/security_monkey/
sudo chown www-data /var/www
Let’s install the tools we need for Security Monkey:
sudo apt-get update
sudo apt-get -y install python-pip python-dev python-psycopg2 postgresql postgresql-contrib libpq-dev nginx supervisor git libffi-dev gcc python-virtualenv
If you’re not ready to setup AWS RDS or Cloud SQL, follow these instructions to setup a local Postgres DB.
Install Postgres:
sudo apt-get install postgresql postgresql-contrib
Configure the DB:
sudo -u postgres psql
CREATE DATABASE “secmonkey”;
CREATE ROLE “securitymonkeyuser” LOGIN PASSWORD ‘securitymonkeypassword’;
CREATE SCHEMA secmonkey;
GRANT Usage, Create ON SCHEMA “secmonkey” TO “securitymonkeyuser”;
set timezone TO ‘GMT’;
select now();
\q
Clone security_monkey
Releases are on the master branch and are updated about every three months. Bleeding edge features are on the develop branch.
cd /usr/local/src
sudo git clone –depth 1 –branch develop https://github.com/Netflix/security_monkey.git
sudo chown -R `whoami`:www-data /usr/local/src/security_monkey
cd security_monkey
virtualenv venv
source venv/bin/activate
pip install –upgrade setuptools
pip install –upgrade pip
pip install –upgrade urllib3[secure] # to prevent InsecurePlatformWarning
pip install google-compute-engine # Only required on GCP
pip install cloudaux\[gcp\]
python setup.py develop