Cloud Security Suite: auditing the security of a AWS infrastructure

CS Suite is tool for auditing the security posture of the AWS infrastructure, using current open source tools capabilities.

Features

  • Simple installation with support of python virtual environment and docker containers
  • Initiate all tools/audit checks in one go
  • AWS Infra Audit:
    • Easify your “open source setup” pain.
    • Compilation of all audit checks in one place
    • Centralized portable reports
    • Audits individual systems
  • AWS Instance Audit:
    • IP-based auditing
    • Region independent Audit (Public IP)
    • Supports both public and private IPs for Default region
    • Automatic Report Generation and Fetching
    • Portable HTML report

Installation

First, some requirements needs to be satisfied:

Python 2.7
pip
git

Second, clone the git repository and start the python setup:

git clone https://github.com/SecurityFTW/cs-suite.git
cd cs-suite/
sudo python setup.py

Finally, install the Virtual Environment:

  • pip install virtualenvironmentwrapper
  • add it to the respective rc file of your shell (bashrc/zshrc) (for fish shell users check virtualfish)
  • echo "source /usr/local/bin/virtualenvwrapper.sh" >> ~/.bashrc
  • source the file source ~/.bashrc
  • cd cs-suite/
  • mkvirtualenv cssuite
  • workon cssuite
  • pip install -r requirements-virtual.txt
  • aws configure

Once installation is done, the tool will ask you for the AWS keys and region. These two are mandatory for the tool to work.

…and run the tool:

python cs.py


More information and downloads

 

Comments