- Notifications
You must be signed in to change notification settings - Fork1.1k
Multi-Cloud Security Auditing Tool
License
nccgroup/ScoutSuite
Folders and files
| Name | Name | Last commit message | Last commit date | |
|---|---|---|---|---|
Repository files navigation
Scout Suite is an open source multi-cloud security-auditing tool, which enables security posture assessment of cloud environments. Using the APIs exposed by cloud providers, Scout Suite gathers configuration data for manual inspection and highlights risk areas. Rather than going through dozens of pages on the web consoles, Scout Suite presents a clear view of the attack surface automatically.
Scout Suite was designed by security consultants/auditors. It is meant to provide a point-in-time security-oriented view of the cloud account it was run in. Once the data has been gathered, all usage may be performed offline.
The project team can be contacted atscoutsuite@nccgroup.com.
The following cloud providers are currently supported:
- Amazon Web Services
- Microsoft Azure
- Google Cloud Platform
- Alibaba Cloud (alpha)
- Oracle Cloud Infrastructure (alpha)
- Kubernetes clusters on a cloud provider (alpha)
- DigitalOcean Cloud (alpha)
Refer to thewiki.
Scout Suite is run through the CLI:
Once this has completed, it will generate an HTML report including findings and Cloud account configuration:
The above report was generated by running Scout Suite againsthttps://github.com/nccgroup/sadcloud.
Additional information can be found in thewiki.There are also a number of handytools for automation of common tasks.
About
Multi-Cloud Security Auditing Tool