Tool Release – ScoutSuite 5.9.0

We’re proud to announce the release of a new version of our open-source, multi-cloud auditing tool ScoutSuite (on Github)! Since the release of 5.8.0 back in late March, we’ve had over 300 commits from 8 different contributors, and closed 30 PRs.

Notable improvements and features include:

AWS

  • Added 4 new ELB and ELBv2 findings
  • Added support for the “Amazon S3 Block Public Access” feature
  • Improved Lambda support
  • Added support for RDS Aurora instances

Azure

  • Improved the authentication flow and handling of subscriptions

GCP

  • Added logic that validates if an API is enabled for a service and project, speeding executions
  • Added support for Stackdriver Monitoring
  • Merged IAM and Resource Manager services
  • Improved report content

Core

  • Improved README and Wiki
  • Updated the rule format (see: How to create a new rule), which now supports:
    • remediation and compliance information
    • external references
    • a class_suffix field to highlight multiple elements in the report
  • Improved the content of over 100 rules, to take advantage of the updated format. Included the addition of better rationales as well as references.
  • Improved region handling.
  • Added ability to export a high level finding summary
  • Added a tool to upload findings directly to AWS Security Hub

Check out the Github page for the release, as well further documentation!

For those wanting a Software-as-a-Service version, we also offer NCC Scout. This service includes persistent monitoring, as well as coverage of additional services across the three major public cloud platforms. If you would like to hear more, reach out to scout@nccgroup.com or visit our cyberstore