Comments (4)
I added one to look for admins who do not have MFA tokens enabled, in #73
from prowler.
Another candidate: identify S3 buckets open to the world
from prowler.
Yes, that's one around S3 I have written already and also the EBS snapshots public check. I'll send the PR later today. They are check72 and check73
from prowler.
Added check72 and check73
7.2 Ensure there are no EBS Snapshots set as Public (Not Scored) (Not part of CIS benchmark)
7.3 Ensure there are no S3 buckets open to AllUsers (Not Scored) (Not part of CIS benchmark)
from prowler.
Related Issues (20)
- Possibility to custom output file using quick inventory HOT 1
- [Bug]: Output issue HOT 9
- [Bug]: False positive on s3_bucket_policy_public_write_access HOT 1
- [Bug]: allow list reporting wrong findings HOT 3
- [Question]: AWS account security questions have been deprecated HOT 3
- [Question]: Remove S3 KMS check, since its enabed by default, and cant be disabled HOT 2
- [Bug]: The assumed role ARN contains a value for resource type different than role, please input a valid ARN HOT 13
- [Bug]: Not getting results for GCP compute instances with public IPs HOT 13
- [Bug]: AWS ECR service crashing if a repo with no policies exists. HOT 4
- Allow AWS Control Tower Account Factory for Terraform(AFT) IAM Roles HOT 2
- Add a new s3 check to verify if objects inside the bucket are public HOT 1
- [Bug]: Brew install Prowler requires python 3.12 - Google CLI SDK doesn't support 3.12.2
- [Bug]: 'NoneType' on checks_to_execute HOT 2
- [Bug]: iam_user_mfa_enabled_console_access - includes root user HOT 1
- [Bug]: compliance csv file seems to be broken HOT 1
- [Bug]: Empty fields (["resources"][0]["region"] and ["finding"]["types"]) in json ocsf result when the target is an Azure account HOT 2
- [Bug]: Recommendation is incorrect for check "cloudwatch_changes_to_network_route_tables_alarm_configured" HOT 1
- [Bug]: vpc_different_regions check returning false positive HOT 4
- [Bug]: cloudformation_stacks_termination_protection_enabled is not performed / sent to security hub HOT 1
- Security Group Allows Public IP address(es)
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from prowler.