Home
Scout Suiteis a security tool that lets AWS administrators assess their environment's security posture. Using the AWS API, Scout Suitegathers configuration data for manual inspection and highlights high-risk areas automatically. Rather than pouring through dozens of pages on the web, Scout Suitesupplies a clear view of the attack surface automatically.
Scout Suitewas designed by security consultants/auditor. It is meant to provide a point-in-time security-oriented view of the AWS account it was run in. Once the data has been gathered, all usage may be performed offline.
For engineers in order to implement periodic and/or continuous review of their AWS environment, Scout Suite may be used a base framework that provides. TODO TODO.
Assuming access to the AWS APIs has already been configured on a machine (e.g. you can use the AWS CLI), then installing and using Scout Suiteshould be trivial:
- Install Scout Suite
pip install scoutsuite
- Run the tool
Scout(--profile <profile-name>)
- Browse the HTML report that is automatically open in the default web browser
- Generate a list of trusted IP ranges
- Generate a custom ruleset
- Provide Scout Suitewith the custom ruleset and trusted IP ranges