Changes:
- Core
- Fixed the
--updatefunctionality - Added epilog to the help menu
- Improved unit test coverage
- Updated dependencies for Azure and GCP
- Fixed the
- AWS
- Added ARNs for a all resources
- Added support for CloudFront distribution lists, as well as 3 new findings
- Added support for CodeBuild
- Added a finding for SQS queue encryption
- Added a finding for IAM Lightspin vulnerability
- Added a finding for RDS instance public access
- Improved fetching and report for AWS resources
- Bug fixes
- Update botocore version
- Fixed XSS issue in report (Thanks to Liyun Li for reporting it!)
- Azure
- Added 3 findings for VM disks
- Improved report and findings' guidance for Azure resources
- Bug fixes
- GCP
- Created a ruleset for GCP CIS version 1.1 (https://www.cisecurity.org/benchmark/google_cloud_computing_platform/)
- Can be run with the --ruleset
cis-1.1.0.jsonparameter - Added support for a number of resources
- Included the addition of 46 new rules, most of which were added to the default ruleset
- Cloud SQL: 11 new findings
- Cloud Storage: 1 new finding
- Compute Engine: 11 new findings
- Cloud DNS: 3 new findings
- IAM: 2 new findings
- KMS: 2 new findings
- Cloud Logging: 8 new findings
- Cloud Monitoring: 8 new findings
- Added support for Cloud Memorystore, as well as 2 new findings
- Added 1 finding for VPC flow logs
- Improved fetching, report and findings' guidance for GCP resources
- Bug fixes
- Docker
- Updated tooling to current versions
- Pulling in the current version of ScoutSuite