Comments (5)
iamhasibrahman
commented on June 26, 2024
Any update on this?
from aws-security-benchmark.
HenrikJaySmith
commented on June 26, 2024
Regarding #4 and $5. If you implement the "aws-security-benchmark/aws_cis_foundation_framework/aws-cis-foundation-benchmark-checklist.py" as a config rule it will run on a regular schedule and send email with the findings. Meaning all resources that were not configured correctly.
The CFn template have a number of config rules and cloudwatch events in it that will alert when configured incorrectly but won't give full report as the benchmark will.
Non of the scripts have remediation built in at this point, I am looking at that for future version for the benchmark.
Assigning to Rob regarding #1-3 and the CFn template what it enables.
from aws-security-benchmark.
iamhasibrahman
commented on June 26, 2024
Thanks Henrik. Looking forward to hearing from Rob!
from aws-security-benchmark.
barnesrobert
commented on June 26, 2024
Unlike the Quick Starts that you mentioned, launching this CIS CloudFormation template won't create networking resources like VPCs or subnets. It creates the logging, monitoring, and alarming controls as identified in the CIS benchmarks; you can refer to the security control matrix for a mapping of the controls to the benchmarks.
I hope this helps.
from aws-security-benchmark.
barnesrobert
commented on June 26, 2024
Closing this issue. Please let us know if you need anything further.
from aws-security-benchmark.
Related Issues (20)
- Add an option for HTML Only output HOT 1
- New region? HOT 1
- do we still need InstancesMustUseIamRoles Rule in CIS Template? HOT 1
- 2.1, 2.4 not clearing old data
- Could not connect to the endpoint URL: "https://config.ap-northeast-3.amazonaws.com/" HOT 1
- Link to Community not working on "CIS_Amazon_Web_Services_Foundations_Benchmark_v1.1.0.pdf"
- Throttling Error HOT 2
- Add an Opt in/Opt out Parameter for each AWS config Rule
- EvaluatePolicyPermissions expression
- Control 1.2 (require MFA) doesn't seem to recognize U2F-based MFA.
- control_2_4_ensure_cloudtrail_cloudwatch_logs_integration fails in Gov-Cloud
- CIS 1.4 checking for access key last used date along with access key last rotated date
- Should the AdministratorAccess Managed Policy count?
- Is this project still being maintained? HOT 13
- Getting Invalid IPV6 URL
- Getting _csv.Error: iterator should return strings with Python3
- Possible bug/typo in EvaluateCloudTrailBucket Lambda?
- CIS-3.10-SecurityGroupChanges failed in AWS but passed here
- CIS AWS Foundations Benchmark v1.2.0 support HOT 1
- Deployment instructions
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from aws-security-benchmark.