AWS Extended Cloud Findings with Metadata

What is this feature?

We are excited to announce a significant expansion of our AWS Cloud Findings along with Metadata in the Scrut platform. With this release, we are adding 23 new test findings, each accompanied by comprehensive metadata, to provide enhanced insights into your AWS infrastructure's security posture. The new 23 AWS test findings are listed below:

1. Global Service Logging Duplicated

2. Trail Is Not Integrated with CloudWatch

3. Data Events Logging Not Configured

4. CloudTrail Logs Not Encrypted with KMS Customer Master Keys (CMKs)

5. Group with No Users

6. User without MFA

7. Users with Access Keys Created during Initial Setup and Not Used

8. Auto Minor Version Upgrade Disabled

9. RDS Instance Publicly Accessible

10. Publicly Accessible Snapshot

11. DKIM Not Enabled

12. DKIM Not Verified

13. Publicly Accessible AMI

14. Unused Security Group

15. Public EBS Snapshot

16. Potential Secret in Instance User Data

17. Instance with a Public IP Address

18. Drop Invalid Header Fields Disabled

19. Bucket without MFA Delete

20. GetTopicAttributes Authorized to All Principals

21. ListSubscriptionsByTopic Authorized to All Principals

22. Queue with Encryption Disabled

23. Version Upgrade Disabled

How to Access AWS Extended Cloud Findings with Metadata:

1. Log in to the Scrut platform.

2. Navigate to the 'Cloud', go to the 'Tests' section.

3. Select your AWS account and explore the newly added test findings, each accompanied by detailed metadata.

4. To view the metadata, click on any one of the resources that you would like to see the metadata for, and a page with the information will be opened from the right side.

If you have any questions or issues, please reach out to your assigned Customer Success Manager. They'll be happy to assist you!

To view all the product updates, please click here.