Hackers of India

Cloud Security Suite - One Stop Tool for AWS/GCP Security Audit

By  Jayesh Chauhan   Shivankar Madaan  on 23 Mar 2018 @ Blackhat : Arsenal

This Tool Demo covers following tools where the speaker has contributed or authored
CLOUD SECURITY SUITE

Abstract

Nowadays, cloud infrastructure is pretty much the de-facto service used by large/small companies. Most of the major organizations have entirely moved to cloud. With more and more companies moving to cloud, the security of cloud becomes a major concern. While AWS & GCP provides you protection with traditional security methodologies and has a neat structure for authorisation/configuration, its security is as robust as the person in charge of creating/assigning these configuration policies. As we all know, human error is inevitable and any such human mistake could lead to catastrophic damage to the environment.

A few vulnerable scenarios: Your security groups, password policy or IAM policies are not configured properly

Knowing all this, audit of AWS/GCP infrastructure becomes a hectic task! There are few open source tools that help AWS/GCP auditing, but none of them have an exhaustive checklist. Also, collecting, setting up all the tools, and looking at different result sets is a painful task. Moreover, while maintaining big infrastructures, system audit of server instances is a major task as well.

CS Suite is a one stop tool for auditing the security posture of the AWS/GCP infrastructure and does OS audits as well. CS Suite leverages current open-source tools capabilities and has other missing checks added into one tool to rule them all. CS-Suite also supports JSON output which can be consumed for further usage. PRESENTED BY Jayesh Chauhan & Shivankar Madaan