Toni de la Fuente
bcdd12bf84
Add new check extra7131 RDS minor version upgrade
2021-01-13 12:51:49 +01:00
Toni de la Fuente
eac59cade8
Add new check extra_7130 to check encryption of a SNS topic @mpratsch
...
Add new check extra_7130 to check encryption of a SNS topic @mpratsch
2021-01-08 13:54:55 +01:00
Martina Rath
994abe8fa3
Add check7130 to group7_extras and fix some issues
2021-01-08 13:43:46 +01:00
Toni de la Fuente
6ad1816e37
Fix EKS related checks regarding us-west-1 @njgibbon
...
Fix EKS related checks regarding us-west-1 @njgibbon
2021-01-07 19:29:22 +01:00
Martina Rath
9a060a3c43
Add new extras check (7130) to check encryption of a SNS topic
2020-12-30 08:46:13 +01:00
Barrie Bremner
75e5de9c37
Accept current most restrictive TLSv1.2-only ALB security policy as secure
...
The `ELBSecurityPolicy-FS-1-2-Res-2020-10` policy is the most
restrictive TLS v1.2 only SSL/TLS security policy available, and is a
subset of the already accepted `ELBSecurityPolicy-FS-1-2-Res-2019-08`
policy - this commit adds `ELBSecurityPolicy-FS-1-2-Res-2020-10` to
the list of acceptable "secure" security policies.
`ELBSecurityPolicy-FS-1-2-Res-2020-10` has a very limited set of
ciphers, is TLS v1.2 only and supports Forward Secrecy.
Current SSL Labs tests gives it an "A" rating for another source of
confirmation.
2020-12-24 16:52:01 +00:00
njgibbon
4adc7f5864
feat - fix - taking out eks check condition because california region
2020-12-24 00:00:06 +00:00
Toni de la Fuente
823c7d4b61
Enhanced check extra740: reworked to consider all snapshots, use JMESPath query @pacohope
...
Enhanced check extra740: reworked to consider all snapshots, use JMESPath query
2020-12-18 10:17:52 +01:00
Toni de la Fuente
810801fb3d
Fix error handling for SubscriptionRequiredException in extra77
2020-12-17 16:52:18 +01:00
Toni de la Fuente
6ed6a47f8f
Add sleep to extra7102 to avoid Shodan API limits
2020-12-17 15:27:00 +01:00
Toni de la Fuente
7f1df739c4
Added -N <shodan_api_key> support for extra7102
2020-12-15 12:25:47 +01:00
Toni de la Fuente
9ed576b09d
Fix issue in extra776 when ECR Scanning imageDigest @adamcanzuk
...
Fix issue in extra776 when ECR Scanning imageDigest @adamcanzuk
2020-12-14 12:59:19 +01:00
Paco Hope
f3dbecbe89
reworked check740 to consider all snapshots, use JMESPath query, and to limit its output according to max-items
2020-12-10 09:27:43 -05:00
Toni de la Fuente
3d62aedf29
New RC6 including ENS as a new compliance type all formats
2020-12-01 10:03:59 +01:00
Toni de la Fuente
63040e1c07
New 7 checks required for ENS
2020-12-01 09:55:20 +01:00
Toni de la Fuente
600a7c9f2f
Adapt check119 to exclude instances shutting down @stku1985
...
Adapt check119 to exclude instances shutting down @stku1985
2020-11-18 15:30:57 +01:00
Toni de la Fuente
a8fed14cea
Fixed extra7116 extra7117 outputs and added to extras @ramondiez
...
Fixed extra7116 extra7117 outputs and added to extras @ramondiez
2020-11-18 13:41:12 +01:00
Toni de la Fuente
f3d4cc8514
Fixed extra7116 extra7117 outputs and added to extras
2020-11-18 13:31:20 +01:00
Stefan Kunkel
7397126794
adapt check119 to exclude instances shutting down
...
brain fart: used logical 'or' instead of correct '&&'
2020-11-18 13:25:28 +01:00
Stefan Kunkel
147fac0777
adapt check119 to exclude instances shutting down
2020-11-18 13:20:55 +01:00
Ramon Diez
49423dee4a
fixing check_extra7116 and check_extra7117
2020-11-18 12:42:01 +01:00
Toni de la Fuente
c2a2e393cb
Merge branch 'master' into dlpzx-master
2020-11-16 18:31:18 +01:00
Toni de la Fuente
7cd1413c93
Glue grup 2 corrections
2020-11-16 18:29:16 +01:00
Toni de la Fuente
9c39f69210
Glue checks part 1 @ramondiez
...
Glue checks part 1 @ramondiez
2020-11-16 17:55:50 +01:00
Toni de la Fuente
6e604e1834
Some corrections for glue related checks
2020-11-16 17:51:53 +01:00
Toni de la Fuente
b32538b7e5
Glue review 2
2020-11-13 19:05:19 +01:00
Toni de la Fuente
8c9d843813
Glue review 1
2020-11-13 19:02:26 +01:00
Grzegorz Nittner
c9ca8d48b1
#680 - fix for check_extra764
2020-11-13 14:56:22 +00:00
Ramon Diez
0bfa263ad9
Fixing some descriptions
2020-11-12 12:30:22 +01:00
dlpzx
943b096f35
checks for glue - 7119, 7121, 7123
2020-11-12 12:06:43 +01:00
dlpzx
888133e986
checks for glue - 7119, 7121, 7123,7124,7125
2020-11-10 13:06:03 +01:00
dlpzx
39a7c3b18e
checks for glue - 7119, 7121, 7123,7124,7125
2020-11-10 13:05:22 +01:00
dlpzx
ebe2594456
checks for glue - 7119, 7121, 7123,7124,7125
2020-11-09 19:17:00 +01:00
dlpzx
e0a8e0f318
checks for glue - 7119, 7121, 7123,7124,7125
2020-11-09 18:48:11 +01:00
Ramon Diez
954848c6e8
Glue checks part 1
2020-11-04 10:44:43 +01:00
Toni de la Fuente
97055e84b4
Fix quotes in check extra78 for public RDS instances @goldfiglabs
...
Fix quotes in check extra78 for public RDS instances @goldfiglabs
2020-11-03 23:31:44 +01:00
dlpzx
65c63d5bdd
checks for glue - 7119,7121,7123,7124. 7125 not done yet
2020-11-03 19:18:40 +01:00
Toni de la Fuente
180f12d625
Fix extra7111 parser error
2020-11-03 13:48:39 +01:00
Toni de la Fuente
62fcbf2f05
Fix extra7103 parser error
2020-11-03 13:44:24 +01:00
Toni de la Fuente
5d4648c812
Fix extra7108 parser error
2020-11-03 13:33:51 +01:00
Greg Soltis
7585ad7d57
Fix check for public rds instances
2020-10-26 11:39:37 -07:00
Toni de la Fuente
d6760f15b7
fix extra7110 title
2020-10-20 13:30:26 +02:00
Toni de la Fuente
b8e1ef6b33
Fix check_extra7107 condition
2020-10-20 13:20:15 +02:00
Toni de la Fuente
79808fbe30
Fix syntax in extra7110
2020-10-20 09:29:30 +02:00
gchib
ba7c3a3124
Add extra7113: Check RDS deletion protection
2020-10-08 17:18:56 +05:30
Toni de la Fuente
645ea25ddc
New group for Sagemaker with 10 new controls
2020-10-06 16:40:19 +02:00
Toni de la Fuente
923267c3e5
extra7102 increased severity to medium
2020-10-06 16:39:39 +02:00
Toni de la Fuente
ffcb6a0b69
Added extra7102 ElasticIP Shodan integration
2020-10-02 19:10:00 +02:00
Toni de la Fuente
0f84181d89
Added new check [extra7101] Check if Amazon Elasticsearch Service (ES) domains have audit logging enabled
2020-09-18 18:44:01 +02:00
Joaquin Rinaudo
f642926f50
fix(severity): missing check
2020-09-03 08:23:17 +02:00
