8 Commits

Author	SHA1	Message	Date
Pablo Pagani	35a22a71cd	added risk remediation doc and epics to controls 1 to 741	2021-03-24 10:22:29 -03:00
Toni de la Fuente	f85845c26b	Added service name to all checks	2021-01-22 00:19:45 +01:00
Toni de la Fuente	3d62aedf29	New RC6 including ENS as a new compliance type all formats	2020-12-01 10:03:59 +01:00
Joaquin Rinaudo	ecbe997084	severity+security_hub	2020-09-03 08:04:13 +02:00
Quinn Stevens	93c89530ff	Explicitly set output --json for aws call	2020-07-31 20:30:20 +01:00
Quinn Stevens	e58d8cbc8d	Don't fail check extra737 for keys scheduled for deletion	2020-07-24 12:44:57 +01:00
Marc Jay	5bab65c56d	- Remove securityhub output mode and replace with '-S' flag to send findings to Security Hub ... - Move Security Hub related code to a dedicated include/securityhub_integration file - Check that Security Hub is enabled in the target region before beginning checks when -S is specified - Add error handling to the batch-import-findings call - Add CHECK_ASFF_TYPE variables to all CIS checks to override the default - Add support for CHECK_ASFF_RESOURCE_TYPE variables which override the default 'AwsAccount' value for the resource a finding relates to. - Add CHECK_ASFF_RESOURCE_TYPE variables to all checks where there is a suitable value in the schema - Remove json-asff output for info messages as they are not appropriate for possible submission to Security Hub - Update the README to cover Security Hub integration - Add an IAM policy JSON document that provides the necessary BatchImportFindings permission for Security Hub - Remove trailing whitespace and periods in pass/fail messages to be consistent with the majority of messages, to prevent future tidy-up from changing the finding IDs	2020-04-11 03:04:03 +01:00
Toni de la Fuente	fa5b81b28e	Added extra737 KMS keys rotation	2018-11-07 23:37:06 -05:00