Sign in
Log inSign up

AWS Security Audit Simplified With Scout Suite

Ahmed Jimoh's photo
Ahmed Jimoh
·Dec 17, 2021·

3 min read

AWS Security Audit Simplified With Scout Suite

I recently took part in the first cohort of the CcHub Cybersecurity Fellowship -cloud security track, during which fellows had to perform security audits on an AWS environment using various approaches and tools. One of such tools which I find very interesting is Scout Suite developed by NCC Group.

Scout Suite is a security-auditing tool that enables you to assess the cloud environment. It gathers configuration data from your provider and highlights risk areas for manual inspection, rather than going through dozens of pages on web consoles like before, where users had no idea what they were looking at or how adversaries could exploit it. Designed specifically with consultants/ auditors in mind (rather than just consumers), Scout Suite provides an easy point-in-time view into the environment's security stance --allowing us not only to see any potential vulnerabilities but take action right away if needed!

This article is an installation walkthrough for Scout Suite to make the process seamless for first-time users. Let's get started.

Pre-installation

Although Scout Suite is a multi-cloud tool, I'll use AWS for demonstration purposes. Other supported providers are Microsoft Azure, Google Cloud Platform, Alibaba Cloud (alpha), and Oracle Cloud Infrastructure (alpha). To this end, I will install Scout Suite in an EC2 instance with an IAM role configured.

You can set up your profile using the command: aws configure . You'll be prompted for your "Access key ID," "Secret Access Key," "Default Zone," and "Output format."

scout suite aws-configure Ahmed jimoh.jpg

It is also recommended that you have at least Python 3.6 installed.

Installation

1. Install virtualvenv

As the Scout Suite wiki recommended, we will install a virtual environment. I'll be using virtualenv. However, you can use any virtual environment manager of your choice.

1-install virtual env scout suite ahmed jimoh.gif

2. Create a virtual environment

After installing virtualenv, we create a virtual environment using the virtualenv -p python3 venv command.

2-create virtual env scout suite ahmed jimoh.gif

3. Install Scout Suite

We can now move into the virtual environment and install Scout Suite.

  • source venv/bin/activate
  • pip3 install scoutsuite

3-install scoutsuite scout suite Ahmed jimoh.gif

4. Test and Run Scout Suite

We run the scout --help command to check our Scout Suite installation. The help command shows the tool's usage syntax for different cloud environments. For AWS, we use scout aws

4-run scout AWS scout suite Ahmed jimoh.gif

5. Report

The HTML report would be automatically generated in the current working directory and opened with your web browser of choice.

report.jpg

Conclusion

I've heard some great things about Scout Suite, and I'm excited to hear more from you. Have you tried the tool yet? What other audit tools do you use for security audits? Let us know in the comments below!