Cloud Security Misconfiguration Scanner

AWS CIS Foundations Benchmark v1.4 — Automated misconfiguration detection for IAM, S3, and network security.

Scan Configuration
cloud_scanner.py --profile prod-audit --region us-east-1 --checks all
18
Total Findings
4
Critical
8
High
3
Medium
3
Low
38.9%
CIS Compliance
👤
IAM Findings 7 findings
Check Resource Result CIS Control Severity Remediation
Root Account MFA root FAIL 1.2 Critical Enable virtual MFA for root account
Root Access Keys root FAIL 1.5 Critical Delete all root access keys immediately
IAM Password Policy account FAIL 1.7 Medium Min length < 14, no symbol requirement
User MFA alice FAIL 1.4 High Assign MFA device to user alice
User MFA bob PASS 1.4 High No action required
Unused Access Key alice/AKIAIOSFODNN7EXAMPLE FAIL 1.3 High Key not used in 120 days — disable or delete
Admin Policy Attached alice WARN 1.9 High Use IAM groups/roles for admin access
📦
S3 Bucket Findings 7 findings
Check Bucket Result CIS Control Severity Detail
S3 Public Access Block my-company-data FAIL 2.1 High Block public access not enabled
S3 Bucket Policy Public my-company-data FAIL 2.2 High Policy allows Principal: * (public read)
S3 Encryption my-company-data FAIL 2.3 Medium Default encryption not configured
S3 Versioning my-company-data WARN 2.4 Low Versioning is Disabled
S3 Access Logging my-company-data WARN 2.5 Low Access logging not enabled
S3 Public Access Block static-assets PASS 2.1 High All block settings enabled
S3 Encryption static-assets PASS 2.3 Medium SSE-S3 encryption enabled
🛡
Security Group Findings 4 findings
Check Security Group Result CIS Control Severity Exposure
Open SSH Port sg-0abc123 (web-servers) FAIL 4.1 Critical Port 22 open to 0.0.0.0/0
Open RDP Port sg-0abc123 (web-servers) FAIL 4.2 Critical Port 3389 open to 0.0.0.0/0
Open MySQL Port sg-0def456 (database) FAIL 4.3 High Port 3306 open to 0.0.0.0/0
Open Elasticsearch Port sg-0def456 (database) FAIL 4.3 High Port 9200 open to 0.0.0.0/0
CIS Benchmark Scorecard
PASS (7)
FAIL (11)
WARN (2)
🔧
Remediation Guide