Scout Suite is an open source multi-cloud security-auditing tool, which enables security posture assessment of cloud environments. Using the APIs exposed by cloud providers, Scout Suite gathers configuration data for manual inspection and highlights risk areas. Rather than going through dozens of pages on the web consoles, Scout Suite presents a clear view of the attack surface automatically.
Scout Suite was designed by security consultants/auditors. It is meant to provide a point-in-time security-oriented view of the cloud account it was run in. Once the data has been gathered, all usage may be performed offline.
The project team can be contacted at scoutsuite@nccgroup.com.
Cloud Provider Support
The following cloud providers are currently supported:
- Amazon Web Services
- Microsoft Azure
- Google Cloud Platform
- Alibaba Cloud (alpha)
- Oracle Cloud Infrastructure (alpha)
Installation
Requirements
Assuming access to the desired APIs has already been configured on a machine (e.g. the provider’s CLI has been set up), then installing and using Scout Suite should be trivial.
Scout Suite is written in Python and supports the following versions:
- 3.6
- 3.7
- 3.8
The required libraries can be found in the requirements.txt file.
We recommend using a virtual environment.
Via PIP
$ virtualenv -p python3 venv
$ source venv/bin/activate
$ pip install scoutsuite
$ scout --help
Via Git
$ git clone https://github.com/nccgroup/ScoutSuite
$ cd ScoutSuite
$ virtualenv -p python3 venv
$ source venv/bin/activate
$ pip install -r requirements.txt
$ python scout.py --help
Usage
Scout Suite is run through the CLI:
Once this has completed, it will generate an HTML report including findings and Cloud account configuration:
The above report was generated by running Scout Suite against sadcloud.
Additional information can be found in the wiki. There are also a number of handy tools for automation of common tasks.
NCC Scout
Our self-service cloud account monitoring platform, NCC Scout, is a user-friendly SaaS providing you with the ability to constantly monitor your public cloud accounts, allowing you to check they’re configured to comply with industry best practice.
It features:
- Persistent monitoring – so you know about changes or issues as they arise
- One tool – all configuration checks in one place for speed and simplicity
- Multi-vendor support – AWS, Azure and GCP public cloud accounts
- Agnostic platform – a trusted third-party tool
Additional details can be found in the wiki.
ScoutSuite (this link opens in a new window) by nccgroup (this link opens in a new window)
Multi-Cloud Security Auditing Tool