I recently took part in the first cohort of the CcHub Cybersecurity Fellowship -cloud security track, during which fellows had to perform security audits on an AWS environment using various approaches and tools. One of such tools which I find very interesting is Scout Suite developed by NCC Group.
Scout Suite is a security-auditing tool that enables you to assess the cloud environment. It gathers configuration data from your provider and highlights risk areas for manual inspection, rather than going through dozens of pages on web consoles like before, where users had no idea what they were looking at or how adversaries could exploit it. Designed specifically with consultants/ auditors in mind (rather than just consumers), Scout Suite provides an easy point-in-time view into the environment's security stance --allowing us not only to see any potential vulnerabilities but take action right away if needed!
This article is an installation walkthrough for Scout Suite to make the process seamless for first-time users. Let's get started.
Pre-installation
Although Scout Suite is a multi-cloud tool, I'll use AWS for demonstration purposes. Other supported providers are Microsoft Azure, Google Cloud Platform, Alibaba Cloud (alpha), and Oracle Cloud Infrastructure (alpha). To this end, I will install Scout Suite in an EC2 instance with an IAM role configured.
You can set up your profile using the command:
aws configure .
You'll be prompted for your "Access key ID," "Secret Access Key," "Default Zone," and "Output format."
It is also recommended that you have at least Python 3.6 installed.
Installation
1. Install virtualvenv
As the Scout Suite wiki recommended, we will install a virtual environment. I'll be using virtualenv. However, you can use any virtual environment manager of your choice.
2. Create a virtual environment
After installing virtualenv, we create a virtual environment using the
virtualenv -p python3 venv command.
3. Install Scout Suite
We can now move into the virtual environment and install Scout Suite.
source venv/bin/activate
pip3 install scoutsuite
4. Test and Run Scout Suite
We run the scout --help command to check our Scout Suite installation.
The help command shows the tool's usage syntax for different cloud environments. For AWS, we use
scout aws
5. Report
The HTML report would be automatically generated in the current working directory and opened with your web browser of choice.
Conclusion
I've heard some great things about Scout Suite, and I'm excited to hear more from you. Have you tried the tool yet? What other audit tools do you use for security audits? Let us know in the comments below!