AWS Security Auditing tools comparison
 Share
The version of the browser you are using is no longer supported. Please upgrade to a supported browser.Dismiss

 
View only
 
 
ABCDEFGHIJKLMNOPQRSTUVWXY
1
RuleTypePacBotProwlerSecurity Monkey
Trusted Advisor
AWS Config RulesCloudMapper
2
API Gateway authorization requiredSecurityhttps://github.com/tmobile/pacbot/blob/master/jobs/pacman-awsrules/src/main/java/com/tmobile/cloud/awsrules/apigateway/CheckForApiGatewayProtected.java
3
CloudWatch events sent to a service busSecurityhttps://github.com/tmobile/pacbot/blob/master/jobs/pacman-awsrules/src/main/java/com/tmobile/cloud/awsrules/cloudwatchevent/CheckCloudWatchEventsForAllAccountsRule.javahttps://github.com/toniblyx/prowler/blob/master/checks/check24
4
EBS snapshot not associated with an instanceCosthttps://github.com/tmobile/pacbot/blob/master/jobs/pacman-awsrules/src/main/java/com/tmobile/cloud/awsrules/ebs/UnusedEBSRule.java
5
Public EBS snapshotSecurityhttps://github.com/tmobile/pacbot/blob/master/jobs/pacman-awsrules/src/main/java/com/tmobile/cloud/awsrules/ebs/EbsSnapshotWithPublicAccess.javahttps://github.com/toniblyx/prowler/blob/master/checks/check_extra72https://github.com/Netflix/security_monkey/blob/develop/security_monkey/auditors/ebs_snapshot.pyYY
6
Underused EBS volumesCosthttps://github.com/tmobile/pacbot/blob/master/jobs/pacman-awsrules/src/main/java/com/tmobile/cloud/awsrules/ebs/UnderutilizedAmazonEBSVolumesRule.javaY
7
EC2 Reserved Instance to expire in 30 daysCosthttps://github.com/tmobile/pacbot/blob/master/jobs/pacman-awsrules/src/main/java/com/tmobile/cloud/awsrules/ec2/AmazonEC2ReservedInstanceLeaseExpirationRule.java
8
Mandatory tagsTaggingApplication tags https://github.com/tmobile/pacbot/blob/master/jobs/pacman-awsrules/src/main/java/com/tmobile/cloud/awsrules/ec2/CheckApplicationTagRule.java
Others https://github.com/tmobile/pacbot/blob/master/jobs/pacman-awsrules/src/main/java/com/tmobile/cloud/awsrules/ec2/TaggingRule.java
9
Deprecated EC2 instance typeCosthttps://github.com/tmobile/pacbot/blob/master/jobs/pacman-awsrules/src/main/java/com/tmobile/cloud/awsrules/ec2/EC2DeprecatedInstanceTypeRule.java
10
Publicly accessible EC2Securityhttps://github.com/tmobile/pacbot/blob/master/jobs/pacman-awsrules/src/main/java/com/tmobile/cloud/awsrules/ec2/EC2PublicAccessForConfiguredPortRule.javahttps://github.com/toniblyx/prowler/blob/master/checks/check_extra710
11
EC2 stopped for more than 30 daysCosthttps://github.com/tmobile/pacbot/blob/master/jobs/pacman-awsrules/src/main/java/com/tmobile/cloud/awsrules/ec2/EC2StoppedInstanceForLongRule.java
12
EC2 with specific ports publicSecurity9200 (ElasticSearch) https://github.com/tmobile/pacbot/blob/master/jobs/pacman-awsrules/src/main/java/com/tmobile/cloud/awsrules/ec2/ElasticSearchInternalAccessRule.java
3389 (RDP) https://github.com/tmobile/pacbot/blob/master/jobs/pacman-awsrules/src/main/java/com/tmobile/cloud/awsrules/securitygroup/CheckForSecurityGroupWithRDPPortAnywhereAccess.java
https://github.com/toniblyx/prowler/blob/master/checks/check41
https://github.com/toniblyx/prowler/blob/master/checks/check42
Y
13
Low utilization EC2Costhttps://github.com/tmobile/pacbot/blob/master/jobs/pacman-awsrules/src/main/java/com/tmobile/cloud/awsrules/ec2/LowUtilizationAmazonEC2InstancesRule.java
14
SSM agent on EC2Devopshttps://github.com/tmobile/pacbot/blob/master/jobs/pacman-awsrules/src/main/java/com/tmobile/cloud/awsrules/ec2/SSMAgentCheckRule.javahttps://docs.aws.amazon.com/config/latest/developerguide/ec2-instance-managed-by-ssm.html
15
Unused Elastic IPCosthttps://github.com/tmobile/pacbot/blob/master/jobs/pacman-awsrules/src/main/java/com/tmobile/cloud/awsrules/elasticip/UnusedElasticIpRule.javaY
16
Idle load balancerCosthttps://github.com/tmobile/pacbot/blob/master/jobs/pacman-awsrules/src/main/java/com/tmobile/cloud/awsrules/elb/CheckForIdleLoadBalancersRule.javaY
17
Unused load balancerCosthttps://github.com/tmobile/pacbot/blob/master/jobs/pacman-awsrules/src/main/java/com/tmobile/cloud/awsrules/elb/UnusedClassicElbRule.java
https://github.com/tmobile/pacbot/blob/master/jobs/pacman-awsrules/src/main/java/com/tmobile/cloud/awsrules/elb/UnusedApplicationElbRule.java
Y
18
SSL cert to expireSecurityhttps://github.com/tmobile/pacbot/blob/master/jobs/pacman-awsrules/src/main/java/com/tmobile/cloud/awsrules/elb/SSLCertificateExpiryRule.javahttps://github.com/Netflix/security_monkey/blob/develop/security_monkey/auditors/acm.pyYhttps://docs.aws.amazon.com/config/latest/developerguide/acm-certificate-expiration-check.html
19
GuardDuty finding existsSecurityhttps://github.com/tmobile/pacbot/blob/master/jobs/pacman-awsrules/src/main/java/com/tmobile/cloud/awsrules/guardduty/CheckGuardDutyFindingsExists.java
20
GuardDuty enabled all regionsSecurityhttps://github.com/tmobile/pacbot/blob/master/jobs/pacman-awsrules/src/main/java/com/tmobile/cloud/awsrules/guardduty/CheckGuardDutyForAllAccountsRule.javahttps://github.com/toniblyx/prowler/blob/master/checks/check_extra713https://docs.aws.amazon.com/config/latest/developerguide/guardduty-enabled-centralized.html
21
Unexpected admin roleSecurityhttps://github.com/tmobile/pacbot/blob/master/jobs/pacman-awsrules/src/main/java/com/tmobile/cloud/awsrules/iam/IAMAccessGrantForNonAdminAccountRule.javahttps://github.com/toniblyx/prowler/blob/master/checks/check122https://github.com/Netflix/security_monkey/blob/develop/security_monkey/auditors/iam/iam_policy.pyY
22
Access keys not rotated in 90 daysSecurityhttps://github.com/tmobile/pacbot/blob/master/jobs/pacman-awsrules/src/main/java/com/tmobile/cloud/awsrules/iam/AccessKeyRotatedRule.javahttps://github.com/toniblyx/prowler/blob/master/checks/check14https://github.com/Netflix/security_monkey/blob/develop/security_monkey/auditors/iam/iam_user.pyY
23
IAM user with access keysSecurityhttps://github.com/tmobile/pacbot/blob/master/jobs/pacman-awsrules/src/main/java/com/tmobile/cloud/awsrules/iam/AwsIamAccountWithPermanentAccessKeysRule.javahttps://github.com/Netflix/security_monkey/blob/develop/security_monkey/auditors/iam/iam_user.py
24
Identity provider usedSecurityhttps://github.com/tmobile/pacbot/blob/master/jobs/pacman-awsrules/src/main/java/com/tmobile/cloud/awsrules/iam/CheckIamIdentityProviderWithADFSRule.java
25
Password policySecurityhttps://github.com/tmobile/pacbot/blob/master/jobs/pacman-awsrules/src/main/java/com/tmobile/cloud/awsrules/iam/CheckIamPasswordPolicyRule.javahttps://github.com/toniblyx/prowler/blob/master/checks/check110YY
26
Inactive IAM userSecurityhttps://github.com/tmobile/pacbot/blob/master/jobs/pacman-awsrules/src/main/java/com/tmobile/cloud/awsrules/iam/CheckInactiveIamUsersRule.javaY
27
Lambda role has admin privsSecurityhttps://github.com/tmobile/pacbot/blob/master/jobs/pacman-awsrules/src/main/java/com/tmobile/cloud/awsrules/lambda/CheckLambdaFunWithAdminOrIamPrivileges.javaY
28
Lambda executed too oftenCosthttps://github.com/tmobile/pacbot/blob/master/jobs/pacman-awsrules/src/main/java/com/tmobile/cloud/awsrules/lambda/LambdaFunctionInvocationCountRule.java
29
Lambda throttled too oftenCosthttps://github.com/tmobile/pacbot/blob/master/jobs/pacman-awsrules/src/main/java/com/tmobile/cloud/awsrules/lambda/LambdaFunctionThrottleInvocationsRule.java
30
CloudTrail enabledSecurityhttps://github.com/tmobile/pacbot/blob/master/jobs/pacman-awsrules/src/main/java/com/tmobile/cloud/awsrules/misc/CheckAWSCloudTrailConfig.javahttps://github.com/toniblyx/prowler/blob/master/checks/check21https://github.com/Netflix/security_monkey/blob/develop/security_monkey/auditors/cloudtrail.pyYhttps://docs.aws.amazon.com/config/latest/developerguide/cloudtrail-enabled.htmlY
31
AWS Config enabledSecurityhttps://github.com/tmobile/pacbot/blob/master/jobs/pacman-awsrules/src/main/java/com/tmobile/cloud/awsrules/misc/CheckAWSConfigEnabled.javahttps://github.com/toniblyx/prowler/blob/master/checks/check25
32
AWS resources in black-listed regionsSecurityhttps://github.com/tmobile/pacbot/blob/master/jobs/pacman-awsrules/src/main/java/com/tmobile/cloud/awsrules/misc/CheckAwsActivityInBlacklistedRegionRule.java
33
VPC Flow logs enabledSecurityhttps://github.com/tmobile/pacbot/blob/master/jobs/pacman-awsrules/src/main/java/com/tmobile/cloud/awsrules/misc/VpcFlowLogsEnabled.javahttps://github.com/toniblyx/prowler/blob/master/checks/check29https://github.com/Netflix/security_monkey/blob/develop/security_monkey/auditors/vpc/vpc.py
34
Idle RDSCosthttps://github.com/tmobile/pacbot/blob/master/jobs/pacman-awsrules/src/main/java/com/tmobile/cloud/awsrules/rds/AmazonRDSIdleDBInstancesRule.javaY
35
Public RDS snapshotSecurityhttps://github.com/tmobile/pacbot/blob/master/jobs/pacman-awsrules/src/main/java/com/tmobile/cloud/awsrules/rds/CheckForRDSSnapshotWithPublicAccess.javahttps://github.com/toniblyx/prowler/blob/master/checks/check_extra723https://github.com/Netflix/security_monkey/blob/develop/security_monkey/auditors/rds/rds_snapshot.pyYhttps://docs.aws.amazon.com/config/latest/developerguide/rds-snapshots-public-prohibited.htmlY
36
Public RDSSecurityhttps://github.com/tmobile/pacbot/blob/master/jobs/pacman-awsrules/src/main/java/com/tmobile/cloud/awsrules/rds/RDSDBPublicAcessRule.javahttps://github.com/toniblyx/prowler/blob/master/checks/check_extra78https://github.com/Netflix/security_monkey/blob/develop/security_monkey/auditors/rds/rds_db_cluster.py
37
Public RedshiftSecurityhttps://github.com/tmobile/pacbot/blob/master/jobs/pacman-awsrules/src/main/java/com/tmobile/cloud/awsrules/redshift/RedShiftPublicAccessRule.javahttps://github.com/toniblyx/prowler/blob/master/checks/check_extra711https://github.com/Netflix/security_monkey/blob/develop/security_monkey/auditors/redshift.py
38
Underutilized RedshiftCosthttps://github.com/tmobile/pacbot/blob/master/jobs/pacman-awsrules/src/main/java/com/tmobile/cloud/awsrules/redshift/UnderutilizedAmazonRedshiftClustersRule.javaY
39
Route53 in white-listed accounts onlySecurityhttps://github.com/tmobile/pacbot/blob/master/jobs/pacman-awsrules/src/main/java/com/tmobile/cloud/awsrules/route53/CheckAwsRoute53DNSForAccountsRule.java
40
MFA delete on S3 bucketSecurityhttps://github.com/tmobile/pacbot/blob/master/jobs/pacman-awsrules/src/main/java/com/tmobile/cloud/awsrules/s3/CheckMFADeleteEnabledRule.java
41
Public S3SecurityRead access https://github.com/tmobile/pacbot/blob/master/jobs/pacman-awsrules/src/main/java/com/tmobile/cloud/awsrules/s3/S3GlobalReadAccessRule.java
Write access https://github.com/tmobile/pacbot/blob/master/jobs/pacman-awsrules/src/main/java/com/tmobile/cloud/awsrules/s3/S3GlobalWriteAccessRule.java
https://github.com/toniblyx/prowler/blob/master/checks/check_extra73https://github.com/Netflix/security_monkey/blob/develop/security_monkey/auditors/s3.pyYhttps://docs.aws.amazon.com/config/latest/developerguide/s3-bucket-public-read-prohibited.htmlY
42
Security Group allows public accessSecurityhttps://github.com/tmobile/pacbot/blob/master/jobs/pacman-awsrules/src/main/java/com/tmobile/cloud/awsrules/securitygroup/CheckForSecurityGroupWithAnywhereAccess.javahttps://github.com/toniblyx/prowler/blob/master/checks/check_extra74https://github.com/Netflix/security_monkey/blob/develop/security_monkey/auditors/security_group.pyY
43
Security Group unusedSecurityhttps://github.com/tmobile/pacbot/blob/master/jobs/pacman-awsrules/src/main/java/com/tmobile/cloud/awsrules/securitygroup/SecurityGroupNotUsedRule.javahttps://github.com/toniblyx/prowler/blob/master/checks/check_extra75https://github.com/Netflix/security_monkey/blob/develop/security_monkey/auditors/security_group.py
44
Service limit reachedDevopshttps://github.com/tmobile/pacbot/blob/master/jobs/pacman-awsrules/src/main/java/com/tmobile/cloud/awsrules/service/ServiceLimitRule.javaY
45
MFA on rootSecurityhttps://github.com/toniblyx/prowler/blob/master/checks/check113Yhttps://docs.aws.amazon.com/config/latest/developerguide/root-account-mfa-enabled.htmlY
46
Route53 MX records have SPFSecurityY
47
ELB crypto checksSecurityhttps://github.com/Netflix/security_monkey/blob/develop/security_monkey/auditors/elb.pyYhttps://docs.aws.amazon.com/config/latest/developerguide/elb-predefined-security-policy-ssl-check.html
48
ELB Security Groups allow access to ports that are listeningSecurityY
49
Access keys exposed somewhere on the InternetSecurityY
50
Approved AMIs by IDSecurityhttps://docs.aws.amazon.com/config/latest/developerguide/approved-amis-by-id.html
51
Approved AMIs by tagSecurityhttps://docs.aws.amazon.com/config/latest/developerguide/approved-amis-by-tag.html
52
EC2 classic usedSecurityhttps://docs.aws.amazon.com/config/latest/developerguide/ec2-instances-in-vpc.htmlY
53
S3 access loggingSecurityhttps://github.com/toniblyx/prowler/blob/master/checks/check_extra718https://docs.aws.amazon.com/config/latest/developerguide/s3-bucket-logging-enabled.html
54
S3 server side encryptionSecurityhttps://docs.aws.amazon.com/config/latest/developerguide/s3-bucket-server-side-encryption-enabled.html
55
Root account recent usageSecurityhttps://github.com/toniblyx/prowler/blob/master/checks/check11
56
Password expirationSecurityhttps://github.com/toniblyx/prowler/blob/master/checks/check111
57
No root access keysSecurityhttps://github.com/toniblyx/prowler/blob/master/checks/check112Y
58
No inline IAM policiesSecurityhttps://github.com/toniblyx/prowler/blob/master/checks/check116
59
MFA for all IAM users with passwordsSecurityhttps://github.com/toniblyx/prowler/blob/master/checks/check12https://github.com/Netflix/security_monkey/blob/develop/security_monkey/auditors/iam/iam_user.pyY
60
AWS Support role existsDevopshttps://github.com/toniblyx/prowler/blob/master/checks/check120
61
IAM user access keys never usedSecurityhttps://github.com/toniblyx/prowler/blob/master/checks/check121Y
62
IAM creds not used for 90 daysSecurityhttps://github.com/toniblyx/prowler/blob/master/checks/check13https://github.com/Netflix/security_monkey/blob/develop/security_monkey/auditors/iam/iam_user.pyY
63
CloudTrail log file validation is enabledSecurityhttps://github.com/toniblyx/prowler/blob/master/checks/check22
64
CloudTrail S3 bucket is not publicSecurityhttps://github.com/toniblyx/prowler/blob/master/checks/check23
65
S3 access logging on the CloudTrail bucketSecurityhttps://github.com/toniblyx/prowler/blob/master/checks/check26
66
CloudTrail logs are encryptedSecurityhttps://github.com/toniblyx/prowler/blob/master/checks/check27
67
Rotation of CMKsSecurityhttps://github.com/toniblyx/prowler/blob/master/checks/check28https://github.com/Netflix/security_monkey/blob/develop/security_monkey/auditors/kms.py
68
Checks for specific CloudWatch alarmsSecurityhttps://github.com/toniblyx/prowler/blob/master/checks/check32
69
Default Security Group restricts trafficSecurityhttps://github.com/toniblyx/prowler/blob/master/checks/check43
70
VPN tunnel downDevopshttps://github.com/Netflix/security_monkey/blob/develop/security_monkey/auditors/vpc/vpn.py
71
IAM SSL auditingSecurityhttps://github.com/Netflix/security_monkey/blob/develop/security_monkey/auditors/iam/iam_ssl.py
72
Public AMISecurityhttps://github.com/toniblyx/prowler/blob/master/checks/check_extra76https://github.com/Netflix/security_monkey/blob/develop/security_monkey/auditors/ec2_image.pyY
73
Public ElasticSearchSecurityhttps://github.com/toniblyx/prowler/blob/master/checks/check_extra716https://github.com/Netflix/security_monkey/blob/develop/security_monkey/auditors/elasticsearch_service.pyY
74
ELB loggingSecurityhttps://github.com/toniblyx/prowler/blob/master/checks/check_extra717https://github.com/Netflix/security_monkey/blob/develop/security_monkey/auditors/elb.py
75
ELB deletion protectionSecurityhttps://github.com/Netflix/security_monkey/blob/develop/security_monkey/auditors/elbv2.py
76
Public glacierSecurityhttps://github.com/Netflix/security_monkey/blob/develop/security_monkey/auditors/glacier.pyY
77
Public lambdaSecurityhttps://github.com/Netflix/security_monkey/blob/develop/security_monkey/auditors/lambda_function.py
78
Redshift not in VPCSecurityhttps://github.com/Netflix/security_monkey/blob/develop/security_monkey/auditors/redshift.py
79
Route53 private records in public zoneSecurityhttps://github.com/Netflix/security_monkey/blob/develop/security_monkey/auditors/route53.py
80
SES identity not verifiedSecurityhttps://github.com/Netflix/security_monkey/blob/develop/security_monkey/auditors/ses.py
81
SNS topic policy emptyCosthttps://github.com/Netflix/security_monkey/blob/develop/security_monkey/auditors/sns.py
82
SNS publicSecurityhttps://github.com/Netflix/security_monkey/blob/develop/security_monkey/auditors/sns.pyY
83
SQS publicSecurityhttps://github.com/toniblyx/prowler/blob/master/checks/check_extra727https://github.com/Netflix/security_monkey/blob/develop/security_monkey/auditors/sqs.pyY
84
MFA for admin usersSecurityhttps://github.com/toniblyx/prowler/blob/master/checks/check_extra71
85
Macie enabledSecurityhttps://github.com/toniblyx/prowler/blob/master/checks/check_extra712
86
CloudFront loggingSecurityhttps://github.com/toniblyx/prowler/blob/master/checks/check_extra714
87
ElasticSearch loggingSecurityhttps://github.com/toniblyx/prowler/blob/master/checks/check_extra715
88
Route53 loggingSecurityhttps://github.com/toniblyx/prowler/blob/master/checks/check_extra719
89
Lambda invoke loggingSecurityhttps://github.com/toniblyx/prowler/blob/master/checks/check_extra720
90
Redshift audit loggingSecurityhttps://github.com/toniblyx/prowler/blob/master/checks/check_extra721
91
API Gateway loggingSecurityhttps://github.com/toniblyx/prowler/blob/master/checks/check_extra722
92
ACM certificate transparency enabledSecurityhttps://github.com/toniblyx/prowler/blob/master/checks/check_extra724
93
S3 object logging to CloudTrailSecurityhttps://github.com/toniblyx/prowler/blob/master/checks/check_extra725
94
Trusted Advisor issues presentSecurityhttps://github.com/toniblyx/prowler/blob/master/checks/check_extra726Y
95
SQS encryptionSecurityhttps://github.com/toniblyx/prowler/blob/master/checks/check_extra728
96
EBS volumes encryptedSecurityhttps://github.com/toniblyx/prowler/blob/master/checks/check_extra729
97
Public ECRsSecurityhttps://github.com/toniblyx/prowler/blob/master/checks/check_extra77Y
98
Public ELBSecurityhttps://github.com/toniblyx/prowler/blob/master/checks/check_extra79
99
100
Loading...
Main menu