ScoutSuite

Scout Suite is an open source multi-cloud security-auditing tool, which enables security posture assessment of cloud environments. Using the APIs exposed by cloud providers, Scout Suite gathers configuration data for manual inspection and highlights risk areas. Rather than going through dozens of pages on the web consoles, Scout Suite presents a clear view of the attack surface automatically.

Scout Suite was designed by security consultants/auditors. It is meant to provide a point-in-time security-oriented view of the cloud account it was run in.

Scout is supported by the following providers:

• Amazon Web Services

• Microsoft Azure

• Google Cloud Platform

• Alibaba Cloud

• Oracle Cloud Infrastructure

• Kubernetes clusters on a cloud provider

• DigitalOcean Cloud

Highlights

• Single pane across multi-cloud

• Customise and extend rules

• Once the data has been gathered, all usage may be performed offline

Quickstart

1. Start an instance with 1-Click, or optionally using your cloud provider’s web/console

2. Have just a little patience: it does take a couple of minutes for all the background services to start up in your instance. If you get connection refused or site error messages - just wait a moment

3. Access the product via web browser at https://<your IP/public DNS>

4. Login with user-name admin, and the instance id as password.

Operations

Out of the box, scout performs daily scans across all configured providers. Each provider has it’s own systemd service and a timer. To change the run frequency, simply edit /usr/lib/systemd/system/scout-<provider>.timer.

In order for a provider to run; credentials must be set for that provider within it’s configuration file. We ship the vendors prescribed cloud cli tool to help with this.

You will probably wish to restart the service to create scans.

By default we may not have installed all of the providers. If the provider is missing:

$ dnf install scoutsuite-<provider>

AWS

~scout/.aws/credentials
$ sudo -u scout aws configure

Aliyun

~scout/.aliyun/config.json
$ sudo -u scout aliyun configure

Azure

~scout/.azure/config.json
$ sudo -u scout az configure

Digital Ocean

~scout/.config/doctl/config.yaml
$ sudo -u scout doctl auth init

GCP

~scout/.config/gcloud
$ sudo -u scout gcloud config

OCI

~scout/.oci
$ sudo -u scout oci setup oci-cli-rc

Kubernetes

~scout/.kube/config
$ sudo -u scout kubectl config set-credentials

See also

scout

RPM Package

EULA

Software License