CFRipper – CloudFormation Security Scanning & Audit Tool
source link: https://www.darknet.org.uk/2022/01/cfripper-cloudformation-security-scanning-audit-tool/?amp%3Butm_medium=social&%3Butm_campaign=darknetfeed
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.
CFRipper – CloudFormation Security Scanning & Audit Tool
CFRipper is a Python-based Library and CLI security analyzer that functions as an AWS CloudFormation security scanning and audit tool, it aims to prevent vulnerabilities from getting to production infrastructure through vulnerable CloudFormation scripts.
You can use CFRipper to prevent deploying insecure AWS resources into your Cloud environment. You can write your own compliance checks by adding new custom plugins.
CFRipper should be part of your CI/CD pipeline. It runs just before a CloudFormation stack is deployed or updated and if the CloudFormation script fails to pass the security check it fails the deployment and notifies the team that owns the stack. Rules are the heart of CFRipper. When running CFRipper the CloudFormation stack will be checked against each rule and the results combined.
Usage of CFRipper for CloudFormation Security Scanning
You can download CFRipper here:
Or read more here.
Recommend
-
4
CFRipper – CloudFormation Security Scanning & Audit Tool Last updated: January 24, 2022 | 600 views 0...
-
3
DevSecOps Scanning Challenges & Tips Bill Brenner
-
13
Vicarius releases free Nmap scanning tool Nmap is a popular and versatile tool for port scanning, network discovery, and security auditing, but its scan results can be complex to interpret. Vulnerability remediation platform maker Vic...
-
12
Snyk CodeStatic Application Security Testing re-imagined for the developer
-
7
@ibmdotcom/beacon Beacon for IBM.com analyzes web pages for compliance with IBM.com web standards, the IBM Design Language, and best practices. Beacon for IBM.com leverages Google
-
5
Instagram is testing an AI tool that verifies your age by scanning your face You can try it out yourself — how old does the computer think you are? ...
-
11
Instagram is testing an AI face-scanning tool that can verify your ageSteve Dent·Contributing Reporter
-
3
›Recent PostsTL;DR Backstage’s security posture continues to mature! Today, we’re releasing a report from an independent security audit an...
-
7
Google Releases Open-Source Vulnerability Scanning Tool Dec 29, 2022...
-
6
Support is great. Feedback is even better."We value your feedback! As we launch GA4Auditor.com, we're eager to hear your thoughts. Is there anything specific about the product, pricing, or branding that you'd like to share your feedb...
About Joyk
Aggregate valuable and interesting links.
Joyk means Joy of geeK