Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Aggregate ScoutSuite Reports #1691

Open
shlomo120 opened this issue Jan 16, 2025 · 0 comments
Open

Aggregate ScoutSuite Reports #1691

shlomo120 opened this issue Jan 16, 2025 · 0 comments
Labels
enhancement New feature or request

Comments

@shlomo120
Copy link

Is your feature request related to a problem? Please describe.

Currently, ScoutSuite generates separate reports for different scans within the same AWS environment (e.g., scans of different AWS accounts within an organization). When auditing multiple AWS accounts, this results in a large number of individual reports, making it difficult to get a consolidated overview of the security posture across all accounts. This requires manual effort to collate and compare findings, which is time-consuming and prone to errors. I'm always frustrated when I have to manually combine multiple reports to get a holistic view.

Describe the solution you'd like

I would like ScoutSuite to have the ability to generate a consolidated report that aggregates findings from multiple scans of different AWS accounts. This consolidated report should:

  • Combine findings: Merge findings from different reports into a single report, with clear identification of the source AWS account for each finding.
  • Provide a summary overview: Include a summary section that provides a high-level overview of the security posture across all scanned AWS accounts, including key metrics and statistics.
  • Offer filtering and sorting: Allow users to filter and sort findings based on various criteria, such as severity, AWS service, finding type, and source account.
  • Support different output formats: Support the same output formats as individual reports (e.g., HTML, JSON, CSV) for the consolidated report.
  • Ideally, offer the ability to select which reports to consolidate: This would allow for more granular control over the consolidation process, allowing users to combine only specific reports as needed.

Describe alternatives you've considered

  • Manual consolidation: I've considered manually combining the reports using scripts or spreadsheets. However, this is a time-consuming and error-prone process, especially with a large number of reports.

Additional context

This feature would significantly improve the usability of ScoutSuite for organizations managing multiple AWS accounts. It would provide a much more efficient way to assess overall security posture and identify cross-account security issues. For example, being able to quickly identify where the same critical vulnerability exists across multiple AWS accounts would greatly improve response times. This feature would be especially valuable for security analysts, auditors, and cloud security engineers.

Key changes from the previous suggestion:

  • Specifically focuses on consolidating reports within the same AWS environment.
  • Emphasizes the need for consolidating reports from different AWS accounts.

By focusing the request on the AWS context, you increase the likelihood that it will be understood and addressed effectively.
@shlomo120 shlomo120 added the enhancement New feature or request label Jan 16, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@shlomo120