5.9.1

This release is a hotfix for #821.

In addition, it improves exception handling for the main _run function, as well as for the Azure provider.

The new error codes can be found under https://github.com/nccgroup/ScoutSuite/wiki/Error-Codes.

5.9.0

Changes:

• Improved provider support:
  • AWS
    • Added 4 new ELB & ELBv2 findings (thanks to @goelaarushi04)
    • Added support for the "Amazon S3 Block Public Access" feature
    • Improved Lambda partial
    • Added support for RDS Aurora instances
  • Azure
    • Improved the authentication flow, and handling of subscriptions
  • GCP
    • Added support for Stackdriver Monitoring
    • Improved report content
    • Merged IAM & Resource Manager services
    • Added logic that validates if an API is enabled for a service & project prior to making additional API calls
• Updated the rule format, to allow remediation & compliance information, as well as external references
  • Added rationales for most rules
  • Improved rules' content, adding remediation and references for a number of rules
  • Added the class_suffix field to highlight multiple elements
  • Additional information in https://github.com/nccgroup/ScoutSuite/wiki/HowTo:-Create-a-new-rule
• Added an option in the report (top-right menu) to export a high level finding summary
• Added a tool/util to upload findings to AWS Security Hub (see https://github.com/nccgroup/ScoutSuite/tree/develop/tools#aws_security_hub_exportpy)
• Improved open source project public content
• Bug fixes

5.8.1

Addresses #695.

5.8.0

Changes:

• Improved support for AWS
  • Added support for KMS
  • Added basic support for Secrets Manager
  • Simplified evaluation of IAM policies in multiple rules
• Improved support for Azure
  • Added support for App Service Web Apps
  • Added support for Security Center Compliance Results
  • Added support for Security Center Regulatory Compliance Results
• Improved support for GCP
  • Improved partials and finding rationales
  • Scans should complete much faster
• Improved support for OCI
  • Improved error handing
  • Support for scanning arbitrary compartments
• Improved Open Source project's processes
  • Issue and PR templates
  • CI/CD deployment, with the addition of autopep8
• Added a --list-services option to list available services to scan
• A bunch of bug fixes

5.7.0

Changes:

• Azure
  • Adds support for scanning multiple subscriptions or a whole tenant in one go (see https://github.com/nccgroup/ScoutSuite/wiki/Azure#subscriptions)
  • Adds a new authentication method (--user-account-browser), which allows authenticating with a user with MFA enabled, without the need for azure-cli (see https://github.com/nccgroup/ScoutSuite/wiki/Azure#user-credentials-via-browser)
• AWS
  • Tweak support for executing in Lambda
  • Adds tags for RDS resources
• Core
  • Improves test coverage

Warning this implements backward-incompatible changes to:

• Azure CLI options
• Azure partials

5.6.0

Changes:

• Adds support for AWS ACM
• Improved UI
• Improved code quality
• Bug fixes

5.5.0

Changes:

• Improvements to the AWS & Azure reports
• Improvements to Azure Networks and Virtual Machines services' support
• Improvements to GCP Cloud Storage support
• Improved Azure rules
• New rules for AWS & Azure
• Added support for Aliyun OSS
• Improved test coverage
• Bug fixes

5.4.0

Changes:

• Improvement of Azure support
• Bug fixes

5.3.3

Minor fixes

5.3.2

Front-end fix