Skip to main content

Product review of cloudsploit

Hello People!

This article is to share my understanding about cloudsploit and the service they provide to the people.

What they do?

CloudSploit is a service which analysis your AWS/Azure account for security holes/risks.
With people moving to serverless technologies, Azure and AWS are gaining popularity these days at higher rate. Also alot of developers/dev-ops engineers tend to overlook some of the security considerations while setting up services in cloud.
CloudSploit is here to address such problems for you!

How do they do it?

CloudSploit asks you for a access key with read only permissions to your cloud resources.
They have a set of plugins, which run using this access key.
Each plugin is a javascript function which uses some node cloud SDKs to analyse the services in cloud.

Result of what they do

When you run CloudSploit, as a final output you get to see different plugins and their test results.
The plugins also have recommended actions section which tells you about the security measure you should take.

The process that i went through to test my Azure account with CloudSploit

  • Clone the CloudSploit repository.
  • Install the modules from package.json file
  • Add your service principle AppId and secret along with tenantId and subscription in Index.js file.
  • Run CloudSploit with node index.js
Here is the output which i got to see:

How can you contribute to CloudSploit project?

  • If you feel motivated to contribute to this project, you can go to github account and make pull requests with new security plugins that you can think of.
  • You may also list the additional plugins that you feel need to be developed and make feature requests so that it gets communicated to their developer community.
  • To read more about the development process for plugins, please read ReadMe page which explains the concepts and also helps you understand about the code structure.

Comments

Post a Comment

Popular posts from this blog

When to use Azure Virtual Machine Scale Sets?

So it all started with client's requirement to build a Minimum Viable Product (MVP). The backend of the product was written in python and involved processing of images using Computer Vision. We decided to host the backend in Azure. There were lots of advantages of having the backend hosted in cloud instead of having an on-premise setup. The thing that attracted us the most was infrastructure scaling and availability of the system. We now dont have to bother about infrastructure, power consumption, system availability, system failures, etc. We were in need of GPU machines to run the code in backend. We though of using N-Series Azure virtual machines for this purpose. We wanted to scale the machines horizontally to handle multiple requests. We booted up few more machines to handle the load. This is where Azure Load balancer came into picture. Since there were multiple instances of virtual machines, we needed someone to decide for us, which machine the request should go to. We connect...
Post a Comment
Read more

Building Installer for mac using packages (Implementation level details)

So now that you have a code ready, next question is how you are going to ship it as a product to end users. The easiest and user friendly solution, is to build the Installer for your product! Building an installer has many advantages, like: User don't have to be worried about the installation steps (the user has to just follow laymen's instructions to get ready to use the product). It eliminates human errors. Makes the product easy to install and use. So now that we have idea of WHY  we need Installers, let see what  packages  offer us to build installers for mac.  Packages is a tool developed for mac. Packages can be either flat or bundle. As per my observations, flat packages cannot be inspected to view the contents of the package. But there are ways to extract the contents for viewing purpose using  pkgutil  utility. In case of Bundle packages, user can view the contents of the bundle directly. Its like a directory. Packages...
Post a Comment
Read more