Skip to content
A multi-cloud compliance checker
Branch: master
Clone or download
janoszen Merge pull request #31 from mhmxs/master
Code cleanup and NPE fix
Latest commit 8795521 Apr 30, 2019
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
.circleci Fixed pip reference Apr 9, 2019
cli Code cleanup Apr 27, 2019
config/yaml Code cleanup Apr 27, 2019
core Fix possible NPE at ConfigurationConverter.processMap() Apr 30, 2019
docs Added code quality indicator Apr 17, 2019
provider Code cleanup Apr 27, 2019
rule Code cleanup Apr 27, 2019
rulesets Fixes #18: Allow include in YAML Apr 6, 2019
test Fixes #2: Service Discovery Apr 15, 2019
.gitignore Fixes #27: Make object storage interface generic Apr 10, 2019
CONTRIBUTING.md Better dev link Apr 1, 2019
LICENSE Added Apache2 license Mar 30, 2019
NOTICE License and stuff Apr 7, 2019
README.md Added code quality indicator Apr 17, 2019
main.py Made version labels look better Apr 9, 2019
mkdocs.yml Fixes #2: Service Discovery Apr 15, 2019
pom.xml Fixes #27: Make object storage interface generic Apr 10, 2019
requirements.txt Made version labels look better Apr 9, 2019
testng.xml

README.md

CScanner: A Cloud Security Scanner

Documentation GitHub Releases Code Quality GitHub Discord CircleCI GitHub last commit GitHub top language GitHub repo size GitHub issues GitHub pull requests GitHub stars Twitter Follow

Things to do

» Grab the latest release

» Read the documentation

» Join the Discord

» Support on Patreon

A brief introduction

This utility is intended to check your cloud configuration for compliance with your companies rules in an automated fashion, not unlike AWS Config.

For example, if you want to make sure that your port 22 is never open to the world, across all your cloud providers, you could do something like this:

connections:
  # Configure your connections here
rules:
  - type: FIREWALL_PUBLIC_SERVICE_PROHIBITED
    protocol: "tcp"
    ports:
      - 22

You would then get a report detailing all your security groups across all your cloud providers and if they are compliant or are violating the rules.

Downloading

You can grab one of the releases from GitHub.

Running

To run the cscanner, simply point it to your config file:

java -jar cscanner.jar your-config-file.yaml

Make sure you have at least Java 8 to run this application. Note that you can use the -h or --help option to get a full list of possible filtering and output options.

Full documentation

For a full documentation please see the cscanner website at cscanner.io.

You can’t perform that action at this time.