Skip to content
A multi-cloud compliance checker
Branch: master
Clone or download
janoszen Merge pull request #31 from mhmxs/master
Code cleanup and NPE fix
Latest commit 8795521 Apr 30, 2019

README.md

CScanner: A Cloud Security Scanner

Documentation GitHub Releases Code Quality GitHub Discord CircleCI GitHub last commit GitHub top language GitHub repo size GitHub issues GitHub pull requests GitHub stars Twitter Follow

Things to do

» Grab the latest release

» Read the documentation

» Join the Discord

» Support on Patreon

A brief introduction

This utility is intended to check your cloud configuration for compliance with your companies rules in an automated fashion, not unlike AWS Config.

For example, if you want to make sure that your port 22 is never open to the world, across all your cloud providers, you could do something like this:

connections:
  # Configure your connections here
rules:
  - type: FIREWALL_PUBLIC_SERVICE_PROHIBITED
    protocol: "tcp"
    ports:
      - 22

You would then get a report detailing all your security groups across all your cloud providers and if they are compliant or are violating the rules.

Downloading

You can grab one of the releases from GitHub.

Running

To run the cscanner, simply point it to your config file:

java -jar cscanner.jar your-config-file.yaml

Make sure you have at least Java 8 to run this application. Note that you can use the -h or --help option to get a full list of possible filtering and output options.

Full documentation

For a full documentation please see the cscanner website at cscanner.io.

You can’t perform that action at this time.