Monitor and audit your users in cloud environments by CloudAudit

By Arsenio Aguirre

Elevator Pitch

My name is Arsenio Aguire and I work as Security Engineer. Due to some security gaps in cloud environments related to users administration I have developed CloudAudit to control and audit users in providers or cloud applications. Also you can discover if a credential was leaked in some public sites.

Description

CloudAudit alt text

What is CloudAudit?
As its name says is an application to monitor and audit cloud environments in an easy and fast way. Due to the growth of providers and cloud applications, CloudAudit provides a set of security controls to minimize the risks in cloud environments.

How was born CloudAudit?
To understand CloudAudit birth I make the next questions:

  • Have you heard about credentials (most known as access keys) from cloud providers leaked on public sites?

  • Have you heard about unauthorized accesses in cloud providers to create powerful instances to suspected activities?

  • Have you found active users in cloud environments from users that left the company some time ago?

So, due to some security incidents and concerns in cloud environments I have developed a new tool to monitor and audit your cloud environments. In the first reléase, we are focusing on users management. Currently, the companies are acquiring cloud providers for all business process: billing, human resources, infrastructure, sales, etc. and is important mantain the same security controls that on premise applications.

Secure cloud environments is great challenge for the companies.

What are CloudAudit benefits?
At present by using CloudAudit you can get:

  • Monitor and audit users in cloud environments based on best practices as Center for Internet Security.

  • Identify users or credentials leaked on public websites.

  • Developed using cloud technology to provide high availability and security.

  • Agentless, you need install nothing to use the security tool.

  • AWS CIS Compliance reports related to users management.

What does CloudAudit support?
Currently it supports Amazon Web Services but the core is enabled to integrate with different cloud providers.

What is CloudAudit roadmap?
We are working to add the next features:

  • Add more cloud providers (IaaS, PaaS and SaaS).

  • Discover public buckets.

  • Discover insecure ports exposed.

  • Discover services expose: instances, load balancers, etc.

Notes

CloudAudit uses sdk or Rest API available from providers and cloud application to make the integrations. Is important that them have developed a method to provide the information required to run the security controls.

CloudAudit was developed using:

  • Containers

  • Serverless

  • Json web token for representing claims securely between two parties.

  • Rest API with authentication and authorization.