Let's take a look at our report; it appears that Scout Suite has identified a number of issues in our AWS infrastructure, as shown in the following screenshot:
We will take a look at each reported issue one by one.
Let's take a look at the EC2 report. As you can see from the report, all the misconfigurations have been listed from the vulnerable EC2 instance:
If you want to see each issue in more detail, simply click on any issue. Let's take a look at the details of the All ports open to all issue:
Here, we have a much more detailed output of where the misconfiguration lies and why it is an issue.
Now, let's take a look at our S3 bucket report in S3 Dashboard:
As you can see in the preceding screenshot, the tool has successfully identified the vulnerable S3 bucket that we created.
Now, what about our VPC and subnet? There are no critical findings in the VPC service. However, the tool has identified potential threats in the network ACLs of both the VPC and the subnet that we will need to look into:
We can also see that there are some critical findings in the IAM service; let's take a look into that as well:
These findings are very helpful for auditors to identify vulnerable password policies and access management issues. This is also very useful for system administrators to ensure best practices are being followed.
Now let's take a look at how we can use custom rulesets to customize the report in accordance to our needs.