Blackhat Arsenal 2012 Releases: AWS Scout Amazon Web Security Configuration

The scale and variety of Amazon Web Servers (AWS) has created a constantly changing landscape. What was previously managed by enterprise IT groups is now done through a variety of Amazon-based services, leaving many questions concerning the risk and security of these environments unanswered. This presentation will discuss the most common mistakes that we have seen in the field and show you how to audit them using AWS Scout.

Jon Chittenden demoying AWS Scout to Arsenal attendance

Scout is a security tool that lets AWS administrators make an assessment of their environments security posture. Using the AWS API, we can gather configuration data for manual inspection or highlight high-risk areas automatically. Rather than pouring through dozens of pages on the web, we can get an clear view of the attack surface.

Installation & usage could be retrivied from Github’s tool location