I'm working on an app to display key cloud security posture metrics for our stakeholders. We have a cloud security posture management system that highlights the metrics we care about, but it doesn't support any APIs for integration. I'm wondering if AWS provides a similar service that presents cloud security posture metrics in a numerical format and if it's possible to use an API to obtain the metrics I need for my app in a JSON format. Any insights would be greatly appreciated! Thanks!
2 Answers
Have you checked out AWS Security Hub? It’s specifically designed to help manage cloud security posture and tracks various compliance standards, often using data from tools like Inspector, Config, and GuardDuty to provide metrics in percentage format.
The ability to pull metrics from AWS really depends on what you're looking for. For basic stats like the number of IAM Users, you can definitely get that from AWS APIs. However, for more complex calculations, like finding out how many IAM Users have AdministratorAccess or checking for public S3 buckets, you'll have to do some extra legwork. AWS services like Trusted Advisor can help with security checks too, but watch out for costs! You might want to consider reaching out to the Cyscale account team to see if they offer any custom dashboard features for your needs.
This is super helpful, thank you! Can I reach out if I have more questions?
+1 to that! Security Hub is a solid tool for collating AWS security information.