Analyzed
1 day
ago.
based on code collected
2 days
ago.
Project Summary
The cfn-nag tool looks for patterns in CloudFormation templates that may indicate insecure infrastructure. Roughly speaking it will look for:
IAM rules that are too permissive (wildcards)
Security group rules that are too permissive (wildcards)
Access logs that aren't enabled
Encryption that isn't enabled
In a Nutshell, cfn_nag...
- ...
- ...
- ...
-
...
took an estimated 4 years of effort (COCOMO model)
starting with its first commit in February, 2016
ending with its most recent commit almost 2 years ago
Quick Reference
https://github.com/stelligent/cf...
MIT License
Permitted
Commercial Use
Modify
Distribute
Sub-License
Private Use
Forbidden
Hold Liable
Required
Include Copyright
Include License
These details are provided for information only. No information here is legal advice and should not be used as such.
Project Security
Vulnerabilities per Version ( last 10 releases )
There are no reported vulnerabilities
Project Vulnerability Report
Security Confidence Index
Poor security track-record
Favorable security track-record
Vulnerability Exposure Index
Many reported vulnerabilities
Few reported vulnerabilities
Did You Know...
-
...
55% of companies leverage OSS for production infrastructure
-
...
check out hot projects on the Open Hub
-
...
nearly 1 in 3 companies have no process for identifying, tracking, or remediating known open source vulnerabilities
-
...
you can embed statistics from Open Hub on your site
30 Day SummaryApr 14 2024 — May 14 2024
|
12 Month SummaryMay 14 2023 — May 14 2024
|
