Scoutsuite

Latest version: v5.13.0

Safety actively analyzes 613460 Python packages for vulnerabilities to keep your Python projects secure.

Scan your dependencies

Page 1 of 6

5.13.0

Changes:

- Core
- Added support for Python versions **>= 3.9**; versions 3.8 and older are no longer recommended and support will not be provided for issues with these versions
- Secret redaction logic improvements
- Multiple error handling improvements
- AWS
- Multiple bugfixes for checks
- Multiple minor corrections for finding templates
- Azure
- Multiple bugfixes for checks
- Multiple minor corrections for finding templates
- Updated **azure-mgmt-authorization** module to v3.0.0
- Added new rules for several Azure CIS Benchmark checks
- GCP
- Multiple bugfixes for checks
- Multiple minor corrections for finding templates

Thanks to all contributors in this release:

FlorinAsavoaie
yaleman
tkmru
elimisteve
rbailey-godaddy
rscottbailey
x4v13r64
twilson-bf
x64-latacora
zachfey
wrightmalone
fl0mb
ncc-akis
saez0pub
HIKster
cckev

5.13.0rc2

5.13.0rc1

5.12.0

Changes:

- Core
- Updated dependencies
- Updated cli parser
- AWS
- Multiple bug fixes and minor improvements
- Updated IP ranges
- Updated rules for CloudFront
- Updated rules for EC2
- Updated rules for ELB
- Updated rules for IAM
- Updated rule for S3
- Updated rule for SQS
- Updated error logging and exception handling
- Improved secrets detection rules
- Added a new command flag that allows to run Scout on CN regions
- Azure
- Upgraded authentication strategies to use latest Azure SDK packages
- Multiple bug fixes and minor improvements
- Added new rules for Azure AD
- Added and updated rules for Azure Storage Account
- Added and updated rules for Networking
- Updated rule for Virtual Machines
- Added new rules for RBAC
- Added and updated rules for Azure SQL Databases, MySQL and PostgreSQL
- Added new rules for Logging and Monitoring
- Added and updated rules for Azure Security Center (now Defender for Cloud)
- Added and updated rules for AppService
- Added new rule for KeyVault
- Updated multiple finding templates
- GCP
- Multiple bug fixes and minor improvements
- Added new rules for GKE
- Added and updated rules for CloudSQL
- Added new rules for BigQuery
- Added new rules for Functions
- Added new rule for CloudStorage
- Updated rule for MemoryStore
- Updated multiple finding templates
- Updated UI
- Docker
- Fixed error in docker_compose.yaml

Thanks to all contributors in this release:

xnkevinnguyen
x4v13r64
SophieDorval
rscottbailey
yash-seclogic
charlietran
tkmru
Anthirian

5.12.0rc1

Changes:
- Upgrade third-party dependencies
- New templates, rulesets
- Authentication MSAL
- Refactorization and improvement of the components for AWS, GCP and Azure


Thanks to all contributors in this release:

5.11.0

Changes:

- Core
- Fixed the `--update` functionality
- Added epilog to the help menu
- Improved unit test coverage
- Updated dependencies for Azure and GCP
- AWS
- Added ARNs for a all resources
- Added support for CloudFront distribution lists, as well as 3 new findings
- Added support for CodeBuild
- Added a finding for SQS queue encryption
- Added a finding for IAM Lightspin vulnerability
- Added a finding for RDS instance public access
- Improved fetching and report for AWS resources
- Bug fixes
- Update botocore version
- Fixed XSS issue in report (Thanks to Liyun Li for reporting it!)
- Azure
- Added 3 findings for VM disks
- Improved report and findings' guidance for Azure resources
- Bug fixes
- GCP
- Created a ruleset for GCP CIS version 1.1 (https://www.cisecurity.org/benchmark/google_cloud_computing_platform/)
- Can be run with the --ruleset `cis-1.1.0.json` parameter
- Added support for a number of resources
- Included the addition of 46 new rules, most of which were added to the default ruleset
- Cloud SQL: 11 new findings
- Cloud Storage: 1 new finding
- Compute Engine: 11 new findings
- Cloud DNS: 3 new findings
- IAM: 2 new findings
- KMS: 2 new findings
- Cloud Logging: 8 new findings
- Cloud Monitoring: 8 new findings
- Added support for Cloud Memorystore, as well as 2 new findings
- Added 1 finding for VPC flow logs
- Improved fetching, report and findings' guidance for GCP resources
- Bug fixes
- Docker
- Updated tooling to current versions
- Pulling in the current version of ScoutSuite

Thanks to all contributors in this release:

- x4v13r64
- liyun-li
- timretout
- yangsec888
- ericrichtert
- 4ndygu
- rossja
- lowSoA
- bigdavros
- json-ncc
- chris-codaio
- SophieDorval
- xnkevinnguyen
- rogeriobastos
- lm-t
- sushantmimani
- rgpncc
- cr-latacora

Page 1 of 6

© 2024 Safety CLI Cybersecurity Inc. All Rights Reserved.