How NSAuditor AI Enterprise runs: a local-first, read-only execution model that turns AWS, Azure, and GCP accounts into signed, framework-mapped audit evidence — without sending your cloud data outside your infrastructure. This page is for the security architects and platform engineers who need the details. ← Back to Enterprise overview
The CLI orchestrates plugins that call cloud-provider APIs in read-only mode only. Findings, evidence, and reports are written to a local output directory. Nothing about your environment is transmitted to Nsasoft — this is Zero Data Exfiltration by architecture.
Each scan can run inside an ephemeral Docker container with a read-only root filesystem and CPU/memory limits, so the scanner cannot persist state or reach beyond its mandate.
55 plugins total — 27 in the Community Edition and 28 in the Enterprise Edition. Plugins are selected per scan (--plugins) and each maps its findings to specific framework controls.
Each evidence pack is signed with Ed25519 and carries an RFC 3161 trusted timestamp plus a SHA-256 sidecar, producing tamper-evident, independently verifiable proof for assessors.
The Enterprise license is a signed JWT (ES256) validated offline with no phone-home, stored in the macOS Keychain or a ~/.nsauditor/.env file (mode 0600). Air-gapped friendly.
An MCP (Model Context Protocol) server exposes scan, prioritize, compliance-check, and export tools to AI assistants such as Claude Desktop, with AI providers configurable locally.
Audits run across up to 17 AWS regions per scan (including GovCloud and ISO partitions for FedRAMP scope), with CloudTrail evaluated across 36 canonical regions; Azure via service principal; GCP via service account.
Deep IAM auditing performs breadth-first graph traversal to surface transitive shadow-admin and PassRole paths, effective decrypt paths, and service-account impersonation chains — reachability that flat checks miss.
CVE matching uses an offline NVD feed; a PostgreSQL-backed CTEM store keeps assessment history; findings carry MITRE ATT&CK mapping — all without external calls.
NSAuditor AI Enterprise runs entirely inside your infrastructure. Scan data, findings, reports, and credentials never touch Nsasoft servers. License validation is offline (JWT + embedded public key). We are not a data processor under any regulation.
CLOUD_PROVIDER=aws AWS_REGION=us-east-1 \ nsauditor-ai scan --host aws --plugins 1020,1030,1040,1050,1060,1070,1080,1090,1100,1110,1120,1130,1140,1150,1160,1170,1180,1190,1200 \ --compliance soc2,hipaa --out tasks/aws-scan-out # 1020 S3 · 1030 IAM Deep · 1040 CloudTrail · 1050 API Gateway · 1060 DynamoDB Audit Integrity · # 1070 KMS · 1080 Lambda · 1090 Secrets+SSM · 1100 CodePipeline+CodeBuild · 1110 IAM Decrypt-Path · # 1120 S3 Lifecycle+Replication · 1130 AWS Backup Auditor (12-dim air-gap attestation) · # 1140 AWS RDS Auditor (10 dims — pgAudit + CWL exports + log retention; CC7.2/CC7.3 database audit-logging) · # 1150 AWS SQS/SNS Auditor (7 dims — CloudWatch alarm coverage on SQS ApproximateAgeOfOldestMessage + SNS NumberOfNotificationsFailed; empty-AlarmActions silent-PASS closure) · # 1170 AWS EC2 SG Perimeter Auditor (23 restricted ports — CIS AWS Foundations v3.0) · # 1180 AWS ElastiCache Redis Auditor (kms:DescribeKey promotion + subnet route-table verifier with default-VPC main-RT-inheritance false-NEGATIVE closure; cross-plugin sister of 1170 SG perimeter) · # 1190 AWS SES Email Integrity Auditor (DKIM CNAME DNS resolution + DMARC TXT parser with pct=0 closure + sp override + SES classic API parity; first network-layer cross-reference in the EE evidence baseline). # Run just the headline plugin: --plugins 1130 (SEC 17a-4 / FINRA 4511 ransomware-defense substrate). # Tune VPC-endpoint PAGE_CAP for large fleets: --plugin-opts '{"1130":{"vpcEndpointsPageCap":50}}'
CLOUD_PROVIDER=azure \ AZURE_TENANT_ID=<your-tenant-id> \ AZURE_CLIENT_ID=<sp-app-id> \ AZURE_CLIENT_SECRET=<sp-secret> \ AZURE_SUBSCRIPTION_ID=<subscription-id> \ nsauditor-ai scan --host azure --plugins 022 \ --compliance soc2,hipaa --out tasks/azure-scan-out # Baseline (test subscription): findingCount=2, byStatus pass=6 fail=2 # Maps to: CC6.1 (RBAC Owner / Contributor / User Access Administrator at sub-scope), # CC6.6 (NSG inbound from * / 0.0.0.0/0 / Internet), # C1.1 (Storage defaultAction=Allow, allowBlobPublicAccess=true)
GCP_PROJECT_ID=my-project \ GOOGLE_APPLICATION_CREDENTIALS=/path/to/sa.json \ nsauditor-ai scan --host gcp --plugins 1024 \ --compliance soc2,hipaa --out tasks/gcp-scan-out # Plugin 1024: 6 SOC 2 dimensions — IAM public bindings (CC6.6) · UBLA (CC6.6 + C1.1) · # Object Versioning (C1.1 + A1.2) · Retention Policy / Bucket Lock (C1.1 + C1.2) · # CMEK via Cloud KMS (CC6.1) · Bucket-level access logging (CC7.1). # Full GCP discovery: GCP_PROJECT_ID=my-project nsauditor-ai scan --host gcp --plugins all --compliance soc2,hipaa
GCP_PROJECT_ID=my-project \ GOOGLE_APPLICATION_CREDENTIALS=/path/to/sa.json \ nsauditor-ai scan --host gcp --plugins 1025 \ --compliance soc2,hipaa --out tasks/gcp-iam-scan-out # Plugin 1025 v2: 7 SOC 2 dimensions — Public-member bindings (CC6.1 CRITICAL/HIGH) · # Sensitive-role inventory: 12 predefined roles incl. owner/editor/iam.securityAdmin/serviceAccount* (CC6.1+CC6.6 MEDIUM) · # IAM Conditions classifier on sensitive roles: restrictive CEL = PASS · absent = MEDIUM · vacuous = LOW+evidenceGap (CC6.1). # Run all GCP plugins: GCP_PROJECT_ID=my-project nsauditor-ai scan --host gcp --plugins 1024,1025 --compliance soc2,hipaa
# One per-account dotenv file each — credentials, region, CLOUD_PROVIDER live in the file: nsauditor-ai scan --host aws --env ~/envs/dev.env --compliance soc2 nsauditor-ai scan --host aws --env ~/envs/prod.env --compliance soc2 # Or a named profile from the OS-default ~/.aws/credentials (no .env needed) — implies CLOUD_PROVIDER=aws: nsauditor-ai scan --host aws --aws-profile prod --compliance soc2 # GCP / Azure per-account via --env (key-file path / service-principal vars live in the file): nsauditor-ai scan --host gcp --env ~/envs/gcp-prod.env --compliance soc2,cis-v8 nsauditor-ai scan --host azure --env ~/envs/azure-prod.env --compliance soc2 # --env is a dotenv (KEY=value) file; for ~/.aws/credentials (multiple profiles) use --aws-profile. # Missing --env file = hard error (fail-fast — never silently audit the wrong/empty account). # On a sentinel host, --plugins all AUTO-SCOPES to that cloud's plugins (other clouds + non-cloud skipped + logged). # Your license is resolved independently of --env — no key needed in the per-account file.
# Audit one region, a comma-separated list, or EVERY account-enabled region. The regional auditors # (security groups, EC2, RDS, KMS, Lambda, DynamoDB, Backup, SQS/SNS, SES, Inspector/GuardDuty, CloudTrail, …) # run in every in-scope region; S3 resolves each bucket's own region — closing cross-region false-cleans. nsauditor-ai scan --host aws --plugins all --aws-region us-east-1 --compliance soc2 nsauditor-ai scan --host aws --plugins all --aws-region us-east-1,eu-west-1,ap-southeast-2 --compliance soc2 nsauditor-ai scan --host aws --plugins all --aws-region all --compliance soc2 # Precedence: --aws-region › AWS_REGION › single-region default. No flag = one region (and the report # discloses the unscanned regions); pass --aws-region all for full coverage. Unknown region = fail-fast. # In Claude Desktop, ask for "all regions" — coverage is batched by region group to fit the ~60s tool-call limit.
# @nsasoft/nsauditor-ai-ee is a private (restricted) package. # Use the npm read-token delivered with your license email. npm config set //registry.npmjs.org/:_authToken npm_xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx # Or, project-scoped, in an .npmrc file echo "//registry.npmjs.org/:_authToken=npm_xxxx..." >> ~/.npmrc
# Free Community Edition (nsauditor-ai) is the 27-plugin base. # The Enterprise package (@nsasoft/nsauditor-ai-ee) installs on top, adding 28 cloud plugins → 55 total once licensed. npm install -g nsauditor-ai@latest @nsasoft/nsauditor-ai-ee@latest # Driving NSAuditor from an AI agent or Claude Desktop? Add the agent skill — it teaches the # agent NSAuditor's MCP tools, schemas, plugins and audit workflows (knowledge only; the MCP # server above still does the scanning): npm install -g nsauditor-ai-agent-skill@latest # • Claude Desktop: Settings → Skills → Create skill → Upload a skill, and upload SKILL.md. # • Claude Code / Cursor / Windsurf: copy the package's SKILL.md folder into the agent's skills dir. # Docs: https://www.npmjs.com/package/nsauditor-ai-agent-skill
# CE 0.2.19+ verifies the JWT signature before persisting # and stores the key in macOS Keychain (or ~/.nsauditor/.env mode 0600 on Linux/Windows). nsauditor-ai license install enterprise_eyJhbGciOiJFUzI1NiIs... ✓ Enterprise license installed Stored at: macOS Keychain (service=nsauditor-ai) Org: you@example.com Seats: 5 Expires: 2027-04-04T... # CI/CD alternative: env var still works (highest priority in the multi-source loader) export NSAUDITOR_LICENSE_KEY=enterprise_eyJ...
nsauditor-ai license --status ✓ Enterprise license active | Org: you@example.com | Seats: 5 | Expires: 2027-04-04 nsauditor-ai license --capabilities ✓ intelligenceEngine ✓ riskScoring ✓ complianceEngine ✓ cloudScanners ✓ zeroTrust ✓ dockerIsolation
# Dual-framework SOC 2 + HIPAA §164.312 audit in one scan — both evidence packs from the same findings nsauditor-ai scan --host aws --plugins all \ --compliance soc2,hipaa
--compliance soc2 or --compliance hipaa. For per-cloud and on-prem recipes, see the Cloud audit samples section below.AWS security groups + IAM, GCP firewall rules + IAM bindings, Azure NSGs + RBAC. Uses your own credentials — nothing touches Nsasoft.
Map findings to NIST CSF, CIS Controls, HIPAA Security Rule, GDPR Art. 32, and PCI DSS. Gap reports with evidence references.
Each scan runs in an ephemeral container — isolated, parallel, destroyed after completion. Read-only filesystem with resource limits.
Evaluate segmentation boundaries, encryption-in-transit, identity posture, and lateral movement risk. Composite readiness score.
Docker images (amd64 + arm64), offline NVD feed bundles, and installation tarballs. Runs in fully isolated networks.
Data classification (public / internal / sensitive / secret), external call guard, policy-based redaction, and full audit logging.
PostgreSQL backend, unlimited scan history retention, query API for historical analysis, and compliance dashboards.
The foundational S3 bucket-security auditor. The effective-public-exposure model: missing or partial PublicAccessBlock now escalates to MEDIUM (a guardrail gap, not current exposure), and top severity is reserved for confirmed-public via bucket policy OR a new GetBucketAcl check that completes the ACL × policy × PAB join. A public AllUsers / AuthenticatedUsers grant is top-severity unless the PAB IgnorePublicAcls neutralizes it (then LOW). Closes a public-via-ACL false-negative class while fixing the false-positive class — live-revalidated against a real prod account (12 top-severity findings → 11 verified not-public + 1 genuinely-public policy). Maps to CC6.6 + C1.1.
Third leg of the cloud-storage audit triad, completing the multi-cloud picture alongside plugin 1020 (AWS S3) and plugin 1022 (Azure Storage). Audits across 6 SOC 2 substrate-evidence dimensions: Bucket-level IAM public bindings (CC6.6 — allUsers = CRITICAL zero-trust bypass; allAuthenticatedUsers = HIGH Google-account-trust bypass; co-existence surfaces both findings with merged evidence), Uniform Bucket-Level Access (CC6.6 + C1.1 — enforces IAM as single source of truth, no legacy ACL surface; disabled = MEDIUM), Object Versioning (C1.1 + A1.2 — accidental object deletion reversibility; disabled = MEDIUM), Retention Policy / Bucket Lock (C1.1 + C1.2 — three-tier: missing = MEDIUM, unlocked = MEDIUM, locked = PASS; SEC 17a-4 / FINRA 4511 WORM alignment), CMEK via Cloud KMS (CC6.1 — four-tier key-custody ladder matching plugin 1140 RDS pattern; full-format 6-segment Cloud KMS resource-path regex gates PASS tier; malformed reference = LOW + evidenceGap per conservative_classifier_principle), and Bucket-level access logging (CC7.1 — missing = MEDIUM; separate destination bucket = PASS; self-logging = INFO + walkthroughRequired). _callGcsWithInstrumentation wraps GCS API calls with AccessDenied counter + throttle-retry + wall-budget (Thread H equivalent). ZDE — only GCS-public-namespace identifiers (bucket names, KMS paths) propagate to findings; operator labels never read. 20 new soc2.json titlePattern entries (5 CC6.6 + 3 CC6.1 + 2 CC7.1 + 5 C1.1 + 3 C1.2 + 2 A1.2). 101 new tests across 17 suites. Maps to CC6.1 + CC6.6 + CC7.1 + C1.1 + C1.2 + A1.2.
GCP counterpart to plugin 1030 AWS IAM Deep Auditor at the project boundary — audits the full GCP project IAM policy surface across 7 SOC 2 substrate-evidence dimensions (v2 scope). v1 dims (3): Project IAM public-member bindings (CC6.1 — allUsers CRITICAL / allAuthenticatedUsers HIGH); Sensitive-role inventory of 12 predefined roles (CC6.1 + CC6.6 MEDIUM); IAM Conditions classifier (CC6.1 — restrictive CEL = PASS; absent = MEDIUM; vacuous = LOW + evidenceGap). v2 dims (4): Custom-role permission audit (CC6.1 — wildcard * sentinel = CRITICAL; 16-entry admin-equiv allowlist intersection = HIGH); Service-account key custody (CC6.1 + C1.1 — user-managed long-lived keys = HIGH; per-SA keysFetchError propagation for audit-principal partial-permission scenarios); Service-account impersonation graph BFS (CC6.1 — 4-hop cycle-safe traversal of 3 canonical impersonation roles; 2-hop = HIGH, 3+ hop = CRITICAL; project-scope fan-out bindings classified as CRITICAL _CAT_SA_IMPERSONATION_PROJECT_SCOPE — a real GCP privesc class missed by per-SA-only inventory); Org Policy constraint enumeration (CC6.6 + C1.1 — 4 sensitive constraints incl. iam.disableServiceAccountKeyCreation; explicit reset detection). NEW utils/gcp_auth.mjs shared helper for GOOGLE_IMPERSONATE_SERVICE_ACCOUNT credential chain (keyFile / ADC / ADC+impersonation). 33 soc2.json titlePattern entries total (11 v1 + 22 v2 across CC6.1 + CC6.6 + C1.1). +180 new tests this cycle (5715/5715). Maps to CC6.1 + CC6.6 + C1.1.
Transitive shadow-admin path detection — including PassRole privesc and group-inherited cross-principal chains. Every finding carries a verifiable [via policy: ARN] evidence trail with partialProvenance / provenanceComplete completeness signals for SOC 2 Type-II auditors.
Audits CloudTrail trail health (multi-region default-ON across 36 canonical AWS regions, log-file validation, KMS-CMK, IsLogging), CloudWatch alarm coverage against CIS AWS Foundations Benchmark v1.5 §3.1–3.14 via the v2 metric-filter audit, AWS Config recorder + Organizations ConfigurationAggregator detection with deterministic STS account-coverage cross-reference, and cross-account S3 trail-destination WORM verification (Object Lock + Versioning + MFADelete per trail bucket) for SEC 17a-4 / FINRA 4511 retention evidence. Closes SOC 2 CC7.2 + CC7.3.
First entry-point evidence plugin for AWS Serverless-Framework deployments. Audits REST APIs (v1) + HTTP APIs (v2): per-method/route authorization classifier (NONE = CRITICAL, AWS_IAM / Cognito / JWT = PASS, JWT-with-wildcard-audience = INFO with IdP issuer/audience evidence, Lambda authorizer = INFO with manual-verification prompt), TLS policy with worst-policy tracking across mixed-config v2 domains (TLS_1_0 = HIGH), stage-level access logging, throttling (A1.2), and WAF association. SOC 2 mapping: CC6.1 + CC6.6 + CC6.7 + CC7.1 + A1.2.
The "audit-the-auditor" plugin — answers the question every Type-II auditor asks after the entry-point one: can the audit record itself be tampered with? Per-table PITR + deletion protection (worst-case CRITICAL "audit record itself not survivable" when both missing). KMS-CMK classifier with conservative LOW-unverifiable posture on :key/UUID ARN shapes (a deterministic PASS/MEDIUM when plugin 1070 is in the same scan). Resource-policy presence audit via the 2024 GetResourcePolicy API with soft-degrade. CloudTrail DynamoDB data-event coverage cross-reference (orthogonal composition with plugin 1040). Matrix shift: PI1.5 (Stored items) moves out-of-scope → partial. Mapping: CC6.6 + CC7.1 + C1.1 + PI1.5.
Validates cryptographic boundary integrity and key governance. Per-key rotation status (customer-managed CMKs flagged MEDIUM when rotation disabled; AWS-managed keys correctly identified as not-applicable). Wildcard-principal classifier across 5 severity tiers: CRITICAL unconditional kms:* takeover; HIGH for sensitive actions; INFO read-only-only; PASS no-wildcard. Coverage spans Principal.AWS / Federated / Service / CanonicalUser shapes + case-insensitive AWS/action matching + NotPrincipal-Allow + NotAction-Allow + glob-action coverage. Exports _describeKeyManager() helper consumed by plugin 1060. Maps to CC6.3 + C1.1. 77 new tests.
Runtime EOL detection (institutional-CRITICAL when Lambda returns EOL runtime like nodejs16.x / python3.7; case-normalized at boundary per aws_string_case_normalization), public function-URL exposure, resource-policy permissive principals, environment-variable secret-suggestive name detection (ZDE-safe: secret VALUES never inspected — only names + presence), VPC configuration, KMS-CMK vs AWS-managed key custody, dead-letter queue + reserved concurrency posture. Maps to CC6.1 / CC6.6 / CC7.1 / C1.1.
Secrets Manager ListSecrets + DescribeSecret (rotation enabled/disabled, last-rotated cadence, KMS-CMK vs AWS-managed key custody, tag-driven prod-tier classification). SSM Parameter Store DescribeParameters (String vs SecureString classification with secret-suggestive name detection, KmsKeyId presence on SecureStrings). ZDE-critical: scanner NEVER calls GetSecretValue / GetParameter — only Describe* / List* metadata APIs; verb-prefix denylist regex enforces this at SDK boundary. Maps to CC6.1 / CC6.6 / C1.1.
Pipeline source-stage encryption (KMS-CMK presence), CodeBuild privilegedMode detection (HIGH for non-Docker-image builds), buildspec inlined-vs-S3 (configuration drift surface), secrets passed via environment variables vs Secrets Manager reference, IAM role least-privilege via wildcard-Action detection, S3 artifact-store encryption. EE-RT.9.1 runtime-state audit: stale-execution detection — pipeline's latest execution older than configured cadence isn't actively defending the build path. Maps to CC6.1 / CC7.1 / CC8.1 / C1.1.
Cross-plugin reconciler: walks IAM policies for kms:Decrypt / kms:ReEncrypt* / kms:GenerateDataKey grants then cross-references against destination KMS key policies (plugin 1070) to compute the effective decrypt path. Closes the institutional NotAction-implicit-decrypt false-PASS class (Allow + NotAction:[...] + Resource:* over-grants decrypt implicitly). EE-RT.10.1 cross-plugin sister-fix in plugin 1030 case-normalizes Effect+Action discriminators. Maps to CC6.1 / CC6.6 / C1.1 / C1.2.
S3 lifecycle policy enumeration (CC7.1 retention-cadence evidence) + cross-region replication topology (A1.2 disaster-recovery substrate). EE-RT.4.1 adds cross-region destination-bucket reachability verification (closes silent-PASS class where replication source FAILED but emitted clean — destination IAM denial or missing bucket now surfaces explicitly). Maps to C1.1 / C1.2 / A1.2.
The largest single-plugin institutional-hardening arc in the EE codebase: ~7800 lines across 18 sessions / 25 commits / 545 plugin tests, with 19 R2-strict recurrence-class same-session closures catalogued in 4 institutional-memory artifacts. Audits the AWS Backup substrate end-to-end: Plans + Vaults + Recovery Points + Selections + Frameworks + Restore Testing + ReportPlans + Legal Holds + VaultType + Vault Tags + Vault Access Policy. Headline capability: 12-dimension air-gapped vault attestation arc for LogicallyAirGappedBackupVault resources — 6 cryptographic-isolation mechanisms (vault TYPE air-gapped + ARN account-segment-separation + destination KMS key-policy clean + destination KMS Grants clean + MRK-replica topology clean + source-account VPC-endpoint policy clean) PLUS 6 substrate dimensions (PITR / retention / encryption / RestoreTesting / Legal Holds / vault Access Policy). Cross-service SDK integration (KMS / EC2 / Config / Backup). 74 new soc2.json titlePatterns across CC6.3 + CC6.6 + CC7.1 + CC8.1 + C1.1 + C1.2 + A1.2. Substantially closes the previously-documented A1.2 "Backup/recovery posture itself" ransomware-defense gap (SEC Rule 17a-4 / FINRA 4511).
The single most-asked-about audit substrate after S3, with 7 SOC 2 substrate-evidence dimensions. Multi-AZ deployment (A1.2 availability), storage encryption at rest with KMS-key custody classification (C1.1 confidentiality — four-tier severity ladder), parameter-group SSL enforcement (C1.1 transit encryption — detects both postgres rds.force_ssl and mysql require_secure_transport), backup retention period (A1.2 cadence — operator-tunable 1–35 days; default ≥7 institutional baseline), public accessibility (CC6.6 perimeter — cross-plugin sister to plugin 1170), IAM database authentication (CC6.1 password-less auth on mysql/postgres/mariadb/aurora-variants), and snapshot encryption via DescribeDBSnapshots with explicit IncludeShared=false + IncludePublic=false (C1.1 cross-cycle). Headline v2 capability: kms:DescribeKey cross-reference promotes UNVERIFIABLE :key/UUID ARN shapes to deterministic PASS (KeyManager=CUSTOMER) or MEDIUM (KeyManager=AWS) — closes the v1 fixture-design gap without compromising the conservative_classifier_principle (AccessDenied / NotFound / unknown KeyManager still leaves at LOW). 18 new soc2.json titlePattern entries across A1.2 + C1.1 + CC6.1 + CC6.6. 103 tests total (51 v1 + 52 v2). Maps to A1.2 + C1.1 + CC6.1 + CC6.6.
First multi-service plugin in the EE codebase — SQS + SNS bundled because they share the same auth surface, region scoping, and SOC 2 control coverage. Audits queues + topics across 5 SOC 2 substrate-evidence dimensions: SQS encryption at rest (C1.1 — four-tier severity ladder matching plugin 1140's structure with conservative LOW+evidenceGap on :key/UUID ARN form), SQS transit-encryption policy (CC6.6 — analyzes Policy for aws:SecureTransport=false Deny defense-in-depth), SNS topic encryption at rest (C1.1 — SNS has no managed-SSE equivalent so absent = HIGH), SNS topic-policy permissive-Principal classifier (CC6.6 — full institutional posture with NotAction-Allow + NotPrincipal-Allow + Resource-scope filtering; severity CRITICAL unconditional-wildcard → HIGH conditional-wildcard → PASS no-wildcard), and SQS dead-letter queue presence (A1.2 availability + CC7.1 anomaly-detection, dual-mapped — missing DLQ is the canonical silent-message-loss class for event-driven architectures). 11 new soc2.json titlePattern entries. 95 new tests. First EE plugin to ship without a smoke-time SDK hotfix — institutionalized pre-implementation checklist now adds optionalDependencies entries preemptively. Maps to C1.1 + CC6.6 + A1.2 + CC7.1.
Audits VPC endpoint coverage for AWS-service traffic kept off the public internet. Enumerates interface endpoints (com.amazonaws.region.svc) and gateway endpoints (S3 + DynamoDB) across the audited regions. Endpoint-policy permissive-Principal classifier (wildcard "*" / {"AWS":"*"} / NotPrincipal-Allow shapes), private-DNS posture for interface endpoints (private resolution prevents accidental public-DNS fallback), and route-table attachment verification for gateway endpoints. Closes the silent class where data-plane traffic to AWS services is routed via the public internet despite a hardened SG perimeter. Maps to CC6.6.
Orthogonal evidence to plugin 1023 zero-trust-checker: 1023 reads OBSERVED open ports from prior network probes; 1170 reads DECLARED SG policy via DescribeSecurityGroups. The pair gives Type-II auditors complete coverage of "is this port reachable, and is it supposed to be?" RESTRICTED_PORTS spans 23 ports per CIS AWS Foundations Benchmark v3.0 — including Redshift (5439), Kubernetes API server (6443), etcd (2379-2380), Kibana (5601), InfluxDB (8086), Kafka (9092), Consul (8500), ZooKeeper (2181), HashiCorp Vault (8200). New opts.additionalRestrictedPorts operator-config (integer-validated 0-65535 + deduped) lets tenants extend the list with custom ports. Per-SG cardinality cap (_USER_GROUP_DISPLAY_CAP=10) with rollup trailer defends against finding-size DoS on 1000+ SG accounts. System-managed-SG name-prefix exclusion list (ElasticMapReduce-, eks-cluster-sg-, AWSServiceRole, awseb-) excludes AWS-service-controlled non-deletable SGs from orphan-detection. 6 audit dimensions: IPv4 0.0.0.0/0 ingress to RESTRICTED_PORTS (CC6.6, CRITICAL), IPv6 ::/0 sibling (CC6.6, CRITICAL), all-protocol (-1) ingress (CC6.6, CRITICAL with SG-scope suppression), public ingress to non-restricted ports (INFO + walkthroughRequired), egress 0.0.0.0/0 (INFO substrate), orphan SGs (CC6.2 governance). 10 new soc2.json titlePattern entries total (v1+v2). 110 tests total (54 v1 + 56 v2). Maps to CC6.2 + CC6.6.
First plugin in the 1170-1180 ID range. Closes the canonical cache-tier SOC 2 evidence gap — sister plugin to 1140 RDS for the database tier. Audits Redis clusters across 6 SOC 2 substrate-evidence dimensions: transit encryption (C1.1 — TransitEncryptionEnabled wraps RESP in TLS for client → cluster + primary → replica; cannot be toggled in place), at-rest encryption with KMS key custody (C1.1 four-tier ladder: HIGH unencrypted → MEDIUM AWS-owned-default → MEDIUM alias/aws/elasticache → PASS customer-managed CMK + LOW+evidenceGap on :key/UUID ARN form per conservative_classifier_principle), Redis AUTH / IAM-auth user groups (CC6.1 + CC6.2 — UserGroupIds for Redis 7+ ACL replace long-lived AUTH passwords; cross-plugin sister with plugin 1170 SG-perimeter audit), Multi-AZ deployment (A1.2 availability), SnapshotRetentionLimit cadence (A1.2 — ≥7 days default, operator-tunable 1-35), and subnet placement (CC6.6 perimeter — INFO+walkthroughRequired on default subnet group per conservative-classifier discipline). Dual-API enumeration with inter-API dedup: DescribeReplicationGroups + DescribeCacheClusters covers both replication-group + standalone surfaces; CacheClusters with ReplicationGroupId set are skipped. _ELASTICACHE_SUPPORTED_ENGINES = Object.freeze(new Set(["redis"])) — Memcached out-of-scope by design (no native AUTH; no transit encryption substrate). 16 new soc2.json titlePattern entries (4 CC6.1 + 1 CC6.6 + 5 A1.2 + 8 C1.1). 41 new tests. Third EE plugin to ship without a smoke-time SDK hotfix — preemptive @aws-sdk/client-elasticache (1150 + 1170 + 1180 all shipped without hotfix; now institutional discipline). Maps to C1.1 + CC6.1 + CC6.2 + CC6.6 + A1.2.
First plugin in the 1190-1199 ID range. Closes the canonical email-integrity SOC 2 evidence gap — AWS SES is the dominant transactional + marketing + bulk-email substrate for B2B SaaS workloads. Sister plugin to 1180 ElastiCache Redis (cache tier) + 1140 RDS (database tier) + 1170 SG Perimeter (network tier). Audits SES across 6 SOC 2 substrate-evidence dimensions: DKIM enablement + signing status (CC6.1 / Privacy — HIGH on SigningEnabled=false breaks SPF/DKIM/DMARC trust-chain; 5-enum classifier with PENDING/TEMPORARY_FAILURE/NOT_STARTED → INFO+walkthroughRequired, FAILED → MEDIUM DNS drift, unknown → LOW+evidenceGap per conservative_classifier_principle), custom MailFrom domain alignment (Privacy substrate — INFO+walkthroughRequired on default amazonses.com because DMARC strict alignment impossible without custom MailFrom; PASS on custom + Status=SUCCESS), configuration set TLS enforcement (C1.1 — REQUIRE=PASS (messages REJECTED if no STARTTLS), OPTIONAL=HIGH (silent SMTP-downgrade-attack window — network-layer adversary strips STARTTLS from EHLO, forcing cleartext delivery of message body + headers)), identity sending authorization policy permissive principals (CC6.6 — multi-class wildcard detector covers "*" + {AWS:"*"} + {Service:"*"} + {Federated:"*"} + {CanonicalUser:"*"} + array forms; distinct HIGH category ses-sending-auth-notprincipal-allow catches NotPrincipal+Effect=Allow wildcard-EQUIVALENT class per R-CRITICAL-1 fold; LOW+evidenceGap on malformed statements missing Effect field per R-HIGH-2 fold), dedicated IP pool sending posture (CC7.1 substrate, account-level), and suppression list state (CC7.1 deliverability substrate — INFO on count + reason distribution only). ZDE-CRITICAL invariant: NEVER reads suppressed-destination email addresses — count + reason only; verified at run() envelope boundary via sentinel-string assertion per R-LOW-8 fold. 8 new soc2.json titlePattern entries (3 CC6.1 + 3 CC6.6 + 2 C1.1). 116 tests across 29 suites. 11 same-session reviewer folds — ties the single-cycle record. Fourth EE plugin to ship without a smoke-time SDK hotfix (preemptive @aws-sdk/client-ses + @aws-sdk/client-sesv2 in optionalDependencies — plugins 1150, 1170, 1180, 1190 all shipped without hotfix). Maps to CC6.1 + CC6.6 + C1.1.
First EE plugin to audit AWS managed-threat-detection substrates. Produces the foundation-layer evidence SOC 2 auditors expect under CC7.1 (detection procedures) and CC7.2 (monitoring of system components for anomalies). A SOC 2 evidence pack without GuardDuty signal has no AWS-native anomaly-detection stream — credential-exfiltration attempts, cryptocurrency-mining indicators, malicious-IP communication, and reconnaissance patterns all go unobserved. A pack without Inspector2 signal has no managed CVE-detection coverage on the compute surface (EC2 AMIs, ECR images, Lambda functions). Plugin 1200 audits enablement state across 4 SOC 2 substrate-evidence dimensions: GuardDuty Detector enablement (CC7.1 — flags any audited region with no GuardDuty Detector configured; HIGH on absence), GuardDuty protection-feature coverage (CC7.1 — checks each Detector against the institutional baseline of S3 data events / EKS audit logs / EBS malware protection / RDS login events / Lambda network logs / runtime monitoring; MEDIUM on each missing baseline feature with explicit name in the finding details), Inspector2 enablement (CC7.2 — flags accounts where Inspector2 is not enabled, suspended, or disabled; HIGH on absence), and Inspector2 scan-target coverage (CC7.2 — confirms the institutional baseline resource types EC2 / ECR / Lambda are all enabled for scanning; HIGH on zero coverage, MEDIUM on partial with the disabled list in finding details). For each dimension, plugin 1200 distinguishes auditor-side IAM gaps (the auditor role lacks the GuardDuty or Inspector2 read permission) from genuine service-side absence, so remediation paths are unambiguous. Conservative classification — ambiguous AWS-SDK responses emit LOW+evidenceGap with a walkthrough prompt, never silent-PASS. Case-insensitive enum handling at the SDK boundary defends against case variation across SDK versions. Zero data exfiltration — findings carry only AWS-public-namespace identifiers (Detector IDs, region, status enums); operator-supplied tags / descriptions are never read. Soft-degrade — GuardDuty and Inspector2 SDKs load independently; failure of one does not block the other. 7 new soc2.json titlePattern entries (4 CC7.1 + 3 CC7.2). Maps to CC7.1 + CC7.2.
Multi-region EC2 + EBS instance-level coverage via DescribeRegions (single-region fallback emits an evidence-gap, never silent-PASS). IMDSv1 detection + IMDSv2 hop-limit > 1 with profile-aware severity (CC6.1), EBS volume unencrypted + account default-EBS-encryption disabled (C1.1 + CIS 3.11), public-IP exposure including IPv6 GUA + secondary-ENI / EIP (CC6.6), instance-store evidence-gap, and AMI inventory → cisImageInventory producer — the enablement substrate for CIS-Hardened-Image substrate-evidence credit across the CIS v8 mapping (Safeguards 4.1 / 4.2 / 4.6). Survived 3 review rounds across 5 adversarial skill lenses. Maps to CC6.1 + CC6.6 + C1.1.
First dedicated Azure auditor beyond the multi-purpose plugin 1022. Owns the Azure Storage Account encryption-at-rest + encryption-in-transit + authorization-mode surface across 7 dimensions: HTTPS-only transit (enableHttpsTrafficOnly), minimum TLS version, Shared Key authorization (allowSharedKeyAccess), infrastructure double encryption (requireInfrastructureEncryption), customer-managed-key reachability + rotation (encryption.keyVaultProperties — verifies key access, not just key reference), blob recoverability (soft-delete + versioning via blobServices.getServiceProperties), and per-container anonymous public access (account-toggle-aware via blobContainers.list). Deliberately non-overlapping with plugin 1022's network-exposure dims — mirrors the AWS 1020+1120 two-plugin S3 split. Maps to CC6.1 + CC6.7 + C1.1 + C1.2 + A1.2.
Azure NSG perimeter analysis at AWS-1170 parity. Evaluates each NSG's inbound rules in Azure priority order (first-match-wins; DenyAllInbound default) across 5 dims: all-protocol (*) public Allow, public-source to RESTRICTED_PORT (SSH/RDP/MSSQL/MySQL/Postgres/Redis/Memcached/MongoDB/Elasticsearch/CouchDB/SMB/WinRM/Oracle/Docker/Kubelet), ::/0 IPv6-wildcard to a restricted port (the dimension 1022's flat lint misses), public→non-restricted INFO substrate, and PASS substrate. Attachment-aware severity via nsg.subnets[] / networkInterfaces[] back-references — attached permissive = EFFECTIVE exposure; orphaned = LATENT. UDP transport lane with 27-port set (RADIUS 1812/1813 + legacy 1645/1646, L2TP 1701, SIP 5060, mDNS 5353, RIP 520, XDMCP 177, chargen 19) for auth backplanes / VPN endpoints / amplification vectors. Effective priority + deny-override resolution; service-tag / ASG-source normalization. Maps to CC6.6.
Third dedicated Azure auditor (after 1220 storage + 1221 NSG). The Key Vault analog of how plugin 1221 deepens plugin 1022's flat NSG dim. Enumerates each vault's keys, role assignments, and diagnostic settings across 5 dimensions: key auto-rotation policy, key expiry (epoch-s/ms/Date/string coerced), diagnostic logging → Log Analytics via @azure/arm-monitor, privileged-access depth (RBAC roleAssignments admin/data-plane/scope-aware tiering + legacy accessPolicies export/wide-crypto breadth + custom-role resolution via roleDefinitions.getById so custom RBAC roles granting KV wildcards are no longer a silent PASS), and HSM-backing software-vs-HSM key.kty discrimination (FIPS 140-2 Level 2/3 hardening recommendation on RSA / EC software-backed keys). Deliberately orthogonal to plugin 1022's vault-property dims — no double-emission. Secret/cert expiry is a stated data-plane scope boundary. Maps to CC6.1 + CC6.3 + CC7.2 + C1.1.
Extended Model Context Protocol tools for AI assistants: start_assessment, compliance_check, export_report.
See the Enterprise overview, watch the demo, or walk through a real signed evidence pack.