Yet Another Testing & Auditing Solution
The goal of YATAS is to help you create a secure AWS environment without too much hassle. It won't check for all best practices but only for the ones that are important for you based on my experience. Please feel free to tell me if you find something that is not covered.
YATAS is a simple and easy to use tool to audit your infrastructure for misconfiguration or potential security issues.
No details | Details |
---|---|
![]() |
![]() |
brew tap padok-team/tap
brew install yatas
yatas --init
Modify .yatas.yml to your needs.
yatas --install
Installs the plugins you need.
yatas -h
Flags:
--details
: Show details of the issues found.--compare
: Compare the results of the previous run with the current run and show the differences.--ci
: Exit code 1 if there are issues found, 0 otherwise.--resume
: Only shows the number of tests passing and failing.--time
: Shows the time each test took to run in order to help you find bottlenecks.--init
: Creates a .yatas.yml file in the current directory.--install
: Installs the plugins you need.--only-failure
: Only show the tests that failed.Plugins | Description | Checks |
---|---|---|
AWS Audit | AWS checks | Good practices and security checks |
Markdown Reports | Reporting | Generates a markdown report |
You can ignore results of checks by adding the following to your .yatas.yml
file:
ignore:
- id: "AWS_VPC_004"
regex: true
values:
- "VPC Flow Logs are not enabled on vpc-.*"
- id: "AWS_VPC_003"
regex: false
values:
- "VPC has only one gateway on vpc-08ffec87e034a8953"
You can exclude a test by adding the following to your .yatas.yml
file:
plugins:
- name: "aws"
enabled: true
description: "Check for AWS good practices"
exclude:
- AWS_S3_001
To only run a specific test, add the following to your .yatas.yml
file:
plugins:
- name: "aws"
enabled: true
description: "Check for AWS good practices"
include:
- "AWS_VPC_003"
- "AWS_VPC_004"
You can get the error logs by adding the following to your env variables:
export YATAS_LOG_LEVEL=debug
The available log levels are: debug
, info
, warn
, error
, fatal
, panic
and off
by default
You'd like to add a new plugin ? Then simply visit yatas-plugin and follow the instructions.
Just a few years ago when the topic of supporting offsite workers arose, some of the key conversation topics were related to purchase, logistics, deployment, maintenance and similar issues. The discussions back then were more like βspecial casesβ vs. todayβs environment where supporting workers offsite (now known as the hybrid workforce) has become a critical mainstream topic.
Now with the bulk of many organizationβs workers off-premise, the topic of security and the ability of a security vendor to help support an organizationβs hybrid workers has risen to the top of the selection criteria.Β In a soon to be released Cisco endpoint survey, itβs not surprising that the ability of a security vendor to make supporting the hybrid workforce easier and more efficient was the key motivating factor when organizations choose security solutions.
Today, when prospects and existing customers look at Ciscoβs ability to support hybrid workers with our advanced security solution set and open platform, itβs quite clear that we can deliver on that promise. But, yes, good tools make it easier and more efficient, but the reality is that running a SOC or any security group, large or small, still takes a lot of work. Most organizations not only rely on advanced security tools but utilize a set of best practices to provide clarity of roles, efficiency of operation, and for the more prepared, have tested these best practices to prove to themselves that they are prepared for whatβs next.
Knowing that not all organizations have this degree of security maturity and preparedness, we gathered a couple of subject matter experts together to discuss 5 areas of time-tested best practices that, besides the advanced tools offered by Cisco and others, can help your SOC (or small security team) yield actionable insights and guide you faster, and with more confidence, toward the outcomes you want.
In this webinar you will hear practical advice from Cisco technical marketing and a representative from our award winning Talos Threat Intelligence group, the same group who have created and are maintaining breach defense in partnership with Fortune 500 Security Operating Centers (SOC) around the globe.
You can expect to hear our 5 Best Practices recommendations on the following topics;
Check out our webinar to find out how you can become more security resilient and be better prepared for whatβs next.
Weβd love to hear what you think. Ask a Question, Comment Below, and Stay Connected with Cisco Secure on social!
Cisco Secure Social Channels