Fork me on GitHub

AWS Security Auditing tools comparison


Created by Scott Piper of Summit Route, an independent AWS security consultant.


Last Update: 2018.10.15

Other research

The goal of this table was to identify if one tool was better than the others to use. The conclusion is that due to the sparsity of the table, that the different auditing tools check different things. In some cases the creators (of which I am one, for CloudMapper) may have different opinions on the usefulness or priority of some of the checks.

I covered all checks of PacBot, Prowler, and Security Monkey, and then only listed whether the other tools had those. I did not list all of the additional checks of CloudMapper, Trusted Advisor, or the default AWS Config Rules.

Sorry for the cell data get's clipped, you'll have to look at the json for the full notes (or send me a PR to fix this).