NSAuditor AI EE 0.13.1: CIS-Hardened-Image Detection Goes LIVE Across AWS, Azure, and GCP
EE 0.13.1 turns the CIS-Hardened-Image credit on Safeguards 4.1 / 4.2 / 4.6 from eligibility-only into observed substrate, across all three major clouds.
NSAuditor AI Enterprise Edition 0.13.1 has shipped, turning the CIS-Hardened-Image credit on Safeguards 4.1 / 4.2 / 4.6 from eligibility-only into observed substrate — detected at scan time across AWS, Azure, and GCP. This is the operational follow-through on the CIS Critical Security Controls v8 introduction that landed in EE 0.13.0, and it lands alongside a new EC2 instance auditor plugin and a CIS density move that flips Safeguard 9.5 Implement DMARC from out-of-scope to partial.
The CIS-Hardened-Image credit becomes observed substrate
EE 0.13.0 introduced the per-Safeguard cisHardenedImageCredit field as eligibility-only — it declared which Safeguards could earn credit, but did not yet check whether the operator was actually running CIS-Hardened OS images. EE 0.13.1 closes the gap. A new pure detection helper (utils/cis_hardened_image.mjs) consumes a structured cisImageInventory feed that the cloud scanners attach to their results, and the engine threads the analysis through opts.cisHardenedImage. The renderer surfaces an observed-vs-eligible status, a per-cloud N-of-M-inspected fleet fraction, an explicit point-in-time / configuration-drift caveat, and the operator-process-still-required caveat that distinguishes substrate evidence from operating effectiveness.
The classifier is deliberately conservative. A cloud Marketplace owner identifier alone never grants credit — the AWS account 679593333241 is the public Marketplace account — so a CIS-specific signal is required. Per-cloud the signals are: an anchored CIS-benchmark AMI name with Marketplace owner corroboration on AWS, an image.publisher of center-for-internet-security-inc or a cis- offer-SKU on Azure, an image.project of cis-public or a cis-* family on GCP, and an org.cis.benchmark.profile label or cisecurity/ registry on Docker. Ambiguous metadata yields no credit. The forward-capability disclaimer that the 0.13.0 release carried drops cleanly when detection fires.
Plugin 1210: the AWS producer for the Hardened-Image feed
EE 0.13.1 ships the twenty-fifth Enterprise plugin: aws-ec2-instance-auditor (1210). It is orthogonal to the existing plugin 1170, which audits the AWS Security Group perimeter policy — 1210 audits the EC2 instances themselves. It enumerates regions through DescribeRegions rather than relying on a default region, so a single-region or zero-instance result degrades to an evidence-gap rather than a silent compliant verdict.
The instance dimensions it surfaces are the ones that matter for both CIS and SOC 2 evidence:
- IMDSv1 enabled — profile-aware severity. With an attached IAM instance profile this is a MEDIUM (container-credential-theft pivot); without an attached profile it is a LOW (configuration drift signal). An IMDSv2 hop-limit greater than one reopens the container-credential-theft path even when v2 is the only enabled mode.
- EBS volume unencrypted — mapped to SOC 2 C1.1 and CIS Safeguard 3.11. Encryption is not key-access: the report surfaces the
KmsKeyIdso the operator can run the existing IAM effective-decrypt pivot in plugin 1110 rather than asserting confidentiality onEncrypted=truealone. - Account default-EBS-encryption disabled — the C1.1 preventive control, analogous to the CIS-AWS-Benchmark 2.2.1 check.
- Public-IP exposure — including IPv6 GUA and secondary-ENI / Elastic-IP attachments that are easy to miss when only looking at the primary interface.
- Instance-store (ephemeral) volume — emitted as an evidence-gap because ephemeral storage is not covered by EBS encryption posture.
- AMI inventory →
cisImageInventory— the Hardened-Image producer feed.
Plugin 1210 was authored against the institutional bar: thread-local SDK instrumentation, zero-data-exfiltration sanitization, throttle and pagination handling, conservative classifier, and the result.ok envelope. It survived three review rounds across five adversarial skill lenses (network-security-audit, CIS Implementation Group perspective, IAM effective permissions, SOC 2 evidence sufficiency, and a brand-new cloud-plugin-false-negatives lens) with every CRITICAL, HIGH, and MEDIUM finding folded in the same session.
Multi-cloud detection end to end
The detection layer only matters if the cloud scanners actually produce the inventory feed it consumes. The Azure scanner (plugin 1022) gains a VM-image-inventory dimension via @azure/arm-compute, listing all VMs and capturing each storageProfile.imageReference; it soft-degrades when the optional SDK is absent, mirroring the existing storage and Key Vault pattern. The GCP scanner (plugin 1021) enumerates instances through InstancesClient.aggregatedList, then resolves each boot disk through DisksClient.get to recover the sourceImage — running GCP instances don’t carry the source image directly. Both clouds attach result.cisImageInventory. The same Hardened-Image detection now fires on AWS plus Azure plus GCP from a single scan.
CIS density: 17 / 21 / 115 to 17 / 22 / 114
EE 0.13.1 routes plugin-1210 findings into existing CIS Safeguards — IMDSv1 and IMDSv2 hop-limit findings into Safeguard 4.6 (Securely Manage Enterprise Assets), public-IP exposure into Safeguard 12.2 (Secure Network Architecture). A separate conservative density pass over all 115 OOS Safeguards surfaced exactly one legitimate count-growth flip: Safeguard 9.5 Implement DMARC moves from OOS to partial, evidenced by the SES auditor’s DMARC posture — the policy-strength field plus SPF/DKIM alignment for SES-managed sending identities. Candidates that would have been tempting to claim (MFA-remote, endpoint, remediation-workflow, host-based intrusion detection, secure SDLC) were correctly left OOS as operator-side. The IG1 cyber-insurance baseline remains UNCHANGED at 23 of 56; the IG2 cumulative cohort moves 36 to 37 of 130, and IG3 cumulative 38 to 39 of 153.
The other five framework matrices — SOC 2 (10 / 4 / 33), HIPAA (7 / 3 / 45), NIST CSF 2.0 (13 / 10 / 83), PCI DSS v4.0.1 (20 / 8 / 39 MVP-67), and ISO/IEC 27001:2022 (17 / 14 / 62) — are UNCHANGED. The cycle is additive plus density-only on CIS.
The four ISO 0.12.1 deferrals close
The cycle also closes the four deferrals carried from the ISO/IEC 27001:2022 introduction in EE 0.12.0. The renderer gains a Major-vs-Minor nonconformity triage matrix gated on the ISO 27001 report path, triaging Annex A findings into candidate Major / Minor / Opportunity-for-Improvement per ISO/IEC 17021-1 — distinct from the seven systemic Clause-absence Major NCs, and with an explicit “your accredited lead auditor makes the final determination” caveat. A 93-control Stage-1 Statement of Applicability template ships as docs/iso-27001-soa-template.csv. A consolidated 93-row 2013-to-2022 migration table is appended to the ISO coverage doc. The expectedOperatingCadence field is backfilled with a controlled vocabulary on all 31 covered and partial controls, and the documentationExpectation field completed.
What the credit is and isn’t
Two operator-visible disciplines bound the framing. First, Hardened-Image credit is point-in-time substrate, not operating effectiveness — a Hardened-Image is evidenced at the scan instant, it does not prove the running configuration stayed hardened across the audit period (drift), nor that every in-scope asset is hardened (the renderer states the inspected-vs-hardened fraction and the per-asset boundary explicitly). It remains INPUT to CSAT or CIS-CAT Pro self-attestation, never a “CIS certification.” Second, encryption is not key-access — an encrypted EBS volume’s confidentiality is bounded by who can kms:Decrypt its CMK, and plugin 1210 surfaces the key ID for the effective-decrypt pivot rather than asserting confidentiality on Encrypted=true alone.
How to install
EE 0.13.1, CE 0.1.76, and the agent-skill 0.1.43 are all live on npm. EE 0.13.0, CE 0.1.75, and agent-skill 0.1.42 have been deprecated with paired-pointer messages.
npm install -g nsauditor-ai@latest @nsasoft/nsauditor-ai-ee@latest nsauditor-ai-agent-skill@latestThe hexa-framework one-scan workflow remains --compliance soc2,hipaa,nist-csf,pci-dss,iso-27001,cis-v8, producing six separate evidence packs from a single scan. Full details and the live CIS Controls v8 coverage matrix are at https://nsauditor.com/ai/docs/cis/ and the enterprise overview at https://nsauditor.com/ai/enterprise/.
