“NSAuditor AI EE 0.4.6 Launches AWS ElastiCache Redis Auditor Plugin and Expands EC2 Security Features”
“NSAuditor AI EE 0.4.6 Launches AWS ElastiCache Redis Auditor Plugin and Expands EC2 Security Features” — NSAUDITOR AI EE 0.4.6 LAUNCHES NEW PLUGIN AND EXPAND
NSAuditor AI EE 0.4.6 Launches New Plugin and Expands Security Features
NSAuditor, a leading provider of automated security auditing solutions, has announced the release of version 0.4.6 of its Enterprise Edition (EE) software. This update, part of the fourth multi-ship cycle in the 0.4.x release stream, introduces the highly anticipated Plugin 1180, designed specifically for AWS ElastiCache Redis auditing. Additionally, the existing Plugin 1170 for EC2 Security Group (SG) perimeter auditing has been enhanced to accommodate a broader range of restricted ports, in alignment with the CIS AWS Foundations Benchmark v3.0.
Introducing Plugin 1180: AWS ElastiCache Redis Auditor
Plugin 1180 aims to close the evidence gap for the cache-tier under SOC 2 compliance by incorporating six critical substrate dimensions. These dimensions include:
- Transit Encryption: This feature ensures that the Redis Serialization Protocol (RESP) is wrapped in TLS, providing secure data transmission.
- At-Rest Encryption: Utilizing AWS Key Management Service (KMS), the plugin supports a four-tier severity ladder for custody classification of encrypted data.
- Redis AUTH and IAM-auth User Groups: With Redis 7+, users can now manage access control through enhanced ACL features.
- Multi-AZ Deployment: This ensures high availability and fault tolerance for Redis clusters.
- Snapshot Retention Limit Cadence: Regular snapshot management to ensure data integrity and compliance.
- Subnet Placement: Configurable subnet options for optimal network segmentation.
The plugin also introduces dual-API enumeration capabilities through AWS API calls, specifically DescribeReplicationGroups and DescribeCacheClusters, with inter-API deduplication for enhanced efficiency. This positions Plugin 1180 as a sister plugin to the previously released Plugin 1140, which focuses on Relational Database Service (RDS) auditing.
Enhancements to Plugin 1170: EC2 SG Perimeter Auditor
The update to Plugin 1170, now at version 2, expands the list of restricted ports significantly, growing from 13 to 23. This extension introduces additional ports for services such as Redshift, Kubernetes API server, etcd, Kibana, InfluxDB, Kafka, Consul, ZooKeeper, and HashiCorp Vault. Furthermore, a new operator-config knob, opts.additionalRestrictedPorts, allows tenants to customize their restricted ports based on operational needs.
To enhance usability, the plugin now includes a per-SG cardinality cap and a system-managed SG name-prefix exclusion list, making it easier for users to configure their security groups while adhering to best practices.
Quality Assurance and Growth Metrics
This release cycle has set a record for the number of same-session reviewer folds, totaling 10 across the two plugins—more than any previous cycle in the 0.4.x series. Notably, this cycle also identified two CONVERGENT-CRITICAL findings prior to publication, underscoring the robust quality assurance processes in place.
The overall plugin count has grown from 18 to 19, demonstrating NSAuditor’s commitment to expanding its feature set while maintaining a focus on security and compliance. Additionally, the regression testing has returned a green status at 4458/4458, reinforcing the reliability of the updates.
Conclusion
As organizations increasingly turn to cloud-native solutions, the need for comprehensive security auditing tools like NSAuditor becomes crucial. The launch of Plugin 1180 and the enhancements to Plugin 1170 reflect NSAuditor’s proactive approach to addressing security gaps in AWS environments. With a confident growth narrative and a focus on compliance, NSAuditor continues to solidify its position as a leader in automated security auditing.
