NSAuditor AI Enterprise Edition 0.4.3 Launches Game-Changing AWS RDS Auditor Plugin for Enhanced Cloud Security Compliance

NSAuditor has taken a significant step forward in its commitment to enhancing cloud security auditing capabilities with the release of the NSAuditor AI Enterprise Edition 0.4.3. This update introduces the highly anticipated plugin 1140, the AWS RDS Auditor, marking the first new addition to the Enterprise Edition since the 0.4.0 cohort. This plugin is set to elevate the auditing process for AWS RDS (Relational Database Service) instances by aligning with three critical SOC 2 substrate dimensions.

Enhancing SOC 2 Compliance with AWS RDS Auditor

The AWS RDS Auditor plugin audits DB instances against key SOC 2 criteria, focusing on availability, confidentiality, and integrity. Specifically, the plugin checks for:

• Multi-AZ Deployment for Availability Evidence (A1.2): Ensures that instances are deployed across multiple availability zones to enhance fault tolerance and service availability.
• Storage Encryption at Rest (C1.1): Validates that storage encryption is in place using KMS-key custody classification, with a four-tier severity ladder that includes a conservative LOW+ evidence gap based on key-UUID ARN shapes.
• Parameter-Group SSL Enforcement (C1.1): Detects the enforcement of SSL for data in transit, specifically focusing on PostgreSQL and MySQL by checking for configurations like rds.force_ssl and require_secure_transport.

RDS is increasingly recognized by SOC 2 Type-II auditors as a crucial substrate in the cloud architecture, second only to S3. With the introduction of plugin 1140, NSAuditor is reinforcing its position as a leader in the compliance and auditing landscape.

Growth in Plugin Offerings and Structural Enhancements

With the addition of plugin 1140, the Enterprise Edition plugin count has grown from 15 to 16. This marks a notable expansion of the NSAuditor’s capabilities, allowing organizations to deepen their evidence collection under existing covered controls, thus promoting institutional honesty in their operations.

In conjunction with the new plugin, the release also includes the EE-RT.13 structural fix that elevates plugin IDs to module-load-time-checked constants. This non-functional refactor eliminates the regression class that previously plagued the plugin-ID-map drift, ensuring a more stable and reliable auditing framework.

Maintaining High Standards with a 100% Green Streak

NSAuditor AI Enterprise Edition continues to demonstrate its reliability with a remarkable 37-session streak of 100% green results in regression testing. The coverage matrix remains unchanged at 10/4/33, indicating that while new functionalities have been added, the core integrity and reliability of existing controls have been preserved.

The recent updates also include an eighth sibling, aws_string_case_normalization, which enhances the functionality of plugin 1110, focusing on IAM Effective Decrypt-Path. This reflects NSAuditor’s ongoing commitment to refining its tools and ensuring comprehensive coverage across the cloud security landscape.

Conclusion

With the release of the AWS RDS Auditor plugin, NSAuditor AI Enterprise Edition has reaffirmed its dedication to providing robust and reliable auditing solutions for organizations navigating the complexities of cloud compliance. As firms increasingly rely on AWS services, the ability to audit RDS instances against critical SOC 2 criteria will empower them to maintain high standards of security and compliance.

As NSAuditor continues to innovate and expand its offerings, it solidifies its role as a trusted partner in the journey toward cloud security excellence.

Sources

• NSAuditor AI Enterprise product page
• NSAuditor AI EE on npm
• AWS RDS encryption documentation
• AICPA Trust Services Criteria