Skip to main content

Introduction

Welcome to Documentation of SCCCE.

Overview

What is SCCCE?

SCCCE stands for Security Compliance Checker for Cloud Environments. It aims to reduce the manual work & act as a tool to help auditors to audit the cloud environment

Why we need SCCCE?

Existing Cloud Config Review Workflow is complicated and requires manual work. Two main problems with this is error prone and time consuming. With SCCCE, we aim to automate the process of reviewing the cloud environment and provide a more efficient way to audit the cloud environment.

Expected Functionalities

SCCCE is a tool that helps you to scan your cloud environment for vulnerabilities and misconfigurations.

Hopefully, SCCCE can provide the following functionalities:

  1. List all infrastructure information
  2. Scan for vulnerabilities and misconfigurations
  3. Provide additional tools for scanning and reporting
  4. Ability to enable log monitoring and analysis
    1. Logs collected from cloud provider
    2. Logs parsed to ECS format
    3. Logs stored in ElasticSearch
    4. Logs visualized in Kibana
    5. Logs monitored for anomalies
  5. Ability to enable alerting (TBD)
    1. Alerts on anomalies
    2. Alerts on misconfigurations
    3. Alerts on vulnerabilities

Things you want to know