Mphasis Stelligent Releases Cfn_nag in AWS Marketplace
Provides a Simple Way to Audit AWS Cloudformation Templates Before Deploying AWS Infrastructure
Mphasis Stelligent, a technology services company specializing in DevOps automation on Amazon Web Services (AWS), announced that it has published its popular open-source cfn_nag security scanning tool as an official Amazon Machine Image (AMI) in AWS Marketplace.
Cfn_nag has been widely used within the DevOps community for years, discussed in podcasts, favored in technical articles, and shared in public presentations by experts across the industry. Today, Stelligent is bringing cfn_nag to a wider group of users, targeting enterprise customers who operate in highly secure environments and need to use resources provided directly by other security-focused enterprises.
Cfn_nag allows DevOps automation engineers to check their infrastructure-as-code for common security problems before that code is used to change anything in their AWS accounts. Highlights include checking to ensure encryption is enabled whenever possible, ensuring access logs are enabled, and avoiding security groups that are too open or IAM rules that are too permissive. The cfn_nag AMI in AWS Marketplace can be used to scan AWS CloudFormation templates early in deployment pipelines, ensuring those security checks are automatically made well before changes get to production environments.
The cfn_nag AMI is part of Stelligent’s focus on bringing continuous compliance to enterprises. cfn_nag derives from Stelligent’s core mission to automate the end-to-end development cycle on AWS. For more information on cfn_nag, see Stelligent’s blog post, Finding Security Problems Early in the Development Process of an AWS CloudFormation Template with “cfn-nag”, and https://github.com/stelligent/
AWS is enabling scalable, flexible, and cost-effective solutions from startups to global enterprises. To support the seamless deployment of solutions, AWS established AWS Marketplace to provide a new sales channel for AWS Partner Network (APN) Consulting Partners to sell their solutions to AWS customers. With cfn_nag now readily available in AWS Marketplace, customers can now easily identify security risks before deploying to production.