Output Normalization and Compliance IDs - Amazon AWS Edition

Summary

In an effort to normalize the output from the compliance plugins, and provide a consistent identifier for the output, we are releasing a patch to the Amazon AWS compliance plugin that makes the following improvements:

• ID generation is more consistent between audits.
• All results should have a policy value reported.
• The majority of results should have actual value or error reported.
• Default variables are updated in custom audit uploads.
• Debug log is more verbose with the description and result of each check, and wrapped with a start and end time.

Potential Impacts:

Any customers that rely on exact content matches of actual values by using third party tools or custom audit files may have failed results following the update. This would include customers that use the known good functionality from tools that provide baseline or gold image auditing.

Tenable Plugins

• 72426 - Amazon AWS Compliance Checks

Target Release Date

April 5, 2021

Additional Notes:

In the upcoming quarters we will be releasing more detailed updates to each compliance plugin.

Tenable Research Release Highlights are posted in advance of significant new releases or updates to existing plugins or audit files that are important for early customer notification.