Skip to content

gebalamariusz/cloud-audit

v1.0.0 Feature

This release adds 2 notable features for engineering teams evaluating rollout.

Published 2mo Vulnerability Scanning
✓ No known CVEs patched
Read the diff → Tool health → What is this tool? →

✓ No known CVEs patched in this version

Topics

audit aws aws-audit aws-security cis-benchmarks cli
+13 more
cloud-security compliance devops security iam iac infrastructure-security open-source-security python python-cli security-scanner terraform vulnerability-scanning

Summary

AI summary

Breach cost estimation adds per‑finding financial risk ranges to all reports.

Full changelog

What's new in v1.0.0

Breach Cost Estimation

Every finding and attack chain now includes an estimated financial risk range based on published breach data. Sources are verified and linked - click any estimate to see where the numbers come from.

  • IBM Cost of a Data Breach 2024, Verizon DBIR, Capital One OCC fine, Uber settlement
  • Per-finding cost in CLI, HTML report, markdown, and JSON output
  • Total risk exposure in scan summary (e.g. "Risk exposure: $67K - $670K")

MCP Server - AI Agent Integration

The first free, standalone AWS security MCP server. Prowler and Wiz have MCP servers, but both require their paid SaaS platform.

Install (one command):

claude mcp add cloud-audit -- uvx --from "cloud-audit[mcp]" cloud-audit-mcp

Then ask Claude Code: "Scan my AWS account and show me the critical findings"

6 tools: scan_aws, get_findings, get_attack_chains, get_remediation, get_health_score, list_checks. Works with Claude Code, Cursor, and VS Code Copilot.

Full changelog

  • 47 checks, 16 attack chain rules, 278 tests
  • Breach cost per finding with verified source URLs
  • MCP server with optional [mcp] dependency
  • .mcp.json for project-scoped team config
  • cloud-audit-mcp entry point for uvx/pipx

See CHANGELOG.md for details.

View diff on GitHub

Weekly OSS security release digest.

The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.

No spam, unsubscribe anytime.

Share this release

Share on X Share on Bluesky

Track gebalamariusz/cloud-audit

Get notified when new releases ship.

Sign up free

About gebalamariusz/cloud-audit

Open-source AWS security scanner with attack chain detection, breach cost estimation, and copy-paste remediation (CLI + Terraform). 47 checks, 16 attack chain rules. First free standalone AWS security MCP server.

All releases →

Related context

Earlier breaking changes

  • v2.2.0 Category enum gains THREAT value, separating active-abuse from SECURITY misconfigurations.

Beta — feedback welcome: [email protected]