Added ScoutSuite documentation to documentation hub

docs/content/reference/zero-trust/_index.md

@@ -0,0 +1,14 @@
+---
+title: "Zero trust"
+date: 2021-03-02T16:22:55+02:00
+draft: false
+weight: 10
+chapter: true
+tags: ["zero trust"]
+pre: '<b>0</b> '
+---
+# Zero Trust
+
+Gives more details about tests and tools used during Zero Trust assessment.
+
+{{% children %}}

docs/content/reference/zero-trust/scoutsuite.md

@@ -0,0 +1,57 @@
+---
+title: "Scoutsuite"
+date: 2021-03-02T16:23:06+02:00
+draft: false
+---
+
+### What is ScoutSuite?
+
+<a href="https://github.com/nccgroup/ScoutSuite" target="_blank" >Scout Suite</a> is an open-source cloud security-auditing tool.
+It queries the cloud API to gather configuration data of the cloud infrastructure. Based on configuration
+data gathered ScoutSuite shows security issues and risks present in your infrastructure.
+
+### Which cloud providers are supported?
+
+So far the Infection Monkey only supports AWS.
+
+### How to enable ScoutSuite?
+
+First of all, Infection Monkey needs access to your cloud API. You can provide access
+in the following ways:
+
+ - Provide access keys:
+    - Create a new user with ReadOnlyAccess and SecurityAudit policies and generate keys
+    - Generate keys for your current user (faster but less secure)
+ - Configure AWS CLI:
+    - If the command-line interface is available on the Island, it will be used to access 
+    the cloud API
+    
+More details about configuring ScoutSuite can be found in the tool itself, by choosing 
+"Cloud Security Scan" in the "Run Monkey" options. 
+
+After you're done with the setup, make sure that a checkmark appears next to the AWS option to 
+verify that ScoutSuite can access the API.
+
+![Successfull setup indicator](/images/reference/zero-trust/scoutsuite_aws_configured.png 
+"Successful setup indicator")
+
+### How to run cloud scan?
+
+If you have successfully configured cloud scan, once the Monkey Agent is run **on the Island**, 
+the cloud infrastructure will get scanned. To make this happen, you can simply click on "From Island" 
+in the run options. The scope of network scan and other activities you configured the Agent to 
+do are irrelevant for cloud security scan, except 
+**Monkey Configuration -> System info collectors -> AWS collector** which needs to remain **enabled**.
+
+### How to assess cloud scan results?
+
+After the scan is done, ScoutSuite results will be sorted and applied to the ZeroTrust Extended framework 
+and displayed as a part of the ZeroTrust report. The main difference between Infection Monkey findings and 
+ScoutSuite findings is that ScoutSuite findings contain security rules. To see which rules were 
+checked click on the "Rules" button next to the relevant test. You'll see a brief overview of the rules 
+related to the test and a list of those rules. Expand a rule to see its description, remediation and 
+more details about resources flagged. Each flagged resource has a path so you can easily locate 
+them in the cloud and change the value that is deemed insecure.
+
+![Open ScoutSuite rule](/images/reference/zero-trust/scoutsuite_report_rule.png 
+"Successful setup indicator")

docs/content/usage/use-cases/zero-trust.md

@@ -11,6 +11,8 @@ weight: 1
 Want to assess your progress in achieving a Zero Trust network? The Infection Monkey can automatically evaluate your readiness across the different
 [Zero Trust Extended Framework](https://www.forrester.com/report/The+Zero+Trust+eXtended+ZTX+Ecosystem/-/E-RES137210) principles.
 
+You can additionally scan your cloud infrastructure's compliance to ZeroTrust principles using [ScoutSuite integration.](/reference/zero-trust/scoutsuite)
+
 ## Configuration
 
 - **Exploits -> Credentials** This configuration value will be used for brute-forcing. The Infection Monkey uses the most popular default passwords and usernames, but feel free to adjust it according to the default passwords common in your network. Keep in mind a longer list means longer scanning times.