Cartography vs ScoutSuite
GitHub Stats
About Cartography
Cartography is a Python tool developed by Lyft that consolidates infrastructure assets and the relationships between them in an intuitive graph view powered by Neo4j. It ingests data from AWS, GCP, Azure, Okta, GitHub, and other services to build a comprehensive map of your cloud environment. Security teams use Cartography to identify attack paths, find misconfigurations, and understand blast radius by querying relationships between resources like EC2 instances, S3 buckets, IAM roles, and security groups. Its graph-based approach makes it easy to ask questions like 'which instances can reach this database' or 'which IAM users have admin access across accounts' that would be extremely difficult with flat inventory tools.
About ScoutSuite
ScoutSuite is a multi-cloud security auditing tool that assesses the security posture of cloud environments like AWS, Azure, GCP, Alibaba Cloud, and Oracle Cloud. It collects configuration data through cloud provider APIs and analyzes this data for potential security risks and misconfigurations. The tool outputs findings in an easy-to-read HTML report, highlighting issues such as overly permissive access controls. ScoutSuite is valued for its ability to provide a comprehensive security overview across multiple cloud platforms.
Platform Support
Tags
Shared
Cartography only
ScoutSuite only