aws-security-mcp 0.5.2 → 0.6.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (7) hide show
  1. package/README.md +1 -8
  2. package/dist/bin/aws-security-mcp.js +886 -557
  3. package/dist/bin/aws-security-mcp.js.map +1 -1
  4. package/dist/src/index.d.ts +6 -4
  5. package/dist/src/index.js +886 -557
  6. package/dist/src/index.js.map +1 -1
  7. package/package.json +1 -1
package/README.md CHANGED
@@ -9,7 +9,7 @@ MCP server for automated AWS security scanning — 19 modules, risk scoring, zer
9
9
 
10
10
  ## Features
11
11
 
12
- - **19 Security Scan Modules** — 15 unique scanners + 4 aggregation scanners (Security Hub, GuardDuty, Inspector, Trusted Advisor, Config Rules, Access Analyzer, Patch Compliance)
12
+ - **19 Security Scan Modules** — Security Hub, GuardDuty, Inspector, Trusted Advisor, Config Rules, Access Analyzer, Patch Compliance, and more
13
13
  - **Risk Scoring** — every finding scored 0-10 with severity (CRITICAL/HIGH/MEDIUM/LOW) and priority (P0-P3)
14
14
  - **100% Read-Only** — uses only Describe/Get/List API calls; never modifies your AWS resources
15
15
  - **Multi-Account Support** — scan all accounts in an AWS Organization via `org_mode` with cross-account role assumption
@@ -246,8 +246,6 @@ Attach this policy to the IAM user or role running the scanner. All actions are
246
246
 
247
247
  ## Scan Modules
248
248
 
249
- ### Unique Scanners (15)
250
-
251
249
  | Module | What It Checks | Risk Score Range |
252
250
  |--------|---------------|-----------------|
253
251
  | **Service Detection** | Enabled security services (Security Hub, GuardDuty, Inspector, Config, Macie, CloudTrail) and maturity level | 5.0 - 7.5 |
@@ -265,11 +263,6 @@ Attach this policy to the IAM user or role running the scanner. All actions are
265
263
  | **Patch Compliance** | SSM Patch Manager compliance status for managed instances | 3.0 - 9.5 |
266
264
  | **IMDSv2 Enforcement** | EC2 instances not enforcing IMDSv2 (HttpTokens != required) | 7.5 |
267
265
  | **WAF Coverage** | Internet-facing ALBs without WAF Web ACL protection | 7.5 |
268
-
269
- ### Aggregation Scanners (4)
270
-
271
- | Module | Source Service | Risk Score Range |
272
- |--------|---------------|-----------------|
273
266
  | **Security Hub Findings** | AWS Security Hub (FSBP, CIS, PCI DSS) | 3.0 - 9.5 |
274
267
  | **GuardDuty Findings** | Amazon GuardDuty threat detection | 3.0 - 9.5 |
275
268
  | **Inspector Findings** | Amazon Inspector vulnerability scanning | 3.0 - 9.5 |