Introduction Most “security tools” today are typically composed by code that consumes an API and applies predefined logic to identify issues. This is generally accomplished by: Fetching a subset of the endpoints exposed by the service / API being audited (i.e. the information required for the evaluation logic, such as a list of the EC2 instances deployed in an AWS account, as well as their configuration) Storing the data retrieved Evaluating this data to produce “findings” (this is th...
