Olivia
Online
NSAuditor AI
@Nsasoft
We find what your GRC platform misses: shadow admins, IAM privesc, NSG holes. SOC 2 evidence. Open source. Multi-cloud. Zero data exfil.
USA
Joined December 2009
46 Following
119 Followers
1.8K Posts
Β Pinned Tweet
New to Nsauditor AI Enterprise? Watch this quick Getting Started walkthrough, from the license key in your purchase email to your first signed audit report.
Install, activate, configure, scan, and read the results, all on your own machine. No scan data ever leaves your network. One scan produces timestamped evidence packs across SOC 2, HIPAA, NIST CSF 2.0, PCI DSS, ISO 27001, and CIS Controls v8 spanning AWS, Azure, and GCP.
Learn more: https://t.co/tGN97SYUTY
#CloudSecurity #Compliance #SOC2 #HIPAA #DevSecOps
Full release breakdown on LinkedIn: https://t.co/uK83P3RSrN
NSAuditor AI EE 0.18.0 is live: GCP false-negative hardening.
A cloud audit that reads "clean" can still be wrong. This release closes five real GCP detection gaps β no new controls, all six compliance matrices unchanged. 28 plugins.
What we fixed π§΅
4/ Both were caught by a new mandatory pre-publish validation gate β pack β global-install β real scan β live run β before they shipped.
A false negative is the worst defect an audit tool can ship. We hunt them.
npm i -g nsauditor-ai@latest
https://t.co/mA4rcB9ZrY
#CloudSecurity #GCP
3/ Fail-closed, not silently clean.
A denied GCP enumeration now routes into findings and fails its own controls. Plus two pre-existing bugs β a project-IAM check on the wrong client (never ran) and an IAM-admin client unauthenticated under pure ADC β both fixed + live-validated.
2/ IAM impersonation completeness.
A project-scope serviceAccountKeyAdmin can mint a long-lived key for ANY service account = offline impersonation of the whole project. And a custom role can grant actAs admin-equivalence. Both are now detected instead of reading clean.
1/ Legacy-ACL public buckets.
A GCS bucket made public via a legacy ACL (allUsers / allAuthenticatedUsers) while Uniform Bucket-Level Access is off was reading clean β we only checked IAM-policy exposure. Now we scan the bucket ACL + a sampled object-ACL surface.
Also on LinkedIn: watch the same Getting Started walkthrough here https://t.co/dQvZuVKQa7
New to Nsauditor AI Enterprise? Watch this quick Getting Started walkthrough, from the license key in your purchase email to your first signed audit report.
Install, activate, configure, scan, and read the results, all on your own machine. No scan data ever leaves your network. One scan produces timestamped evidence packs across SOC 2, HIPAA, NIST CSF 2.0, PCI DSS, ISO 27001, and CIS Controls v8 spanning AWS, Azure, and GCP.
Learn more: https://t.co/tGN97SYUTY
#CloudSecurity #Compliance #SOC2 #HIPAA #DevSecOps
Also on LinkedIn: read the full Getting Started guide here https://t.co/rwiPLuytfk
https://t.co/nq6aPennMJ
Until now an NSAuditor AI cloud audit looked at ONE AWS region β whichever your account was set to. A public bucket in eu-west-1, a wide-open SG in ap-southeast-2: invisible if you happened to scan us-east-1.
EE 0.17.0 adds --aws-region. π§΅
Plugin count unchanged at 28; all six compliance matrices unchanged. This is reach, not new claims.
npm i -g nsauditor-ai@latest (Community)
@nsasoft/nsauditor-ai-ee@latest (Enterprise)
https://t.co/2mUd9KRHs3
#CyberSecurity #CloudSecurity #AWS #InfoSec
Until now an NSAuditor AI cloud audit looked at ONE AWS region β whichever your account was set to. A public bucket in eu-west-1, a wide-open SG in ap-southeast-2: invisible if you happened to scan us-east-1.
EE 0.17.0 adds --aws-region. π§΅
Safe by default. No flag = single region (behaviour-preserving), and it discloses the regions it didn't scan. An unknown region code fails fast β a scan never silently mis-scopes.
In Claude Desktop, "all regions" is covered automatically in small batches: full reach, no timeouts.
The part we care about most: a region it genuinely can't reach is an explicit evidence gap β the CloudTrail verdict fails closed over it, never a silent "all clear." Confirmed live in Claude Desktop.
npm i -g @nsasoft/nsauditor-ai-ee@latest
We shipped NSAuditor AI EE 0.16.7 β and it came straight from a real bug report. An operator asked Claude Desktop to "audit my AWS account" and the CloudTrail auditor came back oddly thin. π§΅
0.16.7: a short per-region connect/request timeout + wider fan-out β a dead region fails in ~2s, not 30. And an errored region is now recorded and skipped, not fatal. 234 seconds β ~13 seconds, fully multi-region.
Last Seen Users on Sotwe
abc
Seen from Vietnam
LoαΊ‘n LuΓ’n MαΊΉ Con
Seen from Vietnam
El Vecino de Cancun
Seen from Mexico
goodprsn
Seen from Indonesia
ε°ζ min
Seen from Indonesia
Gündemde Gizli Gerçekler
Seen from Turkey
meena
Seen from Netherlands
Hotchocbbc
Kehangatan Dari Stw Sange
Seen from Indonesia
ΕiΕman ve olgun kaninlara bayΔ±lΔ±yorum
Seen from Turkey
Most Popular Users
Elon Musk
@elonmusk
240.1M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
108.7M followers
Narendra Modi
@narendramodi
106.9M followers
Rihanna
@rihanna
97.2M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.5M followers
KATY PERRY
@katyperry
86.7M followers
Taylor Swift
@taylorswift13
80.5M followers
Lady Gaga
@ladygaga
72.1M followers
Kim Kardashian
@kimkardashian
69.3M followers
YouTube
@youtube
68.6M followers
Virat Kohli
@imvkohli
68.4M followers
Bill Gates
@billgates
63.4M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
60.9M followers
X
@x
60.9M followers
CNN Breaking News
@cnnbrk
59.9M followers