AWS IoT Device Defender Adds Four New Checks to its Audit Capability

You can now use AWS IoT Device Defender Audit to check for devices in your fleet that: (1) have overly permissive permissions (e.g., admin permissions, access to metadata actions, data plane actions, or security auditing services); (2) have access to services that haven’t been used in over 365 days; (3) use OpenSSL versions on Debian-based operating systems that have been identified as having predictable cryptographic keys making them susceptible to brute force attacks; or (4) use Infineon RSA library versions that have been identified to mishandle RSA key generation making them susceptible to hacking. 



https://aws.amazon.com/about-aws/whats-new/2019/11/aws-iot-device-defender-adds-four-new-checks-to-audit-capability/