Visualisation for the CIS benchmark scanning results

In this paper, we introduce GraphSecure, a web application that provides advanced analysis and visualisation of security scanning results. GraphSecure enables users to initiate scans for their AWS account, validate them against specific Center for Internet Security (CIS) Benchmarks and return results, showcase those returned results in the form of statistical charts and warn the users about their account status.

💡 Research Summary

This paper presents “GraphSecure,” a novel web application designed to automate, visualize, and simplify the process of assessing cloud security compliance against the Center for Internet Security (CIS) Benchmarks for Amazon Web Services (AWS) environments.

The research is motivated by the critical need for robust security in an era of increasing cloud adoption and cyber threats. While CIS Benchmarks provide a globally recognized set of best-practice security guidelines, their manual implementation and continuous monitoring are often resource-intensive and impractical for many organizations. GraphSecure addresses this gap by offering an automated, user-friendly solution that lowers the technical barrier to effective security posture management.

The core contributions of GraphSecure are threefold. First, it provides automated scanning of single or multiple AWS accounts against a selection of CIS Benchmark categories (e.g., IAM, Monitoring, Networking). Second, it features advanced visualization of the scan results through an interactive dashboard, utilizing charts like doughnut graphs to intuitively display the distribution of passed and failed benchmarks across different security domains. Third, it goes beyond mere identification of issues by offering actionable, step-by-step recommendations to remediate failed benchmarks, guiding users—especially those with less security expertise—towards concrete solutions.

The paper grounds its work in a systematic literature review (SLR) of 17 relevant studies published between 2017 and 2025. The SLR reveals a strong industry trend towards automating CIS compliance, often using tools like Ansible, but identifies a relative lack of focus on intuitive visualization and risk-oriented interpretation of results for cloud users. GraphSecure positions itself to fill this niche, complementing existing automation tools with enhanced usability.

Technically, GraphSecure is built on a serverless AWS architecture, leveraging services like AWS Lambda for executing scans, DynamoDB for storing results, API Gateway for front-end communication, and CloudFormation for infrastructure provisioning. This architecture ensures scalability, cost-efficiency, and reduced operational overhead. The front-end is developed using React and TypeScript.

The user workflow is streamlined: after authentication, users can view historical scan summaries on a dashboard, launch new scans for selected benchmark categories, and review detailed results in a tabular history view. Clicking on a specific failed benchmark redirects the user to a dedicated page with tailored remediation instructions.

In conclusion, GraphSecure distinguishes itself from related tools like AWS’s own Config or Trusted Advisor (which are single-account focused) and other research prototypes by its strong emphasis on multi-account support, visual data representation, and practical guidance for remediation. It represents a step towards democratizing cloud security management, making complex CIS compliance data accessible and actionable for a broader range of IT practitioners, thereby potentially enhancing overall organizational security posture.