NSAuditor AI EE 0.17.0 Adds Multi-Region AWS Cloud Audits

MobNS

NSAuditor AI Enterprise Edition 0.17.0 ships a feature that closes one of the quietest gaps in cloud auditing: scanning only a single AWS region. Until this release, an audit examined whichever region the account was configured for. Resources in any other region — a public S3 bucket, an exposed security group, an unencrypted RDS instance — simply did not get looked at. The new --aws-region flag fixes that.

One flag, three scopes

The CLI now accepts --aws-region <one | csv | all>, and the MCP scan_cloud tool gains a matching regions argument. Point an audit at a single region, a comma-separated list (us-east-1,eu-west-1), or every region your account has enabled.

Real per-region fan-out

The regional auditors — covering security groups, EC2, RDS, KMS, Lambda, Secrets Manager, DynamoDB, CodePipeline/CodeBuild, Backup, SQS/SNS, VPC endpoints, ElastiCache, SES, and the CloudTrail/GuardDuty/Inspector group — now execute in every region within scope rather than just the configured one. The S3 auditors resolve each bucket’s own region and skip-and-disclose any bucket outside scope, eliminating cross-region false-cleans. Global services like IAM are still audited once.

Disclosed scope, fail-fast on the unknown

The default with no flag stays single-region for backwards compatibility — but it now reports exactly which regions it did not scan, so a “clean” result is never quietly partial. Pass an unknown region code and the scan fails fast instead of silently mis-scoping.

Built for Claude Desktop’s time budget

Each Claude Desktop tool call is capped near 60 seconds, so an “all regions” request is automatically handled in small region-group batches that each fit the limit. The result is complete multi-region coverage from the assistant with no timeouts and no configuration changes.

Reach, not new claims

Plugin count is unchanged at 28 and all six compliance frameworks — SOC 2, HIPAA, NIST CSF 2.0, PCI DSS v4.0.1, ISO/IEC 27001:2022, and CIS Controls v8 — are unchanged. EE 0.17.0 widens what an audit can see, not what it claims to cover.

Get it

Community Edition: npm i -g nsauditor-ai@latest. Enterprise (licensed): @nsasoft/nsauditor-ai-ee@latest, paired with nsauditor-ai-agent-skill@0.2.0. Details at nsauditor.com/ai/enterprise.

Related Posts:

  • nsauditor-ai-ee-062-multi-region-govcloud
  • nsauditor-ai-ee-0-16-7-cloudtrail-multi-region
  • nsauditor-ai-ee-062-launches-multi-region-aws-security-auditing-and-fixes-govclo
  • nsauditor-ai-ee-0-16-0-per-account-cloud-scanning
  • nsauditor-ai-ee-0-6-1-inspector2-guardduty-auditor