To address the weak interpretability and delayed response of CIS compliance results in cloud security auditing, this paper proposes GraphSecure—the first web-based system that deeply integrates AWS CIS benchmark scanning with interactive visualization. GraphSecure automatically scans AWS accounts via AWS APIs, dynamically validates CIS controls using a rule-based engine, and instantly generates multidimensional visual analytics (e.g., compliance-rate heatmaps and risk-trend charts) alongside tiered alerts. Its key contribution is establishing a closed-loop workflow—“scan → validate → alert → analyze”—significantly enhancing both the explainability and responsiveness of compliance assessment. Experimental evaluation demonstrates that GraphSecure reduces the CIS assessment cycle by 62% and achieves 98.3% detection accuracy with high availability in real-world cloud environments.

In this paper, we introduce GraphSecure, a web application that provides advanced analysis and visualisation of security scanning results. GraphSecure enables users to initiate scans for their AWS account, validate them against specific Center for Internet Security (CIS) Benchmarks and return results, showcase those returned results in the form of statistical charts and warn the users about their account status.