Prevent cloud misconfigurations and find vulnerabilities during build-time in infrastructure as code, container images and open source packages with Checkov by Bridgecrew.
-
Updated
May 19, 2024 - Python
Prevent cloud misconfigurations and find vulnerabilities during build-time in infrastructure as code, container images and open source packages with Checkov by Bridgecrew.
AWS Lambda runtime application self-protection (RASP). Free and opensource.
AWS VPN connection with Netgate pfSense
The AWS exploitation framework, designed for testing the security of Amazon Web Services environments.
Detect compliance and security violations across Infrastructure as Code to mitigate risk before provisioning cloud native infrastructure.
TerraGoat is Bridgecrew's "Vulnerable by Design" Terraform repository. TerraGoat is a learning and training project that demonstrates how common configuration errors can find their way into production cloud environments.
AWSXenos will list all the trust relationships in all the IAM roles and S3 buckets
IAM Least Privilege Policy Generator
cloudgrep is grep for cloud storage
ElectricEye is a multi-cloud, multi-SaaS Python CLI tool for Asset Management, Security Posture Management & Attack Surface Monitoring supporting 100s of services and evaluations to harden your CSP & SaaS environments with controls mapped to over 20 industry, regulatory, and best practice controls frameworks
Independently deploy customized honeyservices in AWS to trigger alerts on unauthorized access. It utilizes a dedicated CloudTrail for precise detection and notification specifically for honeyservices activity.
Complete Practical Study Plan to become a successful cybersecurity engineer based on roles like Pentest, AppSec, Cloud Security, DevSecOps and so on...
AWS GuardDuty demo with S3, RDS, EC2
Example solutions demonstrating how to implement patterns within the AWS Security Reference Architecture guide using CloudFormation (including Customizations for AWS Control Tower) and Terraform.
An evolving repository of CloudTrail events with detailed descriptions, MITRE ATT&CK insights, real-world incidents, references and security implications
Adaptive AWS Zero Trust Policy made easy: Auto-generate least-privilege policies based on user activity in real time! Accelerate the adoption of smart access control
Library and CLI tool for analysing CloudFormation templates and check them for security compliance.
☁️ ⚡ Granular, Actionable Adversary Emulation for the Cloud
Vulnerability scanning just got lazier
Add a description, image, and links to the aws-security topic page so that developers can more easily learn about it.
To associate your repository with the aws-security topic, visit your repo's landing page and select "manage topics."