Cloud Security for Compliance
Solutions for securing cloud infrastructure, services, and containerized environments. Task: ComplianceExplore 43 curated tools and resources
Search by name, description, or purpose... (⌘+K)
RELATED TASKS
PINNED
Promoted • 6 toolsCommercial
Data Protection
Commercial
Network Security
Commercial
Consulting
Commercial
Application Security
Commercial
Cloud Security
Commercial
Application Security
Want your tool featured here?
Get maximum visibility with pinned placement
LATEST ADDITIONS
A cloud-native security platform that provides asset inventory, vulnerability management, compliance monitoring, and security posture management across multiple cloud providers.
A cloud-native security platform that provides asset inventory, vulnerability management, compliance monitoring, and security posture management across multiple cloud providers.
A cloud and database asset intelligence platform that provides continuous monitoring, compliance management, and security posture assessment across hybrid cloud environments.
A cloud and database asset intelligence platform that provides continuous monitoring, compliance management, and security posture assessment across hybrid cloud environments.
A cloud native application protection platform that provides security monitoring and protection across cloud, on-premises, and hybrid environments.
A cloud native application protection platform that provides security monitoring and protection across cloud, on-premises, and hybrid environments.
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
ScubaGear is a PowerShell-based assessment tool that evaluates Microsoft 365 tenant configurations against CISA security baselines using Open Policy Agent and generates compliance reports.
ScubaGear is a PowerShell-based assessment tool that evaluates Microsoft 365 tenant configurations against CISA security baselines using Open Policy Agent and generates compliance reports.
Anchore Enterprise is a platform that protects and secures software supply chains end-to-end.
Anchore Enterprise is a platform that protects and secures software supply chains end-to-end.
Access Undenied on AWS analyzes CloudTrail AccessDenied events to explain access denial reasons and provide least-privilege remediation suggestions.
Access Undenied on AWS analyzes CloudTrail AccessDenied events to explain access denial reasons and provide least-privilege remediation suggestions.
Prowler is an open source multi-cloud security assessment tool that performs audits, compliance checks, and security evaluations across AWS, Azure, GCP, and Kubernetes environments.
Prowler is an open source multi-cloud security assessment tool that performs audits, compliance checks, and security evaluations across AWS, Azure, GCP, and Kubernetes environments.
An open-source policy-as-code platform that analyzes multi-cloud and SaaS environments using SQL and YAML policies with GPT integration for security, cost, and architecture assessments.
An open-source policy-as-code platform that analyzes multi-cloud and SaaS environments using SQL and YAML policies with GPT integration for security, cost, and architecture assessments.
Watchmen is a framework that centralizes AWS Config rule lambda functions into a single account for streamlined compliance management and automation.
Watchmen is a framework that centralizes AWS Config rule lambda functions into a single account for streamlined compliance management and automation.
Cloud Custodian is a YAML-based rules engine that manages and enforces security, compliance, and cost optimization policies across AWS, Azure, and GCP cloud environments in real-time.
Cloud Custodian is a YAML-based rules engine that manages and enforces security, compliance, and cost optimization policies across AWS, Azure, and GCP cloud environments in real-time.
PacBot is a cloud security platform that provides continuous compliance monitoring, automated policy enforcement, and security reporting through policy-as-code implementation and multi-source data integration.
PacBot is a cloud security platform that provides continuous compliance monitoring, automated policy enforcement, and security reporting through policy-as-code implementation and multi-source data integration.
An open-source framework that inventories and manages AWS resources across multiple accounts by collecting data via Cross Account Assume Roles and storing it in a centralized S3 bucket for analysis.
An open-source framework that inventories and manages AWS resources across multiple accounts by collecting data via Cross Account Assume Roles and storing it in a centralized S3 bucket for analysis.
A comprehensive AWS security automation toolkit that provides event monitoring, data protection, resource management, and security configuration validation across AWS environments.
A comprehensive AWS security automation toolkit that provides event monitoring, data protection, resource management, and security configuration validation across AWS environments.
A multi-account AWS security tool that identifies misconfigurations, provides real-time reporting, and performs automated remediation to establish secure cloud guardrails.
A multi-account AWS security tool that identifies misconfigurations, provides real-time reporting, and performs automated remediation to establish secure cloud guardrails.
A cloud security assessment tool that collects cloud resource information, analyzes it against best practices, and generates compliance reports in multiple formats.
A cloud security assessment tool that collects cloud resource information, analyzes it against best practices, and generates compliance reports in multiple formats.
KICS is an open-source Infrastructure as Code security scanner that detects vulnerabilities and misconfigurations through customizable queries and integrates with CI/CD pipelines.
KICS is an open-source Infrastructure as Code security scanner that detects vulnerabilities and misconfigurations through customizable queries and integrates with CI/CD pipelines.
CloudSploit by Aqua is an open-source multi-cloud security scanning tool that detects security risks and compliance issues across AWS, Azure, GCP, OCI, and GitHub platforms.
CloudSploit by Aqua is an open-source multi-cloud security scanning tool that detects security risks and compliance issues across AWS, Azure, GCP, OCI, and GitHub platforms.
ZeusCloud is an open source cloud security platform that discovers AWS assets, identifies attack paths, and provides remediation guidance with customizable compliance controls.
ZeusCloud is an open source cloud security platform that discovers AWS assets, identifies attack paths, and provides remediation guidance with customizable compliance controls.
An archived community-driven collection of open source cloud security tools that provided monitoring and compliance capabilities for cloud infrastructure.
An archived community-driven collection of open source cloud security tools that provided monitoring and compliance capabilities for cloud infrastructure.
CFRipper is a security analyzer for AWS CloudFormation templates that identifies vulnerabilities and misconfigurations before cloud deployment.
CFRipper is a security analyzer for AWS CloudFormation templates that identifies vulnerabilities and misconfigurations before cloud deployment.
aws-allowlister automatically generates AWS Service Control Policies that restrict access to only compliance-framework-approved AWS services.
aws-allowlister automatically generates AWS Service Control Policies that restrict access to only compliance-framework-approved AWS services.
A Terraform module that establishes security baseline configurations for AWS accounts based on CIS benchmarks and AWS security best practices.
A Terraform module that establishes security baseline configurations for AWS accounts based on CIS benchmarks and AWS security best practices.
A Python-based Docker security audit tool that performs CIS benchmark assessments with customizable profiles and JSON reporting capabilities.
A Python-based Docker security audit tool that performs CIS benchmark assessments with customizable profiles and JSON reporting capabilities.