Solutions for securing cloud infrastructure, services, and containerized environments. Task: IamExplore 30 curated tools and resources
Want your tool featured here?
Get maximum visibility with pinned placement
A cloud-native security platform that provides asset inventory, vulnerability management, compliance monitoring, and security posture management across multiple cloud providers.
A cloud-native security platform that provides asset inventory, vulnerability management, compliance monitoring, and security posture management across multiple cloud providers.
A cloud native application protection platform that provides unified visibility, risk assessment, and remediation capabilities across multi-cloud and hybrid environments.
A cloud native application protection platform that provides unified visibility, risk assessment, and remediation capabilities across multi-cloud and hybrid environments.
A cloud-native application protection platform that provides comprehensive security monitoring, vulnerability management, and threat detection for cloud environments and container workloads.
A cloud-native application protection platform that provides comprehensive security monitoring, vulnerability management, and threat detection for cloud environments and container workloads.
A cloud native security platform that uses behavioral fingerprinting and runtime verification to detect threats across Kubernetes environments, cloud infrastructure, and software supply chains.
A cloud native security platform that uses behavioral fingerprinting and runtime verification to detect threats across Kubernetes environments, cloud infrastructure, and software supply chains.
TrailScraper is a command-line tool for extracting information from AWS CloudTrail logs and generating IAM policies based on actual API usage patterns.
TrailScraper is a command-line tool for extracting information from AWS CloudTrail logs and generating IAM policies based on actual API usage patterns.
Krampus is an AWS resource management tool that automates the deletion and disabling of cloud objects based on JSON task files for security remediation and cost control.
Krampus is an AWS resource management tool that automates the deletion and disabling of cloud objects based on JSON task files for security remediation and cost control.
Access Undenied on AWS analyzes CloudTrail AccessDenied events to explain access denial reasons and provide least-privilege remediation suggestions.
Access Undenied on AWS analyzes CloudTrail AccessDenied events to explain access denial reasons and provide least-privilege remediation suggestions.
AWS Vault securely stores AWS IAM credentials in the operating system's keystore and generates temporary credentials for development environments.
AWS Vault securely stores AWS IAM credentials in the operating system's keystore and generates temporary credentials for development environments.
Automate actions on Security Command Center findings with automated disk snapshots, IAM grant revocation, and more.
Automate actions on Security Command Center findings with automated disk snapshots, IAM grant revocation, and more.
aws-gate is a tool that enables secure connections to AWS EC2 instances through AWS Systems Manager Session Manager without requiring SSH keys or direct network access.
aws-gate is a tool that enables secure connections to AWS EC2 instances through AWS Systems Manager Session Manager without requiring SSH keys or direct network access.
Aaia visualizes AWS IAM and Organizations data in Neo4j graph format to help identify security outliers and conduct privilege escalation analysis through Cypher queries.
Aaia visualizes AWS IAM and Organizations data in Neo4j graph format to help identify security outliers and conduct privilege escalation analysis through Cypher queries.
An open-source framework that inventories and manages AWS resources across multiple accounts by collecting data via Cross Account Assume Roles and storing it in a centralized S3 bucket for analysis.
An open-source framework that inventories and manages AWS resources across multiple accounts by collecting data via Cross Account Assume Roles and storing it in a centralized S3 bucket for analysis.
A comprehensive AWS security automation toolkit that provides event monitoring, data protection, resource management, and security configuration validation across AWS environments.
A comprehensive AWS security automation toolkit that provides event monitoring, data protection, resource management, and security configuration validation across AWS environments.
Dufflebag searches through public AWS EBS snapshots to identify accidentally exposed secrets and sensitive information.
Dufflebag searches through public AWS EBS snapshots to identify accidentally exposed secrets and sensitive information.
A tool for identifying security issues in CloudFormation templates.
A Python tool that analyzes AWS CloudTrail data to summarize IAM principal activities, API calls, regions, IP addresses, and user agents with configurable timeframes and visualization options.
A Python tool that analyzes AWS CloudTrail data to summarize IAM principal activities, API calls, regions, IP addresses, and user agents with configurable timeframes and visualization options.
CFRipper is a security analyzer for AWS CloudFormation templates that identifies vulnerabilities and misconfigurations before cloud deployment.
CFRipper is a security analyzer for AWS CloudFormation templates that identifies vulnerabilities and misconfigurations before cloud deployment.
A Terraform module that establishes security baseline configurations for AWS accounts based on CIS benchmarks and AWS security best practices.
A Terraform module that establishes security baseline configurations for AWS accounts based on CIS benchmarks and AWS security best practices.
A GitHub action that lints AWS IAM policy documents to identify security issues and misconfigurations with configurable severity levels and custom rules.
A GitHub action that lints AWS IAM policy documents to identify security issues and misconfigurations with configurable severity levels and custom rules.
Cloud Inquisitor is an AWS security tool that monitors resource ownership, detects domain hijacking, verifies security services, and manages IAM policies across multiple accounts.
Cloud Inquisitor is an AWS security tool that monitors resource ownership, detects domain hijacking, verifies security services, and manages IAM policies across multiple accounts.
CloudMapper is an AWS security analysis tool that audits configurations, identifies misconfigurations, analyzes IAM policies, finds unused resources, and provides network visualization capabilities.
CloudMapper is an AWS security analysis tool that audits configurations, identifies misconfigurations, analyzes IAM policies, finds unused resources, and provides network visualization capabilities.
A NodeJS/TypeScript library that generates IAM Policy Actions Statements for AWS services with predefined constants and factory classes for AWS CDK integration.
A NodeJS/TypeScript library that generates IAM Policy Actions Statements for AWS services with predefined constants and factory classes for AWS CDK integration.
SkyWrapper analyzes temporary token behaviors in AWS accounts to detect suspicious activities and generates Excel reports with findings summaries.
SkyWrapper analyzes temporary token behaviors in AWS accounts to detect suspicious activities and generates Excel reports with findings summaries.
Principal Mapper is a Python tool that models AWS IAM configurations as directed graphs to identify privilege escalation risks and alternative attack paths in AWS environments.
Principal Mapper is a Python tool that models AWS IAM configurations as directed graphs to identify privilege escalation risks and alternative attack paths in AWS environments.