Cloud Security and Policy Tools & Resources

s3tk

A security toolkit for Amazon S3 that provides bucket scanning, policy validation, ACL management, and encryption features to identify and remediate S3 security vulnerabilities.

0

Vulnerability Assessment

s3tk

A security toolkit for Amazon S3 that provides bucket scanning, policy validation, ACL management, and encryption features to identify and remediate S3 security vulnerabilities.

0

+10

TrailScraper

TrailScraper is a command-line tool for extracting information from AWS CloudTrail logs and generating IAM policies based on actual API usage patterns.

0

TrailScraper

TrailScraper is a command-line tool for extracting information from AWS CloudTrail logs and generating IAM policies based on actual API usage patterns.

0

+7

Access Undenied on AWS

Access Undenied on AWS analyzes CloudTrail AccessDenied events to explain access denial reasons and provide least-privilege remediation suggestions.

0

Access Undenied on AWS

Access Undenied on AWS analyzes CloudTrail AccessDenied events to explain access denial reasons and provide least-privilege remediation suggestions.

0

+11

Selefra

An open-source policy-as-code platform that analyzes multi-cloud and SaaS environments using SQL and YAML policies with GPT integration for security, cost, and architecture assessments.

0

Selefra

An open-source policy-as-code platform that analyzes multi-cloud and SaaS environments using SQL and YAML policies with GPT integration for security, cost, and architecture assessments.

0

+7

Cloud Custodian (c7n)

Cloud Custodian is a YAML-based rules engine that manages and enforces security, compliance, and cost optimization policies across AWS, Azure, and GCP cloud environments in real-time.

0

Cloud Custodian (c7n)

Cloud Custodian is a YAML-based rules engine that manages and enforces security, compliance, and cost optimization policies across AWS, Azure, and GCP cloud environments in real-time.

0

+7

PacBot is a cloud security platform that provides continuous compliance monitoring, automated policy enforcement, and security reporting through policy-as-code implementation and multi-source data integration.

0

PacBot

PacBot is a cloud security platform that provides continuous compliance monitoring, automated policy enforcement, and security reporting through policy-as-code implementation and multi-source data integration.

0

+7

TerraGoat

TerraGoat is a deliberately vulnerable Terraform repository that demonstrates common cloud infrastructure misconfigurations for training and testing security tools.

0

Infrastructure As Code

Misconfiguration

Devsecops

Vulnerability Testing

TerraGoat

TerraGoat is a deliberately vulnerable Terraform repository that demonstrates common cloud infrastructure misconfigurations for training and testing security tools.

0

Infrastructure As Code

+7

aws-allowlister

aws-allowlister automatically generates AWS Service Control Policies that restrict access to only compliance-framework-approved AWS services.

0

aws-allowlister

aws-allowlister automatically generates AWS Service Control Policies that restrict access to only compliance-framework-approved AWS services.

0

+7

Banyan Collector

A framework for analyzing container images, running scripts inside containers, and gathering information for static analysis and policy enforcement.

0

Banyan Collector

A framework for analyzing container images, running scripts inside containers, and gathering information for static analysis and policy enforcement.

0

+7

Azure Guardrails

A tool that generates Terraform files for creating Azure Policy Initiatives to implement cloud security guardrails and enforce organizational standards at scale.

0

Infrastructure As Code

Security Automation

Cloud Compliance

Security Configuration

Azure Guardrails

A tool that generates Terraform files for creating Azure Policy Initiatives to implement cloud security guardrails and enforce organizational standards at scale.

0

+7

AWS IAM Policy Generator for AWS CDK

A NodeJS/TypeScript library that generates IAM Policy Actions Statements for AWS services with predefined constants and factory classes for AWS CDK integration.

0

AWS IAM Policy Generator for AWS CDK

A NodeJS/TypeScript library that generates IAM Policy Actions Statements for AWS services with predefined constants and factory classes for AWS CDK integration.

0

+6

k-rail

A deprecated Kubernetes workload policy enforcement tool that helped secure multi-tenant clusters through various security policies and configurations.

0

k-rail

A deprecated Kubernetes workload policy enforcement tool that helped secure multi-tenant clusters through various security policies and configurations.

0

+6

Security Monkey

Security Monkey monitors AWS, GCP, and OpenStack environments for policy changes and insecure configurations, providing historical tracking and alerting capabilities through a centralized interface.

0

Configuration Management

Security Monkey

Security Monkey monitors AWS, GCP, and OpenStack environments for policy changes and insecure configurations, providing historical tracking and alerting capabilities through a centralized interface.

0

+7

iam-policies-cli

A CLI tool for generating AWS IAM policy documents, SAM policy templates, and SAM Connectors using JSON definitions from the AWS Policy Generator.

0

Infrastructure As Code

Serverless

Automation

Aws Security

iam-policies-cli

A CLI tool for generating AWS IAM policy documents, SAM policy templates, and SAM Connectors using JSON definitions from the AWS Policy Generator.

0

+6

IAM Floyd

IAM Floyd is a code generation tool that provides a fluent interface for creating AWS IAM policy statements with comprehensive service coverage and CDK integration support.

0

Identity And Access Management

Automation

IAM Floyd

IAM Floyd is a code generation tool that provides a fluent interface for creating AWS IAM policy statements with comprehensive service coverage and CDK integration support.

0

+6

auspex

A graph-based tool for visualizing AWS access permissions and resource relationships to identify potential attack paths and privilege escalation opportunities.

0

auspex

A graph-based tool for visualizing AWS access permissions and resource relationships to identify potential attack paths and privilege escalation opportunities.

0

+7

rpCheckup

rpCheckup is an AWS resource policy security analysis tool that identifies public, external, intra-organizational, and private resource access patterns across AWS accounts.

0

rpCheckup

rpCheckup is an AWS resource policy security analysis tool that identifies public, external, intra-organizational, and private resource access patterns across AWS accounts.

0

+7