Cloud Security Posture Management

IaC security scanning for Kubernetes, Terraform, CloudFormation, and ARM templates

Cloud security posture mgmt with CIEM, compliance mapping & threat detection

Free cloud storage security scanner for AWS, Azure, and GCP environments

Automated Microsoft 365 security configuration management and remediation tool

IaC security scanner that detects cloud misconfigurations in CI/CD pipelines

Cloud cost management platform that provides optimization recommendations

CSPM platform for detecting misconfigurations & compliance gaps across clouds

Cloud & database asset intelligence platform for visibility & compliance

ScubaGear is a PowerShell-based assessment tool that evaluates Microsoft 365 tenant configurations against CISA security baselines using Open Policy Agent and generates compliance reports.

Wiz Cloud Security Platform is a cloud-native security platform that enables security, dev, and devops to work together in a self-service model, detecting and preventing cloud security threats in real-time.

A Python tool that tests multiple AWS S3 buckets for security misconfigurations including directory listing and upload permissions.

A security toolkit for Amazon S3 that provides bucket scanning, policy validation, ACL management, and encryption features to identify and remediate S3 security vulnerabilities.

A security tool that performs whitebox evaluation of S3 object permissions to identify publicly accessible files and generate reports on potential exposure risks.

A Burp Suite extension that uses Shodan to discover cloud buckets and tests them for publicly accessible vulnerabilities through passive scanning.

S3cario is an AWS S3 bucket security testing tool that validates permissions and identifies potential vulnerabilities through scenario simulation.

TrailScraper is a command-line tool for extracting information from AWS CloudTrail logs and generating IAM policies based on actual API usage patterns.

S3Scanner is an open-source tool that scans S3 buckets across S3-compatible APIs to identify misconfigurations and security vulnerabilities.

Krampus is an AWS resource management tool that automates the deletion and disabling of cloud objects based on JSON task files for security remediation and cost control.

Access Undenied on AWS analyzes CloudTrail AccessDenied events to explain access denial reasons and provide least-privilege remediation suggestions.

A command-line tool that shows configuration history and changes of AWS resources using AWS Config service.

Prowler is an open source multi-cloud security assessment tool that performs audits, compliance checks, and security evaluations across AWS, Azure, GCP, and Kubernetes environments.

A security tool for discovering S3 bucket references in web content and testing buckets for misconfigurations.

An open-source policy-as-code platform that analyzes multi-cloud and SaaS environments using SQL and YAML policies with GPT integration for security, cost, and architecture assessments.

Cloud Custodian is a YAML-based rules engine that manages and enforces security, compliance, and cost optimization policies across AWS, Azure, and GCP cloud environments in real-time.