Security Operations for Aws
Security operations tools for SIEM, SOAR, threat hunting, incident response, and security operations center (SOC) management. Task: Aws
Browse 42 security tools
FEATURED
USE CASES
A tutorial on setting up Dionaea on an EC2 instance in 20 minutes
Hands-on cloud security training labs for AWS, Azure, and Sentinel teams.
Security data pipeline platform for routing, enriching, and controlling telemetry.
Managed security & compliance protection for AWS-hosted workloads.
Real-time runtime visibility platform for detecting active exploitation
SIEM platform for security monitoring and event management
SIEM/SOAR platform for threat detection, response automation, and compliance
AI-powered deception platform for cloud threat detection using honeytokens
Cloud-native SIEM with unified search across security logs and data lake
AI-powered SIEM for cloud security across Microsoft 365, Azure, AWS, and GCP
Cloud-native deception platform deploying dynamic security canaries
Collaborative case management platform for incident response and investigation
A distributed systems simulator that creates intentionally vulnerable Kubernetes clusters in AWS for security training and attack scenario practice.
A format conversion tool for S3 buckets designed to assist bug bounty hunters and security testers in standardizing bucket data during reconnaissance activities.
A collection of AWS-native scripts and automation tools for DevSecOps, incident response, and security remediation in cloud environments.
A Python module for orchestrating remote forensic data acquisition and analysis from Linux instances using Amazon SSM.
A project for demonstrating AWS attack techniques with a focus on ethical hacking practices.
TrailBlazer analyzes AWS CloudTrail logging behavior by systematically testing API calls across services to determine what gets logged and how it appears in CloudTrail.
A Python-based red team toolkit that leverages AWS boto3 SDK to perform offensive operations including credential extraction and file exfiltration from EC2 instances.
A serverless SOAR framework for AWS GuardDuty that automatically executes configurable response actions based on security findings and threat severity.
A Python tool that analyzes AWS CloudTrail data to summarize IAM principal activities, API calls, regions, IP addresses, and user agents with configurable timeframes and visualization options.
An AWS incident response framework that uses Athena to analyze CloudTrail events and EventBridge for notifications to investigate API activity and detect security misconfigurations.
AWS IR is a Python command line utility for automated incident response and mitigation of instance and key compromises in Amazon Web Services environments.
CloudFox is an open source command line tool that helps penetration testers and offensive security professionals identify exploitable attack paths and gain situational awareness in cloud infrastructure environments.