Access Control

FIDO2-based MFA solution using smartphone push notifications for authentication

ZTNA solution providing identity-based access to private apps

Password manager for storing and sharing passwords, secrets, and credentials

GRC platform for compliance management, risk tracking, and policy management

AI-powered identity governance platform for automated access management

Unified PAM platform for privileged account, session, endpoint & vendor access mgmt

A security toolkit for Amazon S3 that provides bucket scanning, policy validation, ACL management, and encryption features to identify and remediate S3 security vulnerabilities.

Access Undenied on AWS analyzes CloudTrail AccessDenied events to explain access denial reasons and provide least-privilege remediation suggestions.

A database protection suite that provides field-level encryption, access control, and intrusion detection for distributed applications storing sensitive data.

A laser tripwire device that automatically hides windows, locks computers, or executes custom scripts when motion is detected within 120cm range.

A Lambda function that automatically disables AWS IAM User Access Keys after a specified time period to reduce security risks from aging credentials.

Tang is a network-based server that binds encrypted data access to network presence, allowing data decryption only when clients are connected to the specific network where the Tang server operates.

IAM Zero detects identity and access management issues and automatically suggests least-privilege policies by analyzing application errors and access patterns in cloud environments.

IAMSpy is a library that uses the Z3 prover to analyze AWS IAM policies and query whether specific actions are allowed or denied.

Repokid automatically removes unused service permissions from AWS IAM role inline policies using Access Advisor data to implement least privilege access.

Santa is a macOS binary and file access authorization system that monitors executions and makes allow/block decisions based on local database rules.

Centralized workforce identity management for AWS applications.

AWS Cloud Security offers security services and compliance tools for securing data and applications on AWS.

Network Access Analyzer is an AWS VPC feature that identifies unintended network access to cloud resources by analyzing internet gateways, route tables, ACLs, and security groups.

A WordPress plugin that logs failed login attempts to help monitor unauthorized access attempts on WordPress websites.

A tutorial demonstrating how to implement Kubernetes Engine security features to control application privileges through host access controls and network access policies.

Romana automates cloud-native network isolation and distributed firewall policies for Kubernetes and OpenStack environments using topology-aware IPAM without overlays.

A NodeJS/TypeScript library that generates IAM Policy Actions Statements for AWS services with predefined constants and factory classes for AWS CDK integration.

DenyHosts is a script to block SSH server attacks by automatically preventing attackers after failed login attempts.