Aws
Browse 350 aws tools
FEATURED
TrailBlazer analyzes AWS CloudTrail logging behavior by systematically testing API calls across services to determine what gets logged and how it appears in CloudTrail.
rpCheckup is an AWS resource policy security analysis tool that identifies public, external, intra-organizational, and private resource access patterns across AWS accounts.
A fully managed service that securely stores, rotates, and manages sensitive data such as database credentials and API keys.
A deprecated digital forensics tool by Netflix that helped investigators scope compromises across AWS cloud instances by identifying behavioral differences and outliers during security incidents.
A CLI utility that simplifies switching between different AWS roles by automatically managing AWS credentials file modifications.
Scalable, cost-effective application recovery to AWS.
A command-line tool that performs automated IAM policy security linting across AWS accounts and organizations using AWS Access Analyzer validation.
A collection of free cloud security research articles by Rhino Security Labs covering AWS, Azure, and GCP security topics including best practices, vulnerability assessments, and threat mitigation strategies.
CloudTracker analyzes CloudTrail logs against IAM policies to identify over-privileged AWS users and roles by comparing actual permission usage with granted permissions.
A serverless SOAR framework for AWS GuardDuty that automatically executes configurable response actions based on security findings and threat severity.
A proof of concept for using the SSM Agent in Fargate for incident response
Template-based incident response runbooks for AWS environments following NIST guidelines to help organizations handle common cloud security incidents.
Zeus is an AWS security auditing and hardening tool that evaluates cloud configurations against CIS benchmarks and can automatically apply recommended security settings.
Scout Suite is an open source multi-cloud security auditing tool that gathers configuration data via cloud provider APIs to identify risks and provide visibility into cloud attack surfaces.
