Cloud Compliance
Explore 39 curated tools and resources
PINNED
InfoSecHired
An AI-powered career platform that automates the creation of cybersecurity job application materials and provides company-specific insights for job seekers.
Commercial
Resources
Mandos Brief Newsletter
A weekly newsletter providing cybersecurity leadership insights, industry updates, and strategic guidance for security professionals advancing to management positions.
Free
Resources
Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
Commercial
Application Security
Check Point CloudGuard WAF
A cloud-native web application and API security solution that uses contextual AI to protect against known and zero-day threats without signature-based detection.
Commercial
Application Security
Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
Commercial
Cloud Security
DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.
Commercial
Application Security
Wiz
Wiz Cloud Security Platform is a cloud-native security platform that enables security, dev, and devops to work together in a self-service model, detecting and preventing cloud security threats in real-time.
Commercial
Cloud Security
LATEST ADDITIONS
A cloud native application protection platform that provides unified visibility, risk assessment, and remediation capabilities across multi-cloud and hybrid environments.
A cloud and database asset intelligence platform that provides continuous monitoring, compliance management, and security posture assessment across hybrid cloud environments.
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
A cloud-native application protection platform that provides comprehensive security monitoring, vulnerability management, and threat detection for cloud environments and container workloads.
Cloud security platform that provides configuration monitoring, compliance management, and security analysis across multi-cloud environments.
CloudDefense.AI is a Cloud Native Application Protection Platform (CNAPP) that safeguards cloud infrastructure and cloud-native apps with expertise, precision, and confidence.
CloudScraper is a tool for enumerating cloud resources, including S3 Buckets, Azure Blobs, and Digital Ocean Storage Space.
S3Scanner scans for misconfigured S3 buckets across S3-compatible APIs, identifying potential security vulnerabilities and data exposure risks.
Cloud Custodian (c7n) is a rules engine for managing public cloud accounts and resources with a focus on security, compliance, and cost optimization.
Sangfor Technologies is a leading cybersecurity, cloud, and infrastructure vendor providing effective cybersecurity and efficient enterprise cloud solutions.
An open-sourced framework for managing resources across hundreds of AWS Accounts
Comprehensive set of security controls for various AWS services to ensure a secure cloud environment.
Comprehensive cybersecurity tool for Microsoft Azure providing CSPM & CWPP capabilities.
Tool for analyzing cloud resources against best practices and generating reports.
Azucar is a multi-threaded plugin-based tool for assessing Azure Cloud security.
Nuvola is a tool for security analysis on AWS environments with a focus on creating a digital twin of cloud platforms.
CloudFox helps gain situational awareness in unfamiliar cloud environments for penetration testers and offensive security professionals.
Open-source project for detecting security risks in cloud infrastructure accounts with support for AWS, Azure, GCP, OCI, and GitHub.
A tool for searching through public EBS snapshots for secrets, organized as an Elastic Beanstalk application.
Comprehensive cybersecurity platform for hybrid and multi-cloud environments
An open source cloud security platform for discovering, prioritizing, and remediating risks in the cloud.
Open-source set of libraries and drivers to accelerate network performance.
A tool that discovers all AWS resources created in an account
A tool to fetch all public IP addresses associated with an AWS account
A project that sets up partitioned Athena tables for CloudTrail logs and updates partitions nightly.
Ice provides a birds-eye view of cloud resources and usage patterns in AWS.
Find exposed AWS cloud assets that you did not know you had.
AI-Powered Cloud Assistant for building, securing, and operating cloud environments.
Cloudmarker is a cloud monitoring tool and framework that audits Azure and GCP cloud environments.
A multi-cloud tool for centralizing assets across multiple clouds with minimal configuration.
A series of levels teaching about common mistakes and gotchas when using Amazon Web Services (AWS).
Monitors AWS and GCP accounts for policy changes and alerts on insecure configurations, with support for OpenStack and GitHub monitoring.
A command line tool that counts Amazon resources across regions and displays the results in a friendly format.
A graph-based tool for visualizing effective access and resource relationships within AWS
Scalable, cost-effective application recovery to AWS.
In-depth analysis and insights on various cloud security topics by Rhino Security Labs team
Open source multi-cloud security-auditing tool for assessing security posture of cloud environments.