Cloud Compliance

StateRAMP and GovRAMP audit and assessment services for cloud providers

Cloud monitoring and assessment service for security and compliance

Cloud-native app security platform covering code to cloud with SAST, SCA, IaC

AI-driven GRC platform for compliance, risk mgmt, and governance automation

Cloud compliance monitoring and reporting for 35+ frameworks including SOC 2

DNS security posture management across multicloud and on-prem environments

Cloud managed service for cloud infrastructure, operations, and security

ScubaGear is a PowerShell-based assessment tool that evaluates Microsoft 365 tenant configurations against CISA security baselines using Open Policy Agent and generates compliance reports.

A security tool that performs whitebox evaluation of S3 object permissions to identify publicly accessible files and generate reports on potential exposure risks.

AWS Scout2 is a security assessment tool that uses the AWS API to gather configuration data and automatically identify security risks in AWS environments.

Comprehensive set of security controls for various AWS services to ensure a secure cloud environment.

Comprehensive cybersecurity tool for Microsoft Azure providing CSPM & CWPP capabilities.

A cloud security assessment tool that collects cloud resource information, analyzes it against best practices, and generates compliance reports in multiple formats.

Azucar is a multi-threaded plugin-based tool that performs read-only security assessments of Azure Cloud environments, analyzing various assets and configurations without modifying deployed resources.

LambdaGuard is an AWS Lambda auditing tool that provides security configuration checks, statistical analysis, and service dependency mapping for serverless functions.

Comprehensive cybersecurity platform for hybrid and multi-cloud environments

Open-source set of libraries and drivers to accelerate network performance.

aws-allowlister automatically generates AWS Service Control Policies that restrict access to only compliance-framework-approved AWS services.

Network Access Analyzer is an AWS VPC feature that identifies unintended network access to cloud resources by analyzing internet gateways, route tables, ACLs, and security groups.

A collection of automation scripts that quickly enable essential AWS security and compliance features that are not activated by default in AWS accounts.

CloudMapper is an AWS security analysis tool that audits configurations, identifies misconfigurations, analyzes IAM policies, finds unused resources, and provides network visualization capabilities.

Ice is an AWS cloud cost management tool that provides multi-level visibility into cloud spending and resource utilization to support informed reservation purchases and resource optimization decisions.

A collection of AWS security benchmark resources including CIS Foundations Benchmark 1.1, best practices guides, and configuration documentation for securing Amazon Web Services environments.

A tool that generates Terraform files for creating Azure Policy Initiatives to implement cloud security guardrails and enforce organizational standards at scale.