Compliance

Watchmen is a framework that centralizes AWS Config rule lambda functions into a single account for streamlined compliance management and automation.

Cloud Custodian is a YAML-based rules engine that manages and enforces security, compliance, and cost optimization policies across AWS, Azure, and GCP cloud environments in real-time.

A container compliance and vulnerability assessment tool that uses OpenSCAP to scan Docker images and running containers for security vulnerabilities and compliance violations.

CustomProcessor is a policy management tool that enables users to create and manage custom policies for IETF policy frameworks through a user-friendly interface.

An open-source script that performs automated security assessments of Docker containers and hosts against CIS Docker Benchmark standards.

A technology-focused blog discussing innovations in painting and the importance of expert painters.

App-Ray offers comprehensive security analysis and compliance solutions for mobile applications.

PacBot is a cloud security platform that provides continuous compliance monitoring, automated policy enforcement, and security reporting through policy-as-code implementation and multi-source data integration.

On-demand access to AWS and ISV compliance reports with time-saving benefits.

An open-source framework that inventories and manages AWS resources across multiple accounts by collecting data via Cross Account Assume Roles and storing it in a centralized S3 bucket for analysis.

A comprehensive AWS security automation toolkit that provides event monitoring, data protection, resource management, and security configuration validation across AWS environments.

A multi-account AWS security tool that identifies misconfigurations, provides real-time reporting, and performs automated remediation to establish secure cloud guardrails.

A cloud security assessment tool that collects cloud resource information, analyzes it against best practices, and generates compliance reports in multiple formats.

A summary of the threat modeling posts and final thoughts on the process

Microsoft BitLocker is a Windows-integrated full volume encryption solution that protects data on devices through disk-level encryption with enterprise deployment and management capabilities.

Continually audit your AWS usage to simplify risk and compliance assessment.

KICS is an open-source Infrastructure as Code security scanner that detects vulnerabilities and misconfigurations through customizable queries and integrates with CI/CD pipelines.

An all-in-one email outreach platform for finding and connecting with professionals, with features for lead discovery, email verification, and cold email campaigns.

A standalone Python script that audits system configurations against CIS Hardening Benchmarks to assess compliance readiness without requiring installation or dependencies.

CloudSploit by Aqua is an open-source multi-cloud security scanning tool that detects security risks and compliance issues across AWS, Azure, GCP, OCI, and GitHub platforms.

Cybersecurity conference featuring talks on various hacking topics by industry experts.

A comprehensive guide providing step-by-step instructions for hardening GNU/Linux systems using industry standards like CIS, STIG, NIST, and PCI-DSS.

A Microsoft Word template library for implementing industrial information security management systems with documentation for policy, risk management, business continuity, and incident handling.

Repokid automatically removes unused service permissions from AWS IAM role inline policies using Access Advisor data to implement least privilege access.