Configuration Management

Automated Microsoft 365 security configuration management and remediation tool

Secures CI/CD pipelines and DevOps workflows against supply chain attacks

Unified endpoint management platform with automation, patching, and remote access

File integrity monitoring and security configuration management platform

A cloud and database asset intelligence platform that provides continuous monitoring, compliance management, and security posture assessment across hybrid cloud environments.

A cloud native application protection platform that provides security monitoring and protection across cloud, on-premises, and hybrid environments.

ScubaGear is a PowerShell-based assessment tool that evaluates Microsoft 365 tenant configurations against CISA security baselines using Open Policy Agent and generates compliance reports.

A PowerShell security assessment script that evaluates Siemens SIMATIC PCS 7 industrial control systems for security misconfigurations and vulnerabilities.

A CLI program that simplifies cybersecurity solution management through automated deployment, configuration, monitoring, and lifecycle operations across multiple hosts.

A command-line tool that shows configuration history and changes of AWS resources using AWS Config service.

Bastille-Linux is a system hardening program that proactively configures the system for increased security and educates users about security settings.

AWS Scout2 is a security assessment tool that uses the AWS API to gather configuration data and automatically identify security risks in AWS environments.

CustomProcessor is a policy management tool that enables users to create and manage custom policies for IETF policy frameworks through a user-friendly interface.

Community project for developing common guidelines and best practices for secure configurations.

A cloud security analysis tool that creates digital twins of AWS environments using graph databases to identify attack paths and security misconfigurations through automated and manual rule-based assessments.

A Node.js library for validating environment variables and providing immutable access to configuration values in applications.

LambdaGuard is an AWS Lambda auditing tool that provides security configuration checks, statistical analysis, and service dependency mapping for serverless functions.

A command-line tool that extracts manifest and configuration data from Docker registry images for security analysis and reconnaissance purposes.

ssh-audit is a Python-based tool for auditing SSH server and client configurations to identify security weaknesses and ensure compliance with best practices.

Assess, audit, and evaluate configurations of AWS resources.

An automated script that configures Active Directory domains using customizable XML configuration files.

An Ansible role that automates the deployment and management of Bifrozt honeypots for network security monitoring.

A script that validates Group Policy Object audit settings required for proper Microsoft Defender for Endpoint functionality.

SOPS is an encrypted file editor that supports multiple formats and integrates with various key management services including AWS KMS, GCP KMS, Azure Key Vault, age, and PGP.