Explore 55 curated tools and resources
ImmuniWeb Discovery is an attack surface management platform that continuously monitors an organization's external digital assets for security vulnerabilities, misconfigurations, and threats across domains, applications, cloud resources, and the dark web.
ImmuniWeb Discovery is an attack surface management platform that continuously monitors an organization's external digital assets for security vulnerabilities, misconfigurations, and threats across domains, applications, cloud resources, and the dark web.
An AI-powered career platform that automates the creation of cybersecurity job application materials and provides company-specific insights for job seekers.
An AI-powered career platform that automates the creation of cybersecurity job application materials and provides company-specific insights for job seekers.
A weekly newsletter providing cybersecurity leadership insights, industry updates, and strategic guidance for security professionals advancing to management positions.
A weekly newsletter providing cybersecurity leadership insights, industry updates, and strategic guidance for security professionals advancing to management positions.
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
A cloud-native web application and API security solution that uses contextual AI to protect against known and zero-day threats without signature-based detection.
A cloud-native web application and API security solution that uses contextual AI to protect against known and zero-day threats without signature-based detection.
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.
Wiz Cloud Security Platform is a cloud-native security platform that enables security, dev, and devops to work together in a self-service model, detecting and preventing cloud security threats in real-time.
Wiz Cloud Security Platform is a cloud-native security platform that enables security, dev, and devops to work together in a self-service model, detecting and preventing cloud security threats in real-time.
A cloud-based identity and access management solution that provides access governance, compliance monitoring, and risk management for hybrid environments.
A cloud-based identity and access management solution that provides access governance, compliance monitoring, and risk management for hybrid environments.
A cloud-native security platform that provides asset inventory, vulnerability management, compliance monitoring, and security posture management across multiple cloud providers.
A cloud-native security platform that provides asset inventory, vulnerability management, compliance monitoring, and security posture management across multiple cloud providers.
A cloud native application protection platform that provides unified visibility, risk assessment, and remediation capabilities across multi-cloud and hybrid environments.
A cloud native application protection platform that provides unified visibility, risk assessment, and remediation capabilities across multi-cloud and hybrid environments.
Pathlock is an identity security platform that provides compliance-focused governance, access management, and continuous controls monitoring across enterprise applications with particular emphasis on ERP systems.
Pathlock is an identity security platform that provides compliance-focused governance, access management, and continuous controls monitoring across enterprise applications with particular emphasis on ERP systems.
Airlock Secure Access Hub is an integrated security platform that combines identity and access management with web application and API protection to secure digital applications while maintaining user experience.
Airlock Secure Access Hub is an integrated security platform that combines identity and access management with web application and API protection to secure digital applications while maintaining user experience.
A cloud-native application protection platform that provides comprehensive security monitoring, vulnerability management, and threat detection for cloud environments and container workloads.
A cloud-native application protection platform that provides comprehensive security monitoring, vulnerability management, and threat detection for cloud environments and container workloads.
A Non-Human Identity Management platform that provides discovery, security, and lifecycle management for machine identities across hybrid cloud environments.
A Non-Human Identity Management platform that provides discovery, security, and lifecycle management for machine identities across hybrid cloud environments.
A security platform that automates the deployment and management of security canaries across cloud infrastructure to detect potential intrusions and unauthorized access.
A security platform that automates the deployment and management of security canaries across cloud infrastructure to detect potential intrusions and unauthorized access.
A platform that discovers, manages and secures non-human identities like service accounts, API keys and secrets across enterprise environments.
A platform that discovers, manages and secures non-human identities like service accounts, API keys and secrets across enterprise environments.
A cloud-based platform that discovers, monitors, and manages non-human identities and their associated credentials across cloud infrastructure.
A cloud-based platform that discovers, monitors, and manages non-human identities and their associated credentials across cloud infrastructure.
An open-source credential management platform that provides end-to-end encrypted password sharing and storage capabilities for organizations.
An open-source credential management platform that provides end-to-end encrypted password sharing and storage capabilities for organizations.
A cloud native security platform that uses behavioral fingerprinting and runtime verification to detect threats across Kubernetes environments, cloud infrastructure, and software supply chains.
A cloud native security platform that uses behavioral fingerprinting and runtime verification to detect threats across Kubernetes environments, cloud infrastructure, and software supply chains.
Permiso is an Identity Threat Detection and Response platform that provides comprehensive visibility and protection for identities across multiple cloud environments.
Permiso is an Identity Threat Detection and Response platform that provides comprehensive visibility and protection for identities across multiple cloud environments.
Okta Workforce Identity Cloud is an identity and access management platform that provides secure, streamlined access for an organization's workforce across various applications and resources.
Okta Workforce Identity Cloud is an identity and access management platform that provides secure, streamlined access for an organization's workforce across various applications and resources.
Okta Customer Identity Cloud is a CIAM solution that provides secure, customizable identity management for consumer and SaaS applications.
Okta Customer Identity Cloud is a CIAM solution that provides secure, customizable identity management for consumer and SaaS applications.
AWS IAM Access Analyzer is a tool for implementing and maintaining least privilege access in AWS environments through automated analysis and validation of IAM policies and permissions.
AWS IAM Access Analyzer is a tool for implementing and maintaining least privilege access in AWS environments through automated analysis and validation of IAM policies and permissions.
A comprehensive analysis of AWS IAM Access Analyzer, evaluating its capabilities, limitations, and effectiveness in identifying publicly exposed AWS resources.
A comprehensive analysis of AWS IAM Access Analyzer, evaluating its capabilities, limitations, and effectiveness in identifying publicly exposed AWS resources.
Akamai Enterprise Application Access is a ZTNA solution that provides secure, identity-based access to private applications without exposing the network.
Akamai Enterprise Application Access is a ZTNA solution that provides secure, identity-based access to private applications without exposing the network.
A platform that helps companies automate the management of their SaaS identities and applications, providing visibility, security, and compliance across the organization's SaaS ecosystem.
A platform that helps companies automate the management of their SaaS identities and applications, providing visibility, security, and compliance across the organization's SaaS ecosystem.
A command-line tool to get valuable information out of AWS CloudTrail and a general purpose toolbox for working with IAM policies
A command-line tool to get valuable information out of AWS CloudTrail and a general purpose toolbox for working with IAM policies
Identify AWS IAM permissions by brute-forcing API calls.
Securely store and access AWS credentials in a development environment.
Automate actions on Security Command Center findings with automated disk snapshots, IAM grant revocation, and more.
Automate actions on Security Command Center findings with automated disk snapshots, IAM grant revocation, and more.
A tool that generates least privilege IAM policies for AWS services
A tool that generates least privilege IAM policies for AWS services
A Lambda Function that disables AWS IAM User Access Keys after a set amount of time to reduce the risk associated with old access keys.
A Lambda Function that disables AWS IAM User Access Keys after a set amount of time to reduce the risk associated with old access keys.
Lists AWS resources using the AWS Cloud Control API and writes them to a JSON output file.
Lists AWS resources using the AWS Cloud Control API and writes them to a JSON output file.
A community-driven list of sample security analytics for auditing cloud usage and detecting threats in Google Cloud.
A community-driven list of sample security analytics for auditing cloud usage and detecting threats in Google Cloud.
IAM Zero detects IAM issues and suggests least-privilege policies for AWS and other cloud platforms.
IAM Zero detects IAM issues and suggests least-privilege policies for AWS and other cloud platforms.
Repokid uses Access Advisor to remove unused service permissions from IAM roles in AWS.
Repokid uses Access Advisor to remove unused service permissions from IAM roles in AWS.
A tool for identifying security issues in CloudFormation templates.
Analyzes CloudTrail data of a given AWS account and generates a summary of recently active IAM principals, API calls they made, as well as regions, IP addresses and user agents they used.
Analyzes CloudTrail data of a given AWS account and generates a summary of recently active IAM principals, API calls they made, as well as regions, IP addresses and user agents they used.
Collection of scripts and resources for DevSecOps, Security Automation and Automated Incident Response Remediation.
Collection of scripts and resources for DevSecOps, Security Automation and Automated Incident Response Remediation.
Centralized workforce identity management for AWS applications.
A Terraform module to set up a secure AWS account configuration baseline
A Terraform module to set up a secure AWS account configuration baseline
A security tool that monitors AWS objects for ownership attribution, detects domain hijacking, and verifies security services.
A security tool that monitors AWS objects for ownership attribution, detects domain hijacking, and verifies security services.
Redirects EC2 metadata API traffic to a container that retrieves temporary AWS credentials and proxies other calls to the EC2 metadata API.
An attacker can create a new IAM policy version and set it as the default version without requiring the iam:SetDefaultPolicyVersion permission.
An attacker can create a new IAM policy version and set it as the default version without requiring the iam:SetDefaultPolicyVersion permission.
Tool for visualizing and analyzing control paths in Active Directory to determine access privileges and permissions.
Tool for visualizing and analyzing control paths in Active Directory to determine access privileges and permissions.
A NodeJS/Typescript library for generating IAM Policy Actions Statements for AWS CDK with predefined constants and a factory class.
Open-source tool for analyzing AWS temporary tokens to detect malicious activity.
Open-source tool for analyzing AWS temporary tokens to detect malicious activity.
OpenIAM offers a unified identity governance platform featuring CIAM, MFA, and PAM integration.
A script and library for identifying risks in AWS IAM configuration
A script and library for identifying risks in AWS IAM configuration
AWS IAM Security Assessment tool for identifying violations of least privilege and generating risk-prioritized reports.
AWS IAM Security Assessment tool for identifying violations of least privilege and generating risk-prioritized reports.
A web service for easier AWS IAM permissions and credential management with various login methods and IAM Self-Service Wizard.
A web service for easier AWS IAM permissions and credential management with various login methods and IAM Self-Service Wizard.
AirIAM is an AWS IAM to least privilege Terraform execution framework that compiles AWS IAM usage and leverages that data to create a least-privilege IAM Terraform.
AirIAM is an AWS IAM to least privilege Terraform execution framework that compiles AWS IAM usage and leverages that data to create a least-privilege IAM Terraform.
An AWS resource policy security checkup tool that identifies public, external account access, intra-org account access, and private resources.
An AWS resource policy security checkup tool that identifies public, external account access, intra-org account access, and private resources.
Runs IAM policy linting checks against AWS accounts to identify security best practices and policy errors.
Runs IAM policy linting checks against AWS accounts to identify security best practices and policy errors.
CloudTracker helps identify over-privileged IAM users and roles by analyzing CloudTrail logs.
CloudTracker helps identify over-privileged IAM users and roles by analyzing CloudTrail logs.
A proof of concept for using the SSM Agent in Fargate for incident response
A proof of concept for using the SSM Agent in Fargate for incident response
Zeus is a powerful tool for AWS EC2 / S3 / CloudTrail / CloudWatch / KMS best hardening practices with a focus on Identity and Access Management.
Zeus is a powerful tool for AWS EC2 / S3 / CloudTrail / CloudWatch / KMS best hardening practices with a focus on Identity and Access Management.