Iam
Explore 53 curated tools and resources
PINNED
InfoSecHired
An AI-powered career platform that automates the creation of cybersecurity job application materials and provides company-specific insights for job seekers.
Commercial
Resources
Mandos Brief Newsletter
A weekly newsletter providing cybersecurity leadership insights, industry updates, and strategic guidance for security professionals advancing to management positions.
Free
Resources
Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
Commercial
Application Security
Check Point CloudGuard WAF
A cloud-native web application and API security solution that uses contextual AI to protect against known and zero-day threats without signature-based detection.
Commercial
Application Security
Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
Commercial
Cloud Security
DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.
Commercial
Application Security
Wiz
Wiz Cloud Security Platform is a cloud-native security platform that enables security, dev, and devops to work together in a self-service model, detecting and preventing cloud security threats in real-time.
Commercial
Cloud Security
LATEST ADDITIONS
A cloud native application protection platform that provides unified visibility, risk assessment, and remediation capabilities across multi-cloud and hybrid environments.
Pathlock is an identity security platform that provides compliance-focused governance, access management, and continuous controls monitoring across enterprise applications with particular emphasis on ERP systems.
Airlock Secure Access Hub is an integrated security platform that combines identity and access management with web application and API protection to secure digital applications while maintaining user experience.
A cloud-native application protection platform that provides comprehensive security monitoring, vulnerability management, and threat detection for cloud environments and container workloads.
A Non-Human Identity Management platform that provides discovery, security, and lifecycle management for machine identities across hybrid cloud environments.
A security platform that automates the deployment and management of security canaries across cloud infrastructure to detect potential intrusions and unauthorized access.
A platform that discovers, manages and secures non-human identities like service accounts, API keys and secrets across enterprise environments.
A cloud-based platform that discovers, monitors, and manages non-human identities and their associated credentials across cloud infrastructure.
An open-source credential management platform that provides end-to-end encrypted password sharing and storage capabilities for organizations.
A cloud native security platform that uses behavioral fingerprinting and runtime verification to detect threats across Kubernetes environments, cloud infrastructure, and software supply chains.
Permiso is an Identity Threat Detection and Response platform that provides comprehensive visibility and protection for identities across multiple cloud environments.
Okta Workforce Identity Cloud is an identity and access management platform that provides secure, streamlined access for an organization's workforce across various applications and resources.
Okta Customer Identity Cloud is a CIAM solution that provides secure, customizable identity management for consumer and SaaS applications.
AWS IAM Access Analyzer is a tool for implementing and maintaining least privilege access in AWS environments through automated analysis and validation of IAM policies and permissions.
A comprehensive analysis of AWS IAM Access Analyzer, evaluating its capabilities, limitations, and effectiveness in identifying publicly exposed AWS resources.
Akamai Enterprise Application Access is a ZTNA solution that provides secure, identity-based access to private applications without exposing the network.
A platform that helps companies automate the management of their SaaS identities and applications, providing visibility, security, and compliance across the organization's SaaS ecosystem.
A command-line tool to get valuable information out of AWS CloudTrail and a general purpose toolbox for working with IAM policies
Identify AWS IAM permissions by brute-forcing API calls.
Securely store and access AWS credentials in a development environment.
Automate actions on Security Command Center findings with automated disk snapshots, IAM grant revocation, and more.
A tool that generates least privilege IAM policies for AWS services
A CLI tool to simplify the use of AWS Systems Manager Session Manager
A Lambda Function that disables AWS IAM User Access Keys after a set amount of time to reduce the risk associated with old access keys.
Lists AWS resources using the AWS Cloud Control API and writes them to a JSON output file.
A community-driven list of sample security analytics for auditing cloud usage and detecting threats in Google Cloud.
IAM Zero detects IAM issues and suggests least-privilege policies for AWS and other cloud platforms.
Repokid uses Access Advisor to remove unused service permissions from IAM roles in AWS.
A tool for identifying security issues in CloudFormation templates.
Analyzes CloudTrail data of a given AWS account and generates a summary of recently active IAM principals, API calls they made, as well as regions, IP addresses and user agents they used.
Collection of scripts and resources for DevSecOps, Security Automation and Automated Incident Response Remediation.
Centralized workforce identity management for AWS applications.
A Terraform module to set up a secure AWS account configuration baseline
A security tool that monitors AWS objects for ownership attribution, detects domain hijacking, and verifies security services.
Redirects EC2 metadata API traffic to a container that retrieves temporary AWS credentials and proxies other calls to the EC2 metadata API.
An attacker can create a new IAM policy version and set it as the default version without requiring the iam:SetDefaultPolicyVersion permission.
Tool for visualizing and analyzing control paths in Active Directory to determine access privileges and permissions.
A NodeJS/Typescript library for generating IAM Policy Actions Statements for AWS CDK with predefined constants and a factory class.
Open-source tool for analyzing AWS temporary tokens to detect malicious activity.
OpenIAM offers a unified identity governance platform featuring CIAM, MFA, and PAM integration.
A script and library for identifying risks in AWS IAM configuration
AWS IAM Security Assessment tool for identifying violations of least privilege and generating risk-prioritized reports.
A web service for easier AWS IAM permissions and credential management with various login methods and IAM Self-Service Wizard.
AirIAM is an AWS IAM to least privilege Terraform execution framework that compiles AWS IAM usage and leverages that data to create a least-privilege IAM Terraform.
An AWS resource policy security checkup tool that identifies public, external account access, intra-org account access, and private resources.
Runs IAM policy linting checks against AWS accounts to identify security best practices and policy errors.
CloudTracker helps identify over-privileged IAM users and roles by analyzing CloudTrail logs.
A proof of concept for using the SSM Agent in Fargate for incident response
Zeus is a powerful tool for AWS EC2 / S3 / CloudTrail / CloudWatch / KMS best hardening practices with a focus on Identity and Access Management.