Iam
Explore 44 curated tools and resources
LATEST ADDITIONS
A cloud native security platform that uses behavioral fingerprinting and runtime verification to detect threats across Kubernetes environments, cloud infrastructure, and software supply chains.
Permiso is an Identity Threat Detection and Response platform that provides comprehensive visibility and protection for identities across multiple cloud environments.
Okta Workforce Identity Cloud is an identity and access management platform that provides secure, streamlined access for an organization's workforce across various applications and resources.
Okta Customer Identity Cloud is a CIAM solution that provides secure, customizable identity management for consumer and SaaS applications.
AWS IAM Access Analyzer is a tool for implementing and maintaining least privilege access in AWS environments through automated analysis and validation of IAM policies and permissions.
A comprehensive analysis of AWS IAM Access Analyzer, evaluating its capabilities, limitations, and effectiveness in identifying publicly exposed AWS resources.
Akamai Enterprise Application Access is a ZTNA solution that provides secure, identity-based access to private applications without exposing the network.
A platform that helps companies automate the management of their SaaS identities and applications, providing visibility, security, and compliance across the organization's SaaS ecosystem.
A command-line tool to get valuable information out of AWS CloudTrail and a general purpose toolbox for working with IAM policies
Identify AWS IAM permissions by brute-forcing API calls.
Securely store and access AWS credentials in a development environment.
Automate actions on Security Command Center findings with automated disk snapshots, IAM grant revocation, and more.
A tool that generates least privilege IAM policies for AWS services
A CLI tool to simplify the use of AWS Systems Manager Session Manager
A Lambda Function that disables AWS IAM User Access Keys after a set amount of time to reduce the risk associated with old access keys.
Lists AWS resources using the AWS Cloud Control API and writes them to a JSON output file.
A community-driven list of sample security analytics for auditing cloud usage and detecting threats in Google Cloud.
IAM Zero detects IAM issues and suggests least-privilege policies for AWS and other cloud platforms.
Repokid uses Access Advisor to remove unused service permissions from IAM roles in AWS.
A tool for identifying security issues in CloudFormation templates.
Analyzes CloudTrail data of a given AWS account and generates a summary of recently active IAM principals, API calls they made, as well as regions, IP addresses and user agents they used.
Collection of scripts and resources for DevSecOps, Security Automation and Automated Incident Response Remediation.
Centralized workforce identity management for AWS applications.
A Terraform module to set up a secure AWS account configuration baseline
A security tool that monitors AWS objects for ownership attribution, detects domain hijacking, and verifies security services.
Redirects EC2 metadata API traffic to a container that retrieves temporary AWS credentials and proxies other calls to the EC2 metadata API.
An attacker can create a new IAM policy version and set it as the default version without requiring the iam:SetDefaultPolicyVersion permission.
Tool for visualizing and analyzing control paths in Active Directory to determine access privileges and permissions.
A NodeJS/Typescript library for generating IAM Policy Actions Statements for AWS CDK with predefined constants and a factory class.
Open-source tool for analyzing AWS temporary tokens to detect malicious activity.
OpenIAM offers a unified identity governance platform featuring CIAM, MFA, and PAM integration.
A script and library for identifying risks in AWS IAM configuration
AWS IAM Security Assessment tool for identifying violations of least privilege and generating risk-prioritized reports.
A web service for easier AWS IAM permissions and credential management with various login methods and IAM Self-Service Wizard.
AirIAM is an AWS IAM to least privilege Terraform execution framework that compiles AWS IAM usage and leverages that data to create a least-privilege IAM Terraform.
An AWS resource policy security checkup tool that identifies public, external account access, intra-org account access, and private resources.
Runs IAM policy linting checks against AWS accounts to identify security best practices and policy errors.
CloudTracker helps identify over-privileged IAM users and roles by analyzing CloudTrail logs.
A proof of concept for using the SSM Agent in Fargate for incident response
Zeus is a powerful tool for AWS EC2 / S3 / CloudTrail / CloudWatch / KMS best hardening practices with a focus on Identity and Access Management.
PINNED
InfoSecHired
An AI-powered career platform that automates the creation of cybersecurity job application materials and provides company-specific insights for job seekers.
Commercial
Resources
Fabric Platform by BlackStork
Fabric Platform is a cybersecurity reporting solution that automates and standardizes report generation, offering a private-cloud platform, open-source tools, and community-supported templates.
Free
Security Operations
Mandos Brief Newsletter
Stay ahead in cybersecurity. Get the week's top cybersecurity news and insights in 8 minutes or less.
Free
Blogs and News
Wiz
Wiz Cloud Security Platform is a cloud-native security platform that enables security, dev, and devops to work together in a self-service model, detecting and preventing cloud security threats in real-time.
Commercial
Cloud Security
RoboShadow
A cybersecurity platform that offers vulnerability scanning, Windows Defender and 3rd party AV management, and MFA compliance reporting, among other features.
Commercial
Vulnerability Management
Adversa AI
Adversa AI is a cybersecurity company that provides solutions for securing and hardening machine learning, artificial intelligence, and large language models against adversarial attacks, privacy issues, and safety incidents across various industries.
Commercial
AI Security