Policy

A compliance management platform that simplifies CMMC Level 1 certification for defense contractors through guided workflows, policy templates, and evidence management tools.

Automated security design review platform for developers

A reverse proxy solution that provides data access control, monitoring, and security policy enforcement for databases and APIs within organization's infrastructure.

AWS IAM Access Analyzer is a tool for implementing and maintaining least privilege access in AWS environments through automated analysis and validation of IAM policies and permissions.

A security toolkit for Amazon S3 that provides bucket scanning, policy validation, ACL management, and encryption features to identify and remediate S3 security vulnerabilities.

TrailScraper is a command-line tool for extracting information from AWS CloudTrail logs and generating IAM policies based on actual API usage patterns.

Allstar is a GitHub App that continuously monitors repositories and organizations for security policy violations, creating alerts when best practices are not followed.

Access Undenied on AWS analyzes CloudTrail AccessDenied events to explain access denial reasons and provide least-privilege remediation suggestions.

Policy Sentry is an automated IAM policy generator that helps developers create least privilege AWS IAM policies through a template-based workflow.

An open-source policy-as-code platform that analyzes multi-cloud and SaaS environments using SQL and YAML policies with GPT integration for security, cost, and architecture assessments.

SharpAppLocker is a C# tool that retrieves AppLocker application control policies from Windows systems, replicating the Get-AppLockerPolicy PowerShell cmdlet functionality.

Cloud Custodian is a YAML-based rules engine that manages and enforces security, compliance, and cost optimization policies across AWS, Azure, and GCP cloud environments in real-time.

CustomProcessor is a policy management tool that enables users to create and manage custom policies for IETF policy frameworks through a user-friendly interface.

PacBot is a cloud security platform that provides continuous compliance monitoring, automated policy enforcement, and security reporting through policy-as-code implementation and multi-source data integration.

TerraGoat is a deliberately vulnerable Terraform repository that demonstrates common cloud infrastructure misconfigurations for training and testing security tools.

IAM Zero detects identity and access management issues and automatically suggests least-privilege policies by analyzing application errors and access patterns in cloud environments.

IAMSpy is a library that uses the Z3 prover to analyze AWS IAM policies and query whether specific actions are allowed or denied.

A Microsoft Word template library for implementing industrial information security management systems with documentation for policy, risk management, business continuity, and incident handling.

aws-allowlister automatically generates AWS Service Control Policies that restrict access to only compliance-framework-approved AWS services.

A framework for analyzing container images, running scripts inside containers, and gathering information for static analysis and policy enforcement.

A tool that generates Terraform files for creating Azure Policy Initiatives to implement cloud security guardrails and enforce organizational standards at scale.

Romana automates cloud-native network isolation and distributed firewall policies for Kubernetes and OpenStack environments using topology-aware IPAM without overlays.

A NodeJS/TypeScript library that generates IAM Policy Actions Statements for AWS services with predefined constants and factory classes for AWS CDK integration.

A command-line interface tool for managing container image security analysis, vulnerability scanning, and policy enforcement through the Anchore Engine REST API.