Security Automation

Krampus is an AWS resource management tool that automates the deletion and disabling of cloud objects based on JSON task files for security remediation and cost control.

A tool for creating encrypted volumes with self-destruction capabilities that automatically destroy data when tampering is detected or commands are issued.

A defense-in-depth security automation framework for AWS that combines threat intelligence, machine learning, and serverless technologies to prevent, detect, and respond to threats through automated security telemetry collection and analysis.

An automated security response system for Google Cloud that processes Security Command Center findings and executes predefined remediation actions like disk snapshots, IAM revocation, and notifications.

A Lambda function that automatically disables AWS IAM User Access Keys after a specified time period to reduce security risks from aging credentials.

A bash-based anti-forensic script that monitors USB ports and triggers system shutdown when unauthorized devices are detected.

A toolkit that transforms PHP applications into web-based high-interaction Honeypots for monitoring and analyzing attacks.

A panic button application that triggers coordinated emergency responses across multiple connected security applications and systems.

An open source repository of plugins for Rapid7 InsightConnect that enables security orchestration and automation through integrations with various security tools and services.

PacBot is a cloud security platform that provides continuous compliance monitoring, automated policy enforcement, and security reporting through policy-as-code implementation and multi-source data integration.

A comprehensive AWS security automation toolkit that provides event monitoring, data protection, resource management, and security configuration validation across AWS environments.

A multi-account AWS security tool that identifies misconfigurations, provides real-time reporting, and performs automated remediation to establish secure cloud guardrails.

IAM Zero detects identity and access management issues and automatically suggests least-privilege policies by analyzing application errors and access patterns in cloud environments.

Repokid automatically removes unused service permissions from AWS IAM role inline policies using Access Advisor data to implement least privilege access.

Scumblr is a web-based security automation platform that performs periodic data source synchronization and security analysis to help organizations proactively identify and track security issues.

A collection of AWS-native scripts and automation tools for DevSecOps, incident response, and security remediation in cloud environments.

aws-allowlister automatically generates AWS Service Control Policies that restrict access to only compliance-framework-approved AWS services.

Fast Intercept is a security automation platform that empowers users to maximize their existing security products and automate routine tasks.

A cross-platform security application that functions as a laptop kill cord, automatically locking or shutting down your computer when physically separated from you via a USB connection.

An automated AWS security compliance remediation system that uses Lambda functions and SQS queues to automatically fix security violations detected by AWS Config.

Open-source security automation platform for automating security alerts and building AI-assisted workflows.

Cloud Inquisitor is an AWS security tool that monitors resource ownership, detects domain hijacking, verifies security services, and manages IAM policies across multiple accounts.

A collection of automation scripts that quickly enable essential AWS security and compliance features that are not activated by default in AWS accounts.

A content repository for Cortex XSOAR that provides playbooks, automation scripts, and templates for security operations automation and orchestration.