Explore 13 curated tools and resources
Want your tool featured here?
Get maximum visibility with pinned placement
Policy Sentry is an automated IAM policy generator that helps developers create least privilege AWS IAM policies through a template-based workflow.
Policy Sentry is an automated IAM policy generator that helps developers create least privilege AWS IAM policies through a template-based workflow.
TerraGoat is a deliberately vulnerable Terraform repository that demonstrates common cloud infrastructure misconfigurations for training and testing security tools.
TerraGoat is a deliberately vulnerable Terraform repository that demonstrates common cloud infrastructure misconfigurations for training and testing security tools.
A multi-account AWS security tool that identifies misconfigurations, provides real-time reporting, and performs automated remediation to establish secure cloud guardrails.
A multi-account AWS security tool that identifies misconfigurations, provides real-time reporting, and performs automated remediation to establish secure cloud guardrails.
A Terraform module that establishes security baseline configurations for AWS accounts based on CIS benchmarks and AWS security best practices.
A Terraform module that establishes security baseline configurations for AWS accounts based on CIS benchmarks and AWS security best practices.
A Terraform tool that creates intentionally misconfigured AWS infrastructure with 84 vulnerabilities across 22 services for security training and testing purposes.
A Terraform tool that creates intentionally misconfigured AWS infrastructure with 84 vulnerabilities across 22 services for security training and testing purposes.
A distributed AWS security auditing tool that continuously enumerates and scans internet-facing AWS services to identify potentially misconfigured resources.
A distributed AWS security auditing tool that continuously enumerates and scans internet-facing AWS services to identify potentially misconfigured resources.
BlueTeam.Lab provides Terraform and Ansible scripts to deploy an orchestrated detection laboratory for testing attacks and forensic artifacts in a SOC-like Windows environment.
BlueTeam.Lab provides Terraform and Ansible scripts to deploy an orchestrated detection laboratory for testing attacks and forensic artifacts in a SOC-like Windows environment.
Terrascan is a static code analyzer that scans Infrastructure as Code for security misconfigurations and compliance violations across multiple cloud platforms and container environments.
Terrascan is a static code analyzer that scans Infrastructure as Code for security misconfigurations and compliance violations across multiple cloud platforms and container environments.
A Terraform module that provides a compliance-focused AWS EKS setup with security hardening for PCI-DSS, SOC2, and HIPAA requirements.
A Terraform module that provides a compliance-focused AWS EKS setup with security hardening for PCI-DSS, SOC2, and HIPAA requirements.
A tool that generates Terraform files for creating Azure Policy Initiatives to implement cloud security guardrails and enforce organizational standards at scale.
A tool that generates Terraform files for creating Azure Policy Initiatives to implement cloud security guardrails and enforce organizational standards at scale.
A hands-on cybersecurity laboratory environment for Gray Hat Hacking Chapter 29 that creates virtualized Docker and Kali Linux machines using Terraform for practical security training exercises.
A hands-on cybersecurity laboratory environment for Gray Hat Hacking Chapter 29 that creates virtualized Docker and Kali Linux machines using Terraform for practical security training exercises.
AirIAM analyzes AWS IAM usage patterns and generates least-privilege Terraform configurations to optimize cloud access management.
Checkov is a static analysis tool that scans infrastructure as code and performs software composition analysis to detect security misconfigurations and vulnerabilities in cloud infrastructure and dependencies.
Checkov is a static analysis tool that scans infrastructure as code and performs software composition analysis to detect security misconfigurations and vulnerabilities in cloud infrastructure and dependencies.