aws-allowlister
Automatically compile an AWS Service Control Policy that ONLY allows AWS services that are compliant with your preferred compliance frameworks. AWS Service Control Policies (SCPs) enable control over which AWS Service APIs are allowed at the AWS Account level, ensuring local administrators can't perform prohibited actions in a child account. Prior to aws-allowlister, creating AWS AllowList SCPs was error-prone, involving manual spreadsheet creation and maintenance. aws-allowlister simplifies this by automating the process, generating an AWS SCP policy based on preferred compliance frameworks.
FEATURES
ALTERNATIVES
S3Scanner scans for misconfigured S3 buckets across S3-compatible APIs, identifying potential security vulnerabilities and data exposure risks.
Cloudmarker is a cloud monitoring tool and framework that audits Azure and GCP cloud environments.
A framework for executing attacker actions in the cloud with YAML-based format for defining TTPs and detection properties, deployable via AWS-native CI/CD pipeline.
Comprehensive suite of tools and resources by Microsoft Azure for ensuring security and protection of data and applications in the cloud.
A tool for pillaging Docker registries to extract image manifests and configurations.
A collection of tools to debug and inspect Kubernetes resources and applications, managing eBPF programs execution and mapping kernel primitives to Kubernetes resources.
A dynamic infrastructure framework for efficient multi-cloud security operations and distributed scanning.
A tool for discovering company infrastructure and apps on major cloud providers, beneficial for bug bounty hunters and penetration testers.
PINNED
Fabric Platform by BlackStork
Fabric Platform is a cybersecurity reporting solution that automates and standardizes report generation, offering a private-cloud platform, open-source tools, and community-supported templates.
Mandos Brief Newsletter
Stay ahead in cybersecurity. Get the week's top cybersecurity news and insights in 8 minutes or less.
Wiz
Wiz Cloud Security Platform is a cloud-native security platform that enables security, dev, and devops to work together in a self-service model, detecting and preventing cloud security threats in real-time.
Adversa AI
Adversa AI is a cybersecurity company that provides solutions for securing and hardening machine learning, artificial intelligence, and large language models against adversarial attacks, privacy issues, and safety incidents across various industries.