AWS Auto Remediate is an automated security compliance remediation system that integrates with AWS Config to address security violations in real-time. The system operates through a serverless architecture using AWS Lambda functions triggered by SQS queues. When AWS Config detects non-compliance events, they are filtered through a CloudWatch Event rule and sent to the auto-remediate-config-compliance SQS queue. The Lambda function processes these compliance payloads and attempts to automatically remediate identified security concerns. Failed remediation attempts are sent to a dead letter queue (DLQ) with retry logic that tracks attempt counts through message attributes. When the retry count exceeds the configured RETRYCOUNT variable, messages are no longer processed. For AWS Config events that have no corresponding remediation logic, the system forwards the payload to an SNS topic for manual review or alternative handling. The tool provides automated response capabilities for AWS security misconfigurations, reducing manual intervention requirements and improving security posture maintenance across AWS environments.
FEATURES
EXPLORE BY TAGS
SIMILAR TOOLS
FestIn discovers open S3 buckets associated with a domain using crawling and DNS reconnaissance techniques.
S3Scanner is an open-source tool that scans S3 buckets across S3-compatible APIs to identify misconfigurations and security vulnerabilities.
A command-line security auditing tool that performs Lynis-based security assessments across AWS, GCP, Azure, and DigitalOcean cloud platforms.
A search engine for open Amazon S3 buckets and their contents, allowing users to search for files using keywords, filename extensions, and full path.
A framework for analyzing container images, running scripts inside containers, and gathering information for static analysis and policy enforcement.
Kube-bench is a security assessment tool that validates Kubernetes deployments against CIS Kubernetes Benchmark standards through automated configuration checks.
AWS Vault securely stores AWS IAM credentials in the operating system's keystore and generates temporary credentials for development environments.
A Docker security vulnerability where disabling inter-container communication (ICC) fails to block raw ethernet frames, allowing unexpected data transfer between containers via raw sockets.
A community-driven repository of pre-built security analytics queries and rules for monitoring and detecting threats in Google Cloud environments across various log sources and activity types.
PINNED

Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.

Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.

DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.