AWS Config Rules Repository Logo

AWS Config Rules Repository

0
Free
Visit Website

AWS Community repository of custom Config rules. Contributions welcome. Instructions for leveraging these rules are below. Please review each rule carefully and test within your dev/test environment before integrating into production. Getting started with the development of AWS Config Rules See the CONTRIBUTING.md. Related Projects: RDK (Rule Development Kit) - https://github.com/awslabs/aws-config-rdk RDKLib (Library to run rules at scale) - https://github.com/awslabs/aws-config-rdklib Config Rules Engine (Deploy and manage Rules at scale) - https://github.com/awslabs/aws-config-engine-for-compliance-as-code Deploy one of the Config rules of this repo. Whenever the rules are created with RDK, you can leverage the RDK tool to deploy the rule in your AWS account. You can spot those rules by the fact that 1) they have their own directory, and 2) there is a parameters.json file. With the RDK: In your working folder, git clone https://github.com/awslabs/aws-config-rules cd python rdk deploy NAME_OF_THE_RULE Manually: You can use the sample functions in this repository to create Config rules that evaluate the configuration settings of your AWS resources.

FEATURES

ALTERNATIVES

PacBot is a platform for continuous compliance monitoring, compliance reporting, and security automation for the cloud, with a plugin-based data ingestion architecture.

Datadog offers a comprehensive suite of cybersecurity tools for various aspects of application and infrastructure monitoring.

Anomali is an AI-Powered Security Operations Platform that delivers speed, scale, and performance at a reduced cost, combining ETL, SIEM, XDR, SOAR, and TIP to detect, investigate, respond, and remediate threats.

Network Intelligence is a cybersecurity services provider offering comprehensive security solutions through their ADVISE framework, including detection and response, compliance, data privacy, and secure digital transformation services across multiple industries.

Dropzone AI is an autonomous AI agent for SOCs that performs end-to-end investigations of security alerts, integrating with existing cybersecurity tools and data sources.

A Sysmon configuration file template with detailed explanations and tutorial-like features.

jimi is an orchestration automation tool for multi-team collaboration and automation in IT/Security operations, Development, and CI/CD pipelines.

An AI-powered platform that automates threat hunting and analysis by processing cyber threat intelligence and generating customized hunt packages for SOC teams.