AWS Config Rules Repository
AWS Community repository of custom Config rules. Contributions welcome. Instructions for leveraging these rules are below. Please review each rule carefully and test within your dev/test environment before integrating into production. Getting started with the development of AWS Config Rules See the CONTRIBUTING.md. Related Projects: RDK (Rule Development Kit) - https://github.com/awslabs/aws-config-rdk RDKLib (Library to run rules at scale) - https://github.com/awslabs/aws-config-rdklib Config Rules Engine (Deploy and manage Rules at scale) - https://github.com/awslabs/aws-config-engine-for-compliance-as-code Deploy one of the Config rules of this repo. Whenever the rules are created with RDK, you can leverage the RDK tool to deploy the rule in your AWS account. You can spot those rules by the fact that 1) they have their own directory, and 2) there is a parameters.json file. With the RDK: In your working folder, git clone https://github.com/awslabs/aws-config-rules cd python rdk deploy NAME_OF_THE_RULE Manually: You can use the sample functions in this repository to create Config rules that evaluate the configuration settings of your AWS resources.
FEATURES
EXPLORE BY TAGS
SIMILAR TOOLS
A case management platform for Security Operations Centers that enables collaborative incident response, workflow automation, and compliance reporting throughout the cybersecurity incident response lifecycle.
Web-based tool for incident response with easy local installation using Docker.
An AI-powered SOC automation platform that performs autonomous alert triage, investigation, and incident response while augmenting human analyst capabilities.
Open-source, free, and scalable cyber threat intelligence and security incident response solution with improved performance and new features.
A standardized framework for describing and classifying cybersecurity incidents
A public incident response process documentation used at PagerDuty
Todyl is a modular cybersecurity platform that consolidates SASE, SIEM, EDR/NGAV, MXDR, and GRC capabilities into a single-agent solution with centralized management.
Anvilogic is a SIEM platform that streamlines detection engineering, offers cost-effective data management, and enhances threat detection capabilities.
PINNED
Mandos
Fractional CISO service that helps B2B companies implement security leadership to win enterprise deals, achieve compliance, and develop strategic security programs.
Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.