AWS Security Architectures
Receive many types of events for all regions using EventBridge. Detect private info(PII, etc.) on EC2 instances for all regions using Macie, SSM, etc. Set EC2 instance profile automatically. Delete resources for unused or no tags, etc using lambda function. Create RolesAnywhere using custom private certificate. Create security-group-rules-checker for checking security group rules.
FEATURES
SIMILAR TOOLS
A defense-in-depth security automation and monitoring framework utilizing threat intelligence, machine learning, and serverless technologies.
A proof of concept for using the SSM Agent in Fargate for incident response
Wazuh is an open-source security platform offering unified XDR and SIEM protection for endpoints and cloud workloads, integrating various security functions into a single architecture.
WithSecure Elements Cloud is a modular cybersecurity platform that combines AI-powered software and expert services to provide comprehensive protection across endpoints, identities, and cloud environments.
Shuffle Automation provides an open-source platform for security orchestration, automation, and response.
WALKOFF is an automation framework for integrating capabilities and devices to streamline tasks.
Incident response framework focused on remote live forensics
Tool to bypass endpoint solutions blocking known 'malicious' signed applications by obtaining valid signed files with different hashes.
CrowdStrike Charlotte AI is a conversational AI assistant that accelerates security operations by automating tasks and providing faster intelligence through generative AI capabilities.
PINNED
Mandos
Fractional CISO service that helps B2B companies implement security leadership to win enterprise deals, achieve compliance, and develop strategic security programs.
Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.