AWS Security Automation
Collection of scripts and resources for DevSecOps, Security Automation and Automated Incident Response Remediation. IAM Access Denied Responder: This example solution will setup an automated response to an access denied event that occurs within a CloudTrail event, a Failed authentication attempt to the AWS console, or a Client.UnauthorizedOperation event occurs. EC2 Auto Clean Room Forensics: This example solution will take an instance ID from an SNS topic and through a series of AWS Lambda functions co-ordinated by AWS Step Functions will automatically notify, isolate and run basic forensics on the identified instance. CloudTrailRemediation: Demo script to automatically restart CloudTrail. The script have placeholders for forensics etc. to avoid enabling CloudTrail without finding the causing user. force-user-mfa: Demo script to automatically create and attach virtual MFA to any newly created IAM user. The use can fetch the MFA Seed themselves using AWS CLI. Copyright 2016 Amazon.com, Inc. or its affiliates. All Rights Reserved. Licensed under the Apache License, Version 2.0 (the 'License'). You may not use this file except in compliance with the License. A copy
FEATURES
ALTERNATIVES
Dispatch helps manage security incidents by integrating with existing tools and automating incident response tasks.
Dropzone AI is an autonomous AI agent for SOCs that performs end-to-end investigations of security alerts, integrating with existing cybersecurity tools and data sources.
CrowdStrike Falcon Orchestrator is a Windows-based application for workflow automation and security response.
Anomali is an AI-Powered Security Operations Platform that delivers speed, scale, and performance at a reduced cost, combining ETL, SIEM, XDR, SOAR, and TIP to detect, investigate, respond, and remediate threats.
A modular incident response framework in Powershell that uses Powershell Remoting to collect data for incident response and breach hunts.
A panic button app for triggering a ripple effect across apps responding to panic events
PINNED
InfoSecHired
An AI-powered career platform that automates the creation of cybersecurity job application materials and provides company-specific insights for job seekers.
Fabric Platform by BlackStork
Fabric Platform is a cybersecurity reporting solution that automates and standardizes report generation, offering a private-cloud platform, open-source tools, and community-supported templates.
Mandos Brief Newsletter
Stay ahead in cybersecurity. Get the week's top cybersecurity news and insights in 8 minutes or less.
Wiz
Wiz Cloud Security Platform is a cloud-native security platform that enables security, dev, and devops to work together in a self-service model, detecting and preventing cloud security threats in real-time.
RoboShadow
A cybersecurity platform that offers vulnerability scanning, Windows Defender and 3rd party AV management, and MFA compliance reporting, among other features.
Adversa AI
Adversa AI is a cybersecurity company that provides solutions for securing and hardening machine learning, artificial intelligence, and large language models against adversarial attacks, privacy issues, and safety incidents across various industries.