aws-security-viz is a visualization tool that generates graphical representations of AWS EC2 security group configurations. The tool analyzes security group ingress rules and creates visual diagrams to help understand network access patterns and security configurations. The tool supports both EC2 Classic and VPC security groups, allowing users to visualize their current AWS security posture. It can output diagrams in multiple formats supported by Graphviz, including SVG and other standard image formats. Users can generate visualizations directly by providing AWS credentials, or by using existing security group data exported from AWS CLI in JSON format. The tool includes a web-based navigator feature that creates interactive HTML visualizations for viewing security group relationships in a browser. Installation requires Ruby gems and Graphviz as dependencies. The tool can be run locally or through Docker containers for users who prefer not to install dependencies directly on their systems.
FEATURES
SIMILAR TOOLS
TerraGoat is a deliberately vulnerable Terraform repository that demonstrates common cloud infrastructure misconfigurations for training and testing security tools.
A community-driven repository of pre-built security analytics queries and rules for monitoring and detecting threats in Google Cloud environments across various log sources and activity types.
Cloudmarker is a configurable cloud monitoring tool and framework that audits Azure and GCP environments by retrieving, analyzing, and alerting on cloud security data.
A deprecated Kubernetes workload policy enforcement tool that helped secure multi-tenant clusters through various security policies and configurations.
LambdaGuard is an AWS Lambda auditing tool that provides security configuration checks, statistical analysis, and service dependency mapping for serverless functions.
AWS Vault securely stores AWS IAM credentials in the operating system's keystore and generates temporary credentials for development environments.
CloudSploit by Aqua is an open-source multi-cloud security scanning tool that detects security risks and compliance issues across AWS, Azure, GCP, OCI, and GitHub platforms.
A framework for analyzing container images, running scripts inside containers, and gathering information for static analysis and policy enforcement.
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
PINNED

Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.

Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.

DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.