Axiom
Axiom is a dynamic infrastructure framework that efficiently works with multi-cloud environments, allowing users to build and deploy repeatable infrastructure focused on offensive and defensive security. It pre-installs chosen tools onto a 'base image' for easy deployment of fresh instances, enabling quick access to various tools for bug hunters and pentesters. Axiom's immutable infrastructure feature simplifies the process of spinning up multiple disposable instances for distributed scans, such as nmap, ffuf, and screenshotting. With support for multiple cloud providers and the ability to distribute scans across numerous instances rapidly, Axiom streamlines the process of scanning large sets of targets.
FEATURES
SIMILAR TOOLS
A Python script that lists all main resources of your AWS account, helping you find resources that affect billing and/or security.
Monitors AWS and GCP accounts for policy changes and alerts on insecure configurations, with support for OpenStack and GitHub monitoring.
LogRhythm SIEM is a comprehensive security information and event management platform that collects, analyzes, and responds to security events across an organization's IT infrastructure.
A graph-based tool for visualizing effective access and resource relationships within AWS
Cloud Custodian (c7n) is a rules engine for managing public cloud accounts and resources with a focus on security, compliance, and cost optimization.
Cloud security platform that provides configuration monitoring, compliance management, and security analysis across multi-cloud environments.
Create Docker container images for testing and long-term use.
Detect off-instance key usage in AWS by analyzing CloudTrail files locally.
A tool for building Open Container Initiative (OCI) container images with various functionalities.
PINNED
Mandos
Fractional CISO service that helps B2B companies implement security leadership to win enterprise deals, achieve compliance, and develop strategic security programs.
Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.