CloudSploit by Aqua is an open-source project designed to allow detection of security risks in cloud infrastructure accounts, including: Amazon Web Services (AWS), Microsoft Azure, Google Cloud Platform (GCP), Oracle Cloud Infrastructure (OCI), and GitHub. Deployment Options: - Self-Hosted - Hosted at Aqua Wave Installation Configuration: - Amazon Web Services - Microsoft Azure - Google Cloud Platform - Oracle Cloud Infrastructure CloudSploit Config File Credential Files Environment Variables Running CLI Options: - Compliance (HIPAA, PCI, CIS Benchmarks) - Output Formats (Console Output, Ignoring Passing Results, CSV, JSON, JUnit XML) - Collection Output - Suppressions - Running a Single Plugin Architecture Writing a Plugin Other Notes
FEATURES
ALTERNATIVES
Tool for analyzing cloud resources against best practices and generating reports.
Stay up-to-date on the latest trends and developments in AWS Cloud Security with this weekly digest newsletter.
A detection-as-code platform for streamlining cloud security operations and responding to security incidents.
S3Scanner scans for misconfigured S3 buckets across S3-compatible APIs, identifying potential security vulnerabilities and data exposure risks.
A CLI tool and Go library for generating a Software Bill of Materials (SBOM) from container images and filesystems.
Open source multi-cloud security-auditing tool for assessing security posture of cloud environments.
Conmachi is a Golang tool for scanning container environments for security issues.
Metabadger helps prevent SSRF attacks on AWS EC2 by automating upgrades to the more secure Instance Metadata Service v2 (IMDSv2).
PINNED
Fabric Platform by BlackStork
Fabric Platform is a cybersecurity reporting solution that automates and standardizes report generation, offering a private-cloud platform, open-source tools, and community-supported templates.
Mandos Brief Newsletter
Stay ahead in cybersecurity. Get the week's top cybersecurity news and insights in 8 minutes or less.
Wiz
Wiz Cloud Security Platform is a cloud-native security platform that enables security, dev, and devops to work together in a self-service model, detecting and preventing cloud security threats in real-time.
Adversa AI
Adversa AI is a cybersecurity company that provides solutions for securing and hardening machine learning, artificial intelligence, and large language models against adversarial attacks, privacy issues, and safety incidents across various industries.