DataCop
DataCop is a custom AWS framework that mitigates S3 bucket attack vectors based on customer configuration. By default, this framework relies on AWS Macie results to automatically block S3 buckets that contain PII or any classified information. However, this framework supports the following third party services: Trend Micro CloudOne File Storage Security (FSS). Features: - Automatically provisioned infrastructure with AWS CDK - Configurable settings for bucket blocking for Macie and FSS - Event-driven S3 bucket blocking - Highly scalable and extensible Setup & Installation Requirements: In order to install and deploy DataCop, you need to ensure that you have Python 3.8+ installed. Installation: The installation process for DataCop is fairly straightforward. Please follow the steps outlined below: 1. Configure your config.ini file. This file is EXTREMELY IMPORTANT, and it must be filled out properly before you deploy DataCop. An example of the file with an explanation of the key/value pairs can be found in the documentation.
FEATURES
ALTERNATIVES
Analyzes CloudTrail data of a given AWS account and generates a summary of recently active IAM principals, API calls they made, as well as regions, IP addresses and user agents they used.
Exploit that launches a process on the host from within a Docker container run with the --privileged flag by abusing the Linux cgroup v1 “notification on release” feature.
A tool that determines what AWS API calls are logged by CloudTrail and what they are logged as, and can also be used as an attack simulation framework.
An open-sourced framework for managing resources across hundreds of AWS Accounts
Gatekeeper is a policy management tool for Kubernetes that provides an extensible, parameterized policy library and native Kubernetes CRDs for instantiating and extending the policy library.
A small project for continuous auditing of internet-facing AWS services
A CLI tool and Go library for generating a Software Bill of Materials (SBOM) from container images and filesystems.
A tool for discovering company infrastructure and apps on major cloud providers, beneficial for bug bounty hunters and penetration testers.
PINNED
InfoSecHired
An AI-powered career platform that automates the creation of cybersecurity job application materials and provides company-specific insights for job seekers.
Mandos Brief Newsletter
A weekly newsletter providing cybersecurity leadership insights, industry updates, and strategic guidance for security professionals advancing to management positions.
Kriptos
An AI-driven data classification and governance platform that automatically discovers, analyzes, and labels sensitive information while providing risk management and compliance capabilities.
System Two Security
An AI-powered platform that automates threat hunting and analysis by processing cyber threat intelligence and generating customized hunt packages for SOC teams.
Aikido Security
Aikido is an all-in-one security platform that combines multiple security scanning and management functions for cloud-native applications and infrastructure.
Permiso
Permiso is an Identity Threat Detection and Response platform that provides comprehensive visibility and protection for identities across multiple cloud environments.
Wiz
Wiz Cloud Security Platform is a cloud-native security platform that enables security, dev, and devops to work together in a self-service model, detecting and preventing cloud security threats in real-time.
Adversa AI
Adversa AI is a cybersecurity company that provides solutions for securing and hardening machine learning, artificial intelligence, and large language models against adversarial attacks, privacy issues, and safety incidents across various industries.