Kubespot is a light wrapper around AWS EKS, providing a customized setup for PCI-DSS, SOC2, and HIPAA compliance. It includes locked down security groups, private subnets, and other compliance-related requirements. It also includes locked down RDS and Elasticache if needed, a single Load Balancer for reduced costs, KEDA for scaling on event metrics, and Karpenter for autoscaling. Instance are lockdown with encryption, and a regular node cycle rate is set. It is distributed as an open source terraform module, allowing you to run it within your own AWS account without lock-in.
FEATURES
EXPLORE BY TAGS
SIMILAR TOOLS
A framework to analyze container images and gather useful information.
Cloud Security Suite (cs-suite) - Version 3.0 Usage for cloud security audits on AWS, GCP, Azure, and DigitalOcean.
Kube-bench is a tool for checking Kubernetes security based on CIS Kubernetes Benchmark.
An AWS Lambda auditing tool that provides asset visibility and actionable results through statistical analysis and security checks.
In-depth analysis and insights on various cloud security topics by Rhino Security Labs team
A search engine for open Amazon S3 buckets and their contents, allowing users to search for files using keywords, filename extensions, and full path.
Tool for assessing compliance and running vulnerability scans on Docker images.
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
A collection of security workshops and hands-on content for AWS security services and techniques
PINNED

Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.

Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.

DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.