Kubespot (AWS) AWS EKS Setup for PCI-DSS, SOC2, HIPAA
Kubespot is a light wrapper around AWS EKS, providing a customized setup for PCI-DSS, SOC2, and HIPAA compliance. It includes locked down security groups, private subnets, and other compliance-related requirements. It also includes locked down RDS and Elasticache if needed, a single Load Balancer for reduced costs, KEDA for scaling on event metrics, and Karpenter for autoscaling. Instance are lockdown with encryption, and a regular node cycle rate is set. It is distributed as an open source terraform module, allowing you to run it within your own AWS account without lock-in.
FEATURES
ALTERNATIVES
Generate Amazon GuardDuty findings related to real AWS resources with multiple tests available.
A framework for executing attacker actions in the cloud with YAML-based format for defining TTPs and detection properties, deployable via AWS-native CI/CD pipeline.
LogRhythm SIEM is a comprehensive security information and event management platform that collects, analyzes, and responds to security events across an organization's IT infrastructure.
Cloud Custodian (c7n) is a rules engine for managing public cloud accounts and resources with a focus on security, compliance, and cost optimization.
Export Kubernetes events for observability and alerting purposes with flexible routing options.
Tool for analyzing cloud resources against best practices and generating reports.
A small project for continuous auditing of internet-facing AWS services
PINNED
Fabric Platform by BlackStork
Fabric Platform is a cybersecurity reporting solution that automates and standardizes report generation, offering a private-cloud platform, open-source tools, and community-supported templates.
Mandos Brief Newsletter
Stay ahead in cybersecurity. Get the week's top cybersecurity news and insights in 8 minutes or less.
Wiz
Wiz Cloud Security Platform is a cloud-native security platform that enables security, dev, and devops to work together in a self-service model, detecting and preventing cloud security threats in real-time.
Adversa AI
Adversa AI is a cybersecurity company that provides solutions for securing and hardening machine learning, artificial intelligence, and large language models against adversarial attacks, privacy issues, and safety incidents across various industries.