Docker's Actuary
Docker's Actuary automates security best-practices checks for Docker containers.
Perimeterator is a small project intended to allow for continuous auditing of internet facing AWS services. It can be quickly deployed into AWS and will periodically enumerate internet-facing IP addresses for a number of commonly misconfigured AWS resources. The results from this enumeration process are pushed into a work queue for scanning by external scanner 'workers' in order to locate open network services. Scanner 'workers' can be deployed anywhere, and are intended to be deployed into non-trusted networks in order to provide a representation of access to services from the "general internet". Currently, the following AWS resource types are supported: EC2 ELB ELBv2 RDS ES All communication between Perimeterator components occurs asynchronously through the use of AWS SQS queues. Demo Getting Started / Deployment Perimeterator requires a few components in order to function. However, in order to make getting started as easy as possible, a number of Terraform configs have been provided inside of the terraform/ directory. To get started, please see the terraform/README.md file. Components Perimeterator has a number of components, due to its distributed nature. A brief overview of each component is provided below: * Scanner: Responsible for scanning IP addresses for open network services. * Worker: Responsible for processing work items from the SQS queue. * SQS Queue: Used to communicate between components.
Docker's Actuary automates security best-practices checks for Docker containers.
Azure Guardrails enables rapid enforcement of cloud security guardrails by generating Terraform files for Azure Policy Initiatives.
CloudDefense.AI is a Cloud Native Application Protection Platform (CNAPP) that safeguards cloud infrastructure and cloud-native apps with expertise, precision, and confidence.
A framework for executing attacker actions in the cloud with YAML-based format for defining TTPs and detection properties, deployable via AWS-native CI/CD pipeline.
A tool to fetch all public IP addresses associated with an AWS account
A workload policy enforcement tool for Kubernetes with various supported policies and configuration options.