Repokid uses Access Advisor provided by Aardvark to remove permissions granting access to unused services from the inline policies of IAM roles in an AWS account. Getting Started: - Install mkvirtualenv repokid - git clone git@github.com:Netflix/repokid.git - cd repokid - pip install -e . - repokid config config.json DynamoDB: - You will need a DynamoDB table called repokid_roles (specify account and endpoint in dynamo_db in config file). - The table should have RoleId (string) as a primary partition key, no primary sort key. - A global secondary index named Account with a primary partition key of Account and RoleId and Account as projected attributes. - A global secondary index named RoleName with a primary partition key of RoleName and RoleId and RoleName as projected attributes. - For development, you can run dynamo locally. To run locally: docker-compose up. The endpoint for DynamoDB will be http://localhost:8000. A DynamoDB admin panel can be found at http://localhost:8001. If you run the development version the table and index will be created for you automatically. IAM Permissions: - Repokid needs an IAM Role in each account that will be queried.
FEATURES
ALTERNATIVES
Zoho Vault is a secure password management tool that allows you to store and automatically fill in passwords on websites and apps.
Akamai Account Protector is a cybersecurity tool that prevents account abuse by detecting and mitigating fraudulent activities through user behavior analysis and real-time risk scoring.
Akamai Identity Cloud is a CIAM solution that manages customer identities, enhances user experiences, and ensures data protection and regulatory compliance for high-volume consumer brands.
PINNED
InfoSecHired
An AI-powered career platform that automates the creation of cybersecurity job application materials and provides company-specific insights for job seekers.
Fabric Platform by BlackStork
Fabric Platform is a cybersecurity reporting solution that automates and standardizes report generation, offering a private-cloud platform, open-source tools, and community-supported templates.
Mandos Brief Newsletter
Stay ahead in cybersecurity. Get the week's top cybersecurity news and insights in 8 minutes or less.
System Two Security
An AI-powered platform that automates threat hunting and analysis by processing cyber threat intelligence and generating customized hunt packages for SOC teams.
Aikido Security
Aikido is an all-in-one security platform that combines multiple security scanning and management functions for cloud-native applications and infrastructure.
Permiso
Permiso is an Identity Threat Detection and Response platform that provides comprehensive visibility and protection for identities across multiple cloud environments.
Wiz
Wiz Cloud Security Platform is a cloud-native security platform that enables security, dev, and devops to work together in a self-service model, detecting and preventing cloud security threats in real-time.
Adversa AI
Adversa AI is a cybersecurity company that provides solutions for securing and hardening machine learning, artificial intelligence, and large language models against adversarial attacks, privacy issues, and safety incidents across various industries.