Scout Suite
Scout Suite is an open source multi-cloud security-auditing tool, which gathers configuration data using cloud providers' APIs for manual inspection, highlighting risk areas and providing a clear view of the attack surface automatically. It is designed by security consultants/auditors to offer a security-oriented view of the cloud account it was run in, with support for various cloud providers like AWS, Azure, GCP, Alibaba Cloud, Oracle Cloud, and Kubernetes clusters.
FEATURES
ALTERNATIVES
A Terraform module to set up a secure AWS account configuration baseline
Lists AWS resources using the AWS Cloud Control API and writes them to a JSON output file.
Stay up-to-date on the latest trends and developments in AWS Cloud Security with this weekly digest newsletter.
A collection of tools to debug and inspect Kubernetes resources and applications, managing eBPF programs execution and mapping kernel primitives to Kubernetes resources.
AWS Cloud Security offers security services and compliance tools for securing data and applications on AWS.
Implements a cloud version of the Shadow Copy attack against domain controllers in AWS, allowing theft of domain user hashes.
A tool that determines what AWS API calls are logged by CloudTrail and what they are logged as, and can also be used as an attack simulation framework.
PINNED
Fabric Platform by BlackStork
Fabric Platform is a cybersecurity reporting solution that automates and standardizes report generation, offering a private-cloud platform, open-source tools, and community-supported templates.
Mandos Brief Newsletter
Stay ahead in cybersecurity. Get the week's top cybersecurity news and insights in 8 minutes or less.
Wiz
Wiz Cloud Security Platform is a cloud-native security platform that enables security, dev, and devops to work together in a self-service model, detecting and preventing cloud security threats in real-time.
Adversa AI
Adversa AI is a cybersecurity company that provides solutions for securing and hardening machine learning, artificial intelligence, and large language models against adversarial attacks, privacy issues, and safety incidents across various industries.