Security Response Automation Logo

Security Response Automation

0
Free
Visit Website

Automated actions on Security Command Center findings: automatically create disk snapshots, revoke IAM grants, notify other systems, and more. Service account runs with lowest permission needed granted at granularity you specify. Every action is logged to Cloud Logging and is easily auditable. Can be run in monitor mode where actions are logged only. Architecture: A finding is either generated from Security Command Center or Cloud Logging (legacy) and sent to a Pubsub topic. The Filter Cloud Function first can optionally run the finding through a series of Rego policies that will automatically mark the finding as a false positive and auto-close it. If the finding is valid for your environment, it is sent to the Router Function, which is configued by YAML to send the finding on to the correct auto-remediation function that you have enabled. The auto-remediation Cloud Functions

FEATURES

ALTERNATIVES

Comprehensive suite of tools and resources by Microsoft Azure for ensuring security and protection of data and applications in the cloud.

A graph-based tool for visualizing effective access and resource relationships within AWS

AWS serverless cloud security tool for parsing and alerting on CloudTrail logs using EQL.

Azure Guardrails enables rapid enforcement of cloud security guardrails by generating Terraform files for Azure Policy Initiatives.

Learn how to secure applications in Kubernetes Engine by granting varying levels of privilege based on requirements.

Converts the format of various S3 buckets for bug bounty and security testing.

A cloud and database asset intelligence platform that provides continuous monitoring, compliance management, and security posture assessment across hybrid cloud environments.

Commercial

A framework for executing attacker actions in the cloud with YAML-based format for defining TTPs and detection properties, deployable via AWS-native CI/CD pipeline.