Security Response Automation
Automated actions on Security Command Center findings: automatically create disk snapshots, revoke IAM grants, notify other systems, and more. Service account runs with lowest permission needed granted at granularity you specify. Every action is logged to Cloud Logging and is easily auditable. Can be run in monitor mode where actions are logged only. Architecture: A finding is either generated from Security Command Center or Cloud Logging (legacy) and sent to a Pubsub topic. The Filter Cloud Function first can optionally run the finding through a series of Rego policies that will automatically mark the finding as a false positive and auto-close it. If the finding is valid for your environment, it is sent to the Router Function, which is configued by YAML to send the finding on to the correct auto-remediation function that you have enabled. The auto-remediation Cloud Functions
FEATURES
ALTERNATIVES
Conmachi is a Golang tool for scanning container environments for security issues.
AWS Cloud Security offers security services and compliance tools for securing data and applications on AWS.
A setuid implementation of a subset of user namespaces, providing a way to run unprivileged containers without requiring root privileges.
An AWS Lambda auditing tool that provides asset visibility and actionable results through statistical analysis and security checks.
A cloud native security platform that uses behavioral fingerprinting and runtime verification to detect threats across Kubernetes environments, cloud infrastructure, and software supply chains.
Gatekeeper is a policy management tool for Kubernetes that provides an extensible, parameterized policy library and native Kubernetes CRDs for instantiating and extending the policy library.
A framework to analyze container images and gather useful information.
PINNED
InfoSecHired
An AI-powered career platform that automates the creation of cybersecurity job application materials and provides company-specific insights for job seekers.
Fabric Platform by BlackStork
Fabric Platform is a cybersecurity reporting solution that automates and standardizes report generation, offering a private-cloud platform, open-source tools, and community-supported templates.
Mandos Brief Newsletter
Stay ahead in cybersecurity. Get the week's top cybersecurity news and insights in 8 minutes or less.
System Two Security
An AI-powered platform that automates threat hunting and analysis by processing cyber threat intelligence and generating customized hunt packages for SOC teams.
Aikido Security
Aikido is an all-in-one security platform that combines multiple security scanning and management functions for cloud-native applications and infrastructure.
Permiso
Permiso is an Identity Threat Detection and Response platform that provides comprehensive visibility and protection for identities across multiple cloud environments.
Wiz
Wiz Cloud Security Platform is a cloud-native security platform that enables security, dev, and devops to work together in a self-service model, detecting and preventing cloud security threats in real-time.
Adversa AI
Adversa AI is a cybersecurity company that provides solutions for securing and hardening machine learning, artificial intelligence, and large language models against adversarial attacks, privacy issues, and safety incidents across various industries.