Prowler
An open-source security tool for AWS, Azure, Google Cloud, and Kubernetes security assessments and audits.
Automated actions on Security Command Center findings: automatically create disk snapshots, revoke IAM grants, notify other systems, and more. Service account runs with lowest permission needed granted at granularity you specify. Every action is logged to Cloud Logging and is easily auditable. Can be run in monitor mode where actions are logged only. Architecture: A finding is either generated from Security Command Center or Cloud Logging (legacy) and sent to a Pubsub topic. The Filter Cloud Function first can optionally run the finding through a series of Rego policies that will automatically mark the finding as a false positive and auto-close it. If the finding is valid for your environment, it is sent to the Router Function, which is configued by YAML to send the finding on to the correct auto-remediation function that you have enabled. The auto-remediation Cloud Functions
An open-source security tool for AWS, Azure, Google Cloud, and Kubernetes security assessments and audits.
A collection of security workshops and hands-on content for AWS security services and techniques
A workload policy enforcement tool for Kubernetes with various supported policies and configuration options.
Managed Kubernetes Inspection Tool leveraging FOSS tools to query and validate security-related settings.
A security toolkit for Amazon S3
A multi-cloud tool for centralizing assets across multiple clouds with minimal configuration.