Security Response Automation Logo

Security Response Automation

0
Free
Visit Website

Automated actions on Security Command Center findings: automatically create disk snapshots, revoke IAM grants, notify other systems, and more. Service account runs with lowest permission needed granted at granularity you specify. Every action is logged to Cloud Logging and is easily auditable. Can be run in monitor mode where actions are logged only. Architecture: A finding is either generated from Security Command Center or Cloud Logging (legacy) and sent to a Pubsub topic. The Filter Cloud Function first can optionally run the finding through a series of Rego policies that will automatically mark the finding as a false positive and auto-close it. If the finding is valid for your environment, it is sent to the Router Function, which is configued by YAML to send the finding on to the correct auto-remediation function that you have enabled. The auto-remediation Cloud Functions

FEATURES

ALTERNATIVES

A tool that discovers all AWS resources created in an account

A CLI tool to simplify the use of AWS Systems Manager Session Manager

Multi-cloud OSINT tool for enumerating public resources in AWS, Azure, and Google Cloud.

A publicly open storage viewer for various storage services.

A security tool that monitors AWS objects for ownership attribution, detects domain hijacking, and verifies security services.

Golang client for querying SecurityTrails API data

Nuvola is a tool for security analysis on AWS environments with a focus on creating a digital twin of cloud platforms.

A Python script to test the security of AWS S3 buckets