Security Response Automation Logo

Security Response Automation

0
Free
Visit Website

Automated actions on Security Command Center findings: automatically create disk snapshots, revoke IAM grants, notify other systems, and more. Service account runs with lowest permission needed granted at granularity you specify. Every action is logged to Cloud Logging and is easily auditable. Can be run in monitor mode where actions are logged only. Architecture: A finding is either generated from Security Command Center or Cloud Logging (legacy) and sent to a Pubsub topic. The Filter Cloud Function first can optionally run the finding through a series of Rego policies that will automatically mark the finding as a false positive and auto-close it. If the finding is valid for your environment, it is sent to the Router Function, which is configued by YAML to send the finding on to the correct auto-remediation function that you have enabled. The auto-remediation Cloud Functions

FEATURES

ALTERNATIVES

A small project for continuous auditing of internet-facing AWS services

A tool to fetch all public IP addresses associated with an AWS account

Krampus is a security solution for managing AWS objects and can be used as a cost-control tool.

A script and library for identifying risks in AWS IAM configuration

Comprehensive cybersecurity tool for Microsoft Azure providing CSPM & CWPP capabilities.

Azucar is a multi-threaded plugin-based tool for assessing Azure Cloud security.

An open-source security tool for AWS, Azure, Google Cloud, and Kubernetes security assessments and audits.

Exploring the transition towards real sandbox containers and the differences in privileges compared to traditional sandboxes like Chrome.