Selefra is an open-source policy-as-code software designed for multi-cloud and SaaS environment analysis. The platform supports over 30 services including major cloud providers (AWS, GCP, Azure, Alibaba Cloud), container orchestration platforms (Kubernetes), development platforms (Github), content delivery networks (Cloudflare), and collaboration tools (Slack). Users can create custom analysis policies using SQL and YAML to define security, cost, and architecture evaluation criteria. The tool provides unified configuration data integration across multiple cloud environments, enabling centralized visibility and management. Selefra integrates with GPT models to facilitate conversational analysis for security assessments, cost optimization, and architecture reviews. This integration allows users to query their cloud infrastructure using natural language and receive insights about resource management and security posture. The platform focuses on three primary areas: cloud resource management optimization, security posture enhancement, and cost reduction through policy-driven analysis and recommendations.
FEATURES
EXPLORE BY TAGS
SIMILAR TOOLS
TerraGoat is a deliberately vulnerable Terraform repository that demonstrates common cloud infrastructure misconfigurations for training and testing security tools.
FestIn discovers open S3 buckets associated with a domain using crawling and DNS reconnaissance techniques.
A tutorial demonstrating how to implement Kubernetes Engine security features to control application privileges through host access controls and network access policies.
SkyWrapper analyzes temporary token behaviors in AWS accounts to detect suspicious activities and generates Excel reports with findings summaries.
A framework for analyzing container images, running scripts inside containers, and gathering information for static analysis and policy enforcement.
A Docker security vulnerability where disabling inter-container communication (ICC) fails to block raw ethernet frames, allowing unexpected data transfer between containers via raw sockets.
AWS Vault securely stores AWS IAM credentials in the operating system's keystore and generates temporary credentials for development environments.
A command-line security auditing tool that performs Lynis-based security assessments across AWS, GCP, Azure, and DigitalOcean cloud platforms.
Collection of Kubernetes manifests creating pods with elevated privileges for security testing.