Zeus AWS Auditing & Hardening Tool
Zeus is a powerful tool for AWS EC2 / S3 / CloudTrail / CloudWatch / KMS best hardening practices. It checks security settings according to the profiles the user creates and changes them to recommended settings based on the CIS AWS Benchmark source at request of the user. Currently, it only includes the Logging mechanism. Identity and Access Management: - Avoid the use of the 'root' account - Ensure multi-factor authentication (MFA) is enabled for all IAM users that have a console password - Ensure credentials unused for 90 days or greater are disabled - Ensure access keys are rotated every 90 days or less - Ensure IAM password policy requires at least one uppercase letter - Ensure IAM password policy requires at least one lowercase letter - Ensure IAM password policy requires at least one symbol - Ensure IAM password policy requires at least one number - Ensure IAM password policy requires minimum length of 14 or greater - Ensure no root account access key exists - Ensure MFA is enabled for the 'root' account - Ensure security questions are registered in the AWS account - Ensure IAM policies are attached only to groups or role - Enable detailed billing - Maintain current conta
FEATURES
ALTERNATIVES
A Terraform module to set up a secure AWS account configuration baseline
A collection of tools to debug and inspect Kubernetes resources and applications, managing eBPF programs execution and mapping kernel primitives to Kubernetes resources.
An open-sourced framework for managing resources across hundreds of AWS Accounts
Generate Amazon GuardDuty findings related to real AWS resources with multiple tests available.
ScubaGear assesses Microsoft 365 tenant configurations against CISA Secure Configuration Baselines, using PowerShell and Open Policy Agent to compare settings and generate compliance reports.
A Python script that lists all main resources of your AWS account, helping you find resources that affect billing and/or security.
Cloud Container Attack Tool (CCAT) is a tool for testing security of container environments.
PINNED
Fabric Platform by BlackStork
Fabric Platform is a cybersecurity reporting solution that automates and standardizes report generation, offering a private-cloud platform, open-source tools, and community-supported templates.
Mandos Brief Newsletter
Stay ahead in cybersecurity. Get the week's top cybersecurity news and insights in 8 minutes or less.
Wiz
Wiz Cloud Security Platform is a cloud-native security platform that enables security, dev, and devops to work together in a self-service model, detecting and preventing cloud security threats in real-time.
Adversa AI
Adversa AI is a cybersecurity company that provides solutions for securing and hardening machine learning, artificial intelligence, and large language models against adversarial attacks, privacy issues, and safety incidents across various industries.