Alternatives and similar repositories for aws_ir:

Users that are interested in aws_ir are comparing it to the libraries listed below

• ThreatResponse / margaritashotgun
  Remote Memory Acquisition Tool
  ☆245Updated 4 years ago
• easttimor / aws-incident-response
  ☆368Updated 10 months ago
• awslabs / aws-security-automation
  Collection of scripts and resources for DevSecOps and Automated Incident Response Security
  ☆621Updated 4 years ago
• stuhirst / awssecurity
  for AWS Security material
  ☆246Updated 2 years ago
• dowjones / hammer
  Dow Jones Hammer : Protect the cloud with the power of the cloud(AWS)
  ☆437Updated last year
• Netflix-Skunkworks / aws-credential-compromise-detection
  Example detection of compromise credentials in AWS
  ☆119Updated 6 years ago
• willbengtson / trailblazer-aws
  Blazing CloudTrail since 2018
  ☆133Updated 5 years ago
• amrandazz / attack-guardduty-navigator
  A MITRE ATT&CK Navigator export for AWS GuardDuty Findings
  ☆137Updated 3 years ago
• MrSecure / review-security-groups
  A small set of scripts to summarize AWS Security Groups, and generate visualizations of the rules.
  ☆62Updated 4 years ago
• turnerlabs / antiope
  AWS Inventory and Compliance Framework
  ☆223Updated last year
• SummitRoute / aws_exposable_resources
  Resource types that can be publicly exposed on AWS
  ☆320Updated 2 years ago
• awslabs / aws-automated-incident-response-and-forensics
  ☆378Updated last year
• Netflix-Skunkworks / diffy
  (DEPRECATED) Diffy is a triage tool used during cloud-centric security incidents, to help digital forensics and incident response (DFIR)…
  ☆633Updated last year
• panther-labs / panther-analysis
  Built-in Panther detection rules and policies
  ☆349Updated this week
• nccgroup / G-Scout
  Google Cloud Platform Security Tool
  ☆233Updated 5 years ago
• mozilla / ssm-acquire
  A python module for orchestrating content acquisitions and analysis via amazon ssm.
  ☆58Updated last year
• duo-labs / cloudtrail-partitioner
  ☆152Updated last year
• sonofagl1tch / AWSDetonationLab
  This script is used to generate some basic detections of the aws security services
  ☆71Updated 2 years ago
• Netflix-Skunkworks / aardvark
  Aardvark is a multi-account AWS IAM Access Advisor API
  ☆474Updated 2 months ago
• OpenCSPM / opencspm
  Open Cloud Security Posture Management Engine
  ☆336Updated 2 years ago
• product-security-group / Security_Ladders
  Open source security career ladders
  ☆115Updated 2 years ago
• darkarnium / perimeterator
  'Continuous' AWS perimeter monitoring: Periodically scan internet facing AWS resources to detect misconfigured services.
  ☆63Updated 5 years ago
• amazon-archives / aws-security-benchmark
  Open source demos, concept and guidance related to the AWS CIS Foundation framework.
  ☆618Updated 5 years ago
• awslabs / amazon-guardduty-tester
  This repository can be used to generate and evaluate findings detected by Amazon GuardDuty
  ☆356Updated last month
• Voulnet / barq
  barq: The AWS Cloud Post Exploitation framework!
  ☆386Updated 2 years ago
• twilio-labs / socless
  The SOCless automation framework
  ☆134Updated last month
• duo-labs / cloudtracker
  CloudTracker helps you find over-privileged IAM users and roles by comparing CloudTrail logs with current IAM policies.
  ☆891Updated 3 years ago
• cyberark / SkyWrapper
  SkyWrapper helps to discover suspicious creation forms and uses of temporary tokens in AWS
  ☆104Updated 3 years ago
• Netflix-Skunkworks / cloudtrail-anomaly
  ☆82Updated 5 years ago