Alternatives and similar repositories for argos:

Users that are interested in argos are comparing it to the libraries listed below

• Netflix-Skunkworks / aws-credential-compromise-detection
  Example detection of compromise credentials in AWS
  ☆119Updated 6 years ago
• sonofagl1tch / AWSDetonationLab
  This script is used to generate some basic detections of the aws security services
  ☆71Updated 2 years ago
• disruptops / resource-counter
  This command line tool counts the number of resources in different categories across Amazon regions.
  ☆56Updated 5 years ago
• toniblyx / aws-forensic-tools
  Tools for AWS forensics
  ☆64Updated 8 years ago
• mitre / aws-foundations-cis-baseline
  InSpec profile to validate your VPC to the standards of the CIS Amazon Web Services Foundations Benchmark
  ☆78Updated 2 weeks ago
• mozilla / ssm-acquire
  A python module for orchestrating content acquisitions and analysis via amazon ssm.
  ☆58Updated last year
• willbengtson / trailblazer-aws
  Blazing CloudTrail since 2018
  ☆133Updated 5 years ago
• ansorren / GDPatrol
  A Lambda-powered Security Orchestration framework for AWS GuardDuty
  ☆51Updated 5 years ago
• tradichel / AWSSecurityAutomationFramework
  Framework for reviewing and responding to events in AWS Flow Logs using Lambda Function
  ☆45Updated last year
• ThreatResponse / mad-king
  Proof of Concept Zappa Based AWS Persistence and Attack Platform
  ☆37Updated 4 years ago
• WarnerMedia / aws-guardduty-enterprise
  Manage GuardDuty At Enterprise Scale
  ☆22Updated 4 years ago
• andrewkrug / fargate-ir
  Proof of concept incident response demo using SSM and AWS Fargate.
  ☆13Updated 5 years ago
• offensive-terraform / terraform-aws-cross-account-persistence
  Offensive Terraform module which creates an IAM role with trust relationship with attacker's AWS account and attaches managed IAM Policy …
  ☆12Updated 4 years ago
• 3CORESec / AWS-AutoMirror
  Automation of VPC Traffic Mirror Sessions in AWS
  ☆35Updated 3 months ago
• te-papa / aws-key-disabler
  A small lambda script that will disable access keys older than a given amount of days.
  ☆151Updated last year
• Netflix-Skunkworks / cloudtrail-anomaly
  ☆82Updated 5 years ago
• cyberark / SkyWrapper
  SkyWrapper helps to discover suspicious creation forms and uses of temporary tokens in AWS
  ☆104Updated 3 years ago
• endgameinc / varna
  Varna: Quick & Cheap AWS CloudTrail Monitoring with Event Query Language (EQL)
  ☆51Updated 2 years ago
• ThreatResponse / ThreatPrep
  Python module for evaluation of AWS account best practices around incident handling readieness.
  ☆55Updated 4 years ago
• amrandazz / attack-guardduty-navigator
  A MITRE ATT&CK Navigator export for AWS GuardDuty Findings
  ☆137Updated 3 years ago
• jchrisfarris / detect-credential-compromise
  Cloudformation Template and Lambda to detect if Instance Profile credentials are being used outside your AWS Account.
  ☆28Updated 5 years ago
• mlnrt / incident-response-and-forensic
  Incident Response and Forensic on AWS
  ☆20Updated 4 years ago
• nccgroup / AWS-recipes
  A number of Recipes for AWS
  ☆194Updated 5 years ago
• duo-labs / cloudtrail-partitioner
  ☆153Updated last year
• sendgrid / krampus
  The original AWS security enforcer™
  ☆59Updated 5 years ago
• dachiefjustice / aws-sec-tools
  Docker container bundling tools for manual AWS security reviews
  ☆13Updated 6 years ago
• turnerlabs / antiope
  AWS Inventory and Compliance Framework
  ☆223Updated last year
• splunk / splunk-for-securityHub
  ☆37Updated 4 years ago
• dev-sec / chef-windows-hardening
  This chef cookbook provides windows hardening configurations for the DevSec Windows baseline profile.
  ☆100Updated last week