aws-samples/aws-customer-playbook-framework external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

aws-samples/aws-customer-playbook-framework

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/aws-samples/aws-customer-playbook-framework)

Close

aws-samples / aws-customer-playbook-frameworkView on GitHubMore

• External links
• Readme badge

This repository provides sample templates for security playbooks against various scenarios when using Amazon Web Services.

☆650Mar 20, 2026Updated this week

Alternatives and similar repositories for aws-customer-playbook-framework

Users that are interested in aws-customer-playbook-framework are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• aws-samples / aws-incident-response-playbooks-workshop

  View on GitHub
  ☆97Feb 19, 2024Updated 2 years ago
• aws-samples / aws-incident-response-playbooks

  View on GitHub
  ☆1,052Aug 22, 2025Updated 7 months ago
• awslabs / aws-cloudsaga

  View on GitHub
  AWS CloudSaga - Simulate security events in AWS
  ☆474Updated this week
• awslabs / threat-composer

  View on GitHub
  A simple threat modeling tool to help humans to reduce time-to-value when threat modeling
  ☆688Updated this week
• awslabs / assisted-log-enabler-for-aws

  View on GitHub
  Assisted Log Enabler for AWS - Find AWS resources that are not logging, and turn them on.
  ☆273Updated this week
• awslabs / aws-security-analytics-bootstrap

  View on GitHub
  AWS Security Analytics Bootstrap enables customers to perform security investigations on AWS service logs by providing an Amazon Athena a…
  ☆272Updated this week
• awslabs / aws-security-assessment-solution

  View on GitHub
  An AWS tool to help you create a point in time assessment of your AWS account using Prowler.
  ☆596Mar 10, 2026Updated 2 weeks ago
• aws-samples / aws-security-reference-architecture-examples

  View on GitHub
  Example solutions demonstrating how to implement patterns within the AWS Security Reference Architecture guide using CloudFormation (incl…
  ☆1,124Mar 10, 2026Updated 2 weeks ago
• aws-samples / service-control-policy-examples

  View on GitHub
  Example AWS Service control policies to get started or mature your usage of AWS SCPs.
  ☆295Mar 17, 2026Updated last week
• zoph-io / aws-security-survival-kit

  View on GitHub
  Bare minimum AWS Security Alerting and Secure by default Configuration
  ☆514May 15, 2025Updated 10 months ago
• aquia-inc / aws-guardduty-runbook-generator

  View on GitHub
  Generates runbooks for GuardDuty findings
  ☆38Jun 24, 2024Updated last year
• aws-solutions / automated-security-response-on-aws

  View on GitHub
  Automated Security Response on AWS is an add-on solution that works with AWS Security Hub to provide a ready-to-deploy architecture and a…
  ☆466Mar 13, 2026Updated last week
• awslabs / aws-automated-incident-response-and-forensics

  View on GitHub
  ☆400Sep 25, 2023Updated 2 years ago
• ramimac / aws-customer-security-incidents

  View on GitHub
  A repository of breaches of AWS customers
  ☆798Mar 11, 2026Updated last week
• aquia-inc / scpkit

  View on GitHub
  SCP management tool
  ☆135Oct 23, 2023Updated 2 years ago
• zmallen / cloudtrail2sightings

  View on GitHub
  Convert cloudtrail data to MITRE ATT&CK Sightings
  ☆82Jul 25, 2022Updated 3 years ago
• invictus-ir / Invictus-AWS

  View on GitHub
  A tool for AWS incident response, that allows for enumeration, acquisition and analysis of data from AWS environments for the purpose of …
  ☆198Jan 6, 2026Updated 2 months ago
• secengjeff / awskillswitch

  View on GitHub
  Lambda function that streamlines containment of an AWS account compromise
  ☆344Dec 1, 2023Updated 2 years ago
• fwdcloudsec / known_aws_accounts

  View on GitHub
  List of known AWS accounts
  ☆257Feb 6, 2026Updated last month
• aws / aws-security-services-best-practices

  View on GitHub
  ☆168Updated this week
• aws-samples / aws-secure-environment-accelerator

  View on GitHub
  ASEA developer support has ended, and the ASEA github repo will be marked Archived (read-only) by the end of 2025.
  ☆758Nov 17, 2025Updated 4 months ago
• primeharbor / sensitive_iam_actions

  View on GitHub
  Crowdsourced list of sensitive IAM Actions
  ☆159Oct 29, 2024Updated last year
• salesforce / cloudsplaining

  View on GitHub
  Cloudsplaining is an AWS IAM Security Assessment tool that identifies violations of least privilege and generates a risk-prioritized repo…
  ☆2,197Updated this week
• DataDog / stratus-red-team

  View on GitHub
  Granular, Actionable Adversary Emulation for the Cloud
  ☆2,283Mar 12, 2026Updated last week
• adanalvarez / TrailDiscover

  View on GitHub
  An evolving repository of CloudTrail events with detailed descriptions, MITRE ATT&CK insights, real-world incidents, references and secur…
  ☆174Mar 11, 2026Updated 2 weeks ago
• awslabs / amazon-guardduty-tester

  View on GitHub
  This repository can be used to generate and evaluate findings detected by Amazon GuardDuty
  ☆420Jan 7, 2026Updated 2 months ago
• aws-samples / data-perimeter-policy-examples

  View on GitHub
  Example policies demonstrating how to implement a data perimeter on AWS.
  ☆196Updated this week
• nccgroup / PMapper

  View on GitHub
  A tool for quickly evaluating IAM permissions in AWS.
  ☆1,544Aug 2, 2024Updated last year
• HarshVaragiya / aws-redteam-kit

  View on GitHub
  A PoC to Simulate Ransomware Attack on AWS Environment
  ☆33Oct 14, 2024Updated last year
• easttimor / aws-incident-response

  View on GitHub
  ☆375Feb 23, 2024Updated 2 years ago
• cado-security / cloudgrep

  View on GitHub
  cloudgrep is grep for cloud storage
  ☆326Mar 14, 2026Updated last week
• invictus-ir / aws-cheatsheet

  View on GitHub
  A cheatsheet containing AWS CloudTrail events that can be used for Incident Response purposes or Detection Engineering.
  ☆80Jan 6, 2026Updated 2 months ago
• globaldatanet / aws-firewall-factory

  View on GitHub
  Enhance the security of your web applications effortlessly with AWS Firewall Factory. Safeguard your valuable assets through seamless WAF…
  ☆256Nov 17, 2025Updated 4 months ago
• DataDog / threatest

  View on GitHub
  Threatest is a CLI and Go framework for end-to-end testing threat detection rules.
  ☆339Mar 17, 2026Updated last week
• toniblyx / my-arsenal-of-aws-security-tools

  View on GitHub
  List of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc.
  ☆9,414Oct 16, 2025Updated 5 months ago
• welldone-cloud / aws-summarize-account-activity

  View on GitHub
  Analyzes CloudTrail data of a given AWS account and generates a summary of recently active IAM principals, API calls they made, as well a…
  ☆165Dec 21, 2025Updated 3 months ago
• awslabs / automated-security-helper

  View on GitHub
  ASH is an extensible, open source SAST, SCA, and IaC security scanner orchestration engine.
  ☆620Mar 14, 2026Updated last week
• matthewdfuller / safer-scps

  View on GitHub
  Safer AWS SCP deployments via real-time monitoring
  ☆56Sep 30, 2023Updated 2 years ago
• aws-samples / example-permissions-boundary

  View on GitHub
  This repository contains a sample IAM permissions boundary as a starting point for creating your own permissions boundary to meet the s…
  ☆90Feb 21, 2025Updated last year