aws-samples/aws-incident-response-playbooks external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

aws-samples/aws-incident-response-playbooks

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/aws-samples/aws-incident-response-playbooks)

Close

aws-samples / aws-incident-response-playbooksView on GitHubMore

• External links
• Readme badge

☆1,050Aug 22, 2025Updated 6 months ago

Alternatives and similar repositories for aws-incident-response-playbooks

Users that are interested in aws-incident-response-playbooks are comparing it to the libraries listed below

• aws-samples / aws-customer-playbook-framework

  View on GitHub
  This repository provides sample templates for security playbooks against various scenarios when using Amazon Web Services.
  ☆649Updated this week
• easttimor / aws-incident-response

  View on GitHub
  ☆375Feb 23, 2024Updated 2 years ago
• awslabs / aws-automated-incident-response-and-forensics

  View on GitHub
  ☆401Sep 25, 2023Updated 2 years ago
• aws-solutions / automated-security-response-on-aws

  View on GitHub
  Automated Security Response on AWS is an add-on solution that works with AWS Security Hub to provide a ready-to-deploy architecture and a…
  ☆465Updated this week
• aws-samples / aws-incident-response-playbooks-workshop

  View on GitHub
  ☆97Feb 19, 2024Updated 2 years ago
• awslabs / aws-cloudsaga

  View on GitHub
  AWS CloudSaga - Simulate security events in AWS
  ☆473Updated this week
• awslabs / aws-security-assessment-solution

  View on GitHub
  An AWS tool to help you create a point in time assessment of your AWS account using Prowler.
  ☆592Nov 12, 2025Updated 3 months ago
• aws-samples / aws-security-reference-architecture-examples

  View on GitHub
  Example solutions demonstrating how to implement patterns within the AWS Security Reference Architecture guide using CloudFormation (incl…
  ☆1,119Dec 12, 2025Updated 2 months ago
• awslabs / aws-security-analytics-bootstrap

  View on GitHub
  AWS Security Analytics Bootstrap enables customers to perform security investigations on AWS service logs by providing an Amazon Athena a…
  ☆272Updated this week
• nccgroup / PMapper

  View on GitHub
  A tool for quickly evaluating IAM permissions in AWS.
  ☆1,544Aug 2, 2024Updated last year
• salesforce / cloudsplaining

  View on GitHub
  Cloudsplaining is an AWS IAM Security Assessment tool that identifies violations of least privilege and generates a risk-prioritized repo…
  ☆2,185Mar 1, 2026Updated last week
• awslabs / assisted-log-enabler-for-aws

  View on GitHub
  Assisted Log Enabler for AWS - Find AWS resources that are not logging, and turn them on.
  ☆273Mar 1, 2026Updated last week
• toniblyx / my-arsenal-of-aws-security-tools

  View on GitHub
  List of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc.
  ☆9,411Oct 16, 2025Updated 4 months ago
• aws-cloudformation / cloudformation-guard

  View on GitHub
  Guard offers a policy-as-code domain-specific language (DSL) to write rules and validate JSON- and YAML-formatted data such as CloudForma…
  ☆1,367Updated this week
• ramimac / aws-customer-security-incidents

  View on GitHub
  A repository of breaches of AWS customers
  ☆795Jan 24, 2026Updated last month
• awslabs / aws-security-automation

  View on GitHub
  Collection of scripts and resources for DevSecOps and Automated Incident Response Security
  ☆635Jan 14, 2026Updated last month
• duo-labs / parliament

  View on GitHub
  AWS IAM linting library
  ☆1,110Jan 7, 2026Updated 2 months ago
• ReversecLabs / leonidas

  View on GitHub
  Automated Attack Simulation in the Cloud, complete with detection use cases.
  ☆605Nov 28, 2024Updated last year
• DataDog / stratus-red-team

  View on GitHub
  Granular, Actionable Adversary Emulation for the Cloud
  ☆2,267Mar 1, 2026Updated last week
• aws-samples / aws-secure-environment-accelerator

  View on GitHub
  ASEA developer support has ended, and the ASEA github repo will be marked Archived (read-only) by the end of 2025.
  ☆758Nov 17, 2025Updated 3 months ago
• austinsonger / Incident-Playbook

  View on GitHub
  GOAL: Incident Response Playbooks Mapped to MITRE Attack Tactics and Techniques. [Contributors Friendly]
  ☆1,544Jul 28, 2024Updated last year
• flosell / trailscraper

  View on GitHub
  A command-line tool to get valuable information out of AWS CloudTrail
  ☆830Mar 2, 2026Updated last week
• prowler-cloud / prowler

  View on GitHub
  Prowler is the world’s most widely used open-source cloud security platform that automates security and compliance across any cloud envir…
  ☆13,160Updated this week
• duo-labs / cloudtracker

  View on GitHub
  CloudTracker helps you find over-privileged IAM users and roles by comparing CloudTrail logs with current IAM policies.
  ☆907Dec 17, 2021Updated 4 years ago
• awslabs / threat-composer

  View on GitHub
  A simple threat modeling tool to help humans to reduce time-to-value when threat modeling
  ☆683Updated this week
• tenchi-security / camp

  View on GitHub
  CloudSplaining on AWS Managed Policies
  ☆44Sep 8, 2025Updated 6 months ago
• salesforce / policy_sentry

  View on GitHub
  IAM Least Privilege Policy Generator
  ☆2,136Mar 1, 2026Updated last week
• guardsight / gsvsoc_cirt-playbook-battle-cards

  View on GitHub
  Cyber Incident Response Team Playbook Battle Cards
  ☆424May 10, 2024Updated last year
• CloudWanderer-io / PolicyGlass

  View on GitHub
  PolicyGlass allows you to analyse one or more AWS policies' effective permissions in aggregate, by restating them in the form of PolicySh…
  ☆60Jan 9, 2022Updated 4 years ago
• zoph-io / MAMIP

  View on GitHub
  Monitor AWS Managed IAM Policies Changes
  ☆493Updated this week
• duo-labs / cloudmapper

  View on GitHub
  CloudMapper helps you analyze your Amazon Web Services (AWS) environments.
  ☆6,266Jul 15, 2024Updated last year
• DataDog / threatest

  View on GitHub
  Threatest is a CLI and Go framework for end-to-end testing threat detection rules.
  ☆339Updated this week
• SummitRoute / aws_exposable_resources

  View on GitHub
  Resource types that can be publicly exposed on AWS
  ☆331Feb 23, 2022Updated 4 years ago
• awslabs / aws-config-rules

  View on GitHub
  [Node, Python, Java] Repository of sample Custom Rules for AWS Config.
  ☆1,728Mar 1, 2026Updated last week
• RhinoSecurityLabs / pacu

  View on GitHub
  The AWS exploitation framework, designed for testing the security of Amazon Web Services environments.
  ☆5,080Feb 24, 2026Updated last week
• fwdcloudsec / known_aws_accounts

  View on GitHub
  List of known AWS accounts
  ☆257Feb 6, 2026Updated last month
• jonrau1 / ElectricEye

  View on GitHub
  ElectricEye is a multi-cloud, multi-SaaS Python CLI tool for Asset Management, Security Posture Management & Attack Surface Monitoring su…
  ☆1,034Feb 9, 2026Updated last month
• certsocietegenerale / IRM

  View on GitHub
  Incident Response Methodologies 2022
  ☆1,106Apr 11, 2025Updated 10 months ago
• nccgroup / ScoutSuite

  View on GitHub
  Multi-Cloud Security Auditing Tool
  ☆7,562Sep 23, 2025Updated 5 months ago