aws-samples / aws-incident-response-playbooksView external linksLinks
☆1,049Aug 22, 2025Updated 5 months ago
Alternatives and similar repositories for aws-incident-response-playbooks
Users that are interested in aws-incident-response-playbooks are comparing it to the libraries listed below
Sorting:
- This repository provides sample templates for security playbooks against various scenarios when using Amazon Web Services.☆648Updated this week
- ☆374Feb 23, 2024Updated last year
- ☆401Sep 25, 2023Updated 2 years ago
- Automated Security Response on AWS is an add-on solution that works with AWS Security Hub to provide a ready-to-deploy architecture and a…☆463Updated this week
- ☆97Feb 19, 2024Updated last year
- AWS CloudSaga - Simulate security events in AWS☆472Updated this week
- An AWS tool to help you create a point in time assessment of your AWS account using Prowler.☆590Nov 12, 2025Updated 3 months ago
- Example solutions demonstrating how to implement patterns within the AWS Security Reference Architecture guide using CloudFormation (incl…☆1,115Dec 12, 2025Updated 2 months ago
- AWS Security Analytics Bootstrap enables customers to perform security investigations on AWS service logs by providing an Amazon Athena a…☆270Updated this week
- A tool for quickly evaluating IAM permissions in AWS.☆1,539Aug 2, 2024Updated last year
- Cloudsplaining is an AWS IAM Security Assessment tool that identifies violations of least privilege and generates a risk-prioritized repo…☆2,180Feb 8, 2026Updated last week
- Assisted Log Enabler for AWS - Find AWS resources that are not logging, and turn them on.☆270Updated this week
- List of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc.☆9,401Oct 16, 2025Updated 4 months ago
- Guard offers a policy-as-code domain-specific language (DSL) to write rules and validate JSON- and YAML-formatted data such as CloudForma…☆1,366Updated this week
- A repository of breaches of AWS customers☆794Jan 24, 2026Updated 3 weeks ago
- Collection of scripts and resources for DevSecOps and Automated Incident Response Security☆635Jan 14, 2026Updated last month
- AWS IAM linting library☆1,109Jan 7, 2026Updated last month
- Automated Attack Simulation in the Cloud, complete with detection use cases.☆603Nov 28, 2024Updated last year
- Granular, Actionable Adversary Emulation for the Cloud☆2,252Feb 6, 2026Updated last week
- ASEA developer support has ended, and the ASEA github repo will be marked Archived (read-only) by the end of 2025.☆758Nov 17, 2025Updated 2 months ago
- GOAL: Incident Response Playbooks Mapped to MITRE Attack Tactics and Techniques. [Contributors Friendly]☆1,538Jul 28, 2024Updated last year
- A command-line tool to get valuable information out of AWS CloudTrail☆830Updated this week
- Prowler is the world’s most widely used open-source cloud security platform that automates security and compliance across any cloud envir…☆12,983Updated this week
- A simple threat modeling tool to help humans to reduce time-to-value when threat modeling☆671Updated this week
- CloudTracker helps you find over-privileged IAM users and roles by comparing CloudTrail logs with current IAM policies.☆907Dec 17, 2021Updated 4 years ago
- CloudSplaining on AWS Managed Policies☆44Sep 8, 2025Updated 5 months ago
- IAM Least Privilege Policy Generator☆2,138Feb 8, 2026Updated last week
- Cyber Incident Response Team Playbook Battle Cards☆426May 10, 2024Updated last year
- PolicyGlass allows you to analyse one or more AWS policies' effective permissions in aggregate, by restating them in the form of PolicySh…☆60Jan 9, 2022Updated 4 years ago
- Monitor AWS Managed IAM Policies Changes☆493Feb 9, 2026Updated last week
- CloudMapper helps you analyze your Amazon Web Services (AWS) environments.☆6,254Jul 15, 2024Updated last year
- Threatest is a CLI and Go framework for end-to-end testing threat detection rules.☆338Updated this week
- Resource types that can be publicly exposed on AWS☆329Feb 23, 2022Updated 3 years ago
- [Node, Python, Java] Repository of sample Custom Rules for AWS Config.☆1,727Jan 16, 2026Updated last month
- The AWS exploitation framework, designed for testing the security of Amazon Web Services environments.☆5,065Updated this week
- ElectricEye is a multi-cloud, multi-SaaS Python CLI tool for Asset Management, Security Posture Management & Attack Surface Monitoring su…☆1,034Feb 9, 2026Updated last week
- Incident Response Methodologies 2022☆1,100Apr 11, 2025Updated 10 months ago
- Multi-Cloud Security Auditing Tool☆7,537Sep 23, 2025Updated 4 months ago
- A concise, directive, specific, flexible, and free incident response plan template☆754May 7, 2024Updated last year