chughes29 / state-of-cloud-security
A collection of 2020 artifacts describing the major pain points, vulnerabilities and concerns with Cloud Security.
☆19Updated 3 years ago
Related projects: ⓘ
- Some python scripts I wrote that help with various specialized AWS security things☆10Updated 4 years ago
- CloudSplaining on AWS Managed Policies☆41Updated this week
- Assess certain AWS network configurations☆11Updated 6 years ago
- A collection of DoD and Federal Government Cloud Computing Resources☆47Updated 3 years ago
- Sample DevSecOps pipelines (heavily biased on the "Sec") for various stacks and tools using open-source security tools and AWS native ser…☆66Updated 3 years ago
- CdkGoat is Bridgecrew's "Vulnerable by Design" AWS CDK repository. CdkGoat is a learning and training project that demonstrates how commo…☆43Updated last year
- A continuous security pipeline demo for the AWS DevSecOps Workshop.☆45Updated 4 years ago
- Generates runbooks for GuardDuty findings☆34Updated 2 months ago
- Lightspin AWS IAM Vulnerability Scanner☆96Updated 3 years ago
- ☆37Updated 8 months ago
- The open source version of the AWS Security Hub documentation. To provide feedback or request changes, you can submit a pull request that…☆35Updated last year
- IAMFinder enumerates and finds users and IAM roles in a target AWS account.☆107Updated 3 years ago
- Tools for AWS forensics☆64Updated 8 years ago
- Cfngoat is Bridgecrew's "Vulnerable by Design" Cloudformation repository. Cfngoat is a learning and training project that demonstrates ho…☆91Updated last month
- Convert cloudtrail data to MITRE ATT&CK Sightings☆77Updated 2 years ago
- Create a Golden AMI Pipeline integrated with a Qualys Scanner for vulnerability assessments☆18Updated 5 years ago
- 'Continuous' AWS perimeter monitoring: Periodically scan internet facing AWS resources to detect misconfigured services.☆61Updated 5 years ago
- Vulnerable Kustomize Kubernetes templates for training and education☆47Updated 2 years ago
- Deliberately vulnerable AWS resources for security assessment demos☆31Updated 2 years ago
- Identify all permitted data paths originating from the Internet to Network Interfaces within AWS Accounts across the entire AWS Organizat…☆35Updated last year
- Coalfire AWS RAMP/pak Reference Architecture☆35Updated 3 weeks ago
- Public repository of all things cloud security.☆31Updated 3 weeks ago
- This script is used to generate some basic detections of the aws security services☆71Updated 2 years ago
- The Amazon Elastic Kubernetes Service (EKS) Creation Engine (ECE) is a Python command-line program created by the Lightspin Office of the…☆40Updated last year
- This command line tool counts the number of resources in different categories across Amazon regions.☆56Updated 4 years ago
- InSpec profile to validate your VPC to the standards of the CIS Amazon Web Services Foundations Benchmark☆77Updated 3 months ago
- https://breaches.cloud☆36Updated 2 months ago
- A Lambda-powered Security Orchestration framework for AWS GuardDuty☆51Updated 4 years ago
- SyntheticSun is a defense-in-depth security automation and monitoring framework which utilizes threat intelligence, machine learning, man…☆76Updated 3 years ago
- Application Security Workflow Automation using Docker and Kubernetes☆22Updated last year