fortinet / aws-lambda-guardduty
Lambda function to be called in CloudWatch when GuardDuty sends logs to CloudWatch. This script will write the malicious IP to a dedicated file in an S3 bucket. Firewall service (i.e. FortiOS) can pull this list, and add those malicious IPs to the blacklist.
☆14Updated last year
Alternatives and similar repositories for aws-lambda-guardduty:
Users that are interested in aws-lambda-guardduty are comparing it to the libraries listed below
- 'Continuous' AWS perimeter monitoring: Periodically scan internet facing AWS resources to detect misconfigured services.☆64Updated 5 years ago
- Automation of VPC Traffic Mirror Sessions in AWS☆35Updated 5 months ago
- Lightspin AWS IAM Vulnerability Scanner☆96Updated 4 years ago
- ☆37Updated 4 years ago
- InSpec profile to validate your VPC to the standards of the CIS Amazon Web Services Foundations Benchmark☆78Updated 3 months ago
- Utilities for programmatic analysis of Cartography data.☆35Updated last year
- Blazing CloudTrail since 2018☆136Updated 6 years ago
- A Lambda-powered Security Orchestration framework for AWS GuardDuty☆52Updated 5 years ago
- CloudSplaining on AWS Managed Policies☆41Updated this week
- Assess certain AWS network configurations☆11Updated 6 years ago
- This command line tool counts the number of resources in different categories across Amazon regions.☆57Updated 5 years ago
- Cloudformation Template and Lambda to detect if Instance Profile credentials are being used outside your AWS Account.☆28Updated 5 years ago
- The SOCless automation framework☆139Updated last month
- A small lambda script that will disable access keys older than a given amount of days.☆152Updated 2 years ago
- A MITRE ATT&CK Navigator export for AWS GuardDuty Findings☆137Updated 3 years ago
- Example detection of compromise credentials in AWS☆121Updated 6 years ago
- Proof of concept incident response demo using SSM and AWS Fargate.☆14Updated 5 years ago
- SyntheticSun is a defense-in-depth security automation and monitoring framework which utilizes threat intelligence, machine learning, man…☆77Updated 3 years ago
- Docker container bundling tools for manual AWS security reviews☆13Updated 6 years ago
- PolicyGlass allows you to analyse one or more AWS policies' effective permissions in aggregate, by restating them in the form of PolicySh…☆59Updated 3 years ago
- GCP CSPM using Google Sheets☆35Updated 9 months ago
- IAMFinder enumerates and finds users and IAM roles in a target AWS account.☆111Updated 4 years ago
- AWS docs, guides, and other tools☆76Updated 2 years ago
- This script is used to generate some basic detections of the aws security services☆71Updated 3 years ago
- A docker container to simplify and secure the use of Infrastructure as Code (IaC)☆71Updated this week
- A small set of scripts to summarize AWS Security Groups, and generate visualizations of the rules.☆62Updated 4 years ago
- Identify all permitted data paths originating from the Internet to Network Interfaces within AWS Accounts across the entire AWS Organizat…☆39Updated last year
- Security Alert Decoration☆27Updated last week
- AWSXenos will list all the trust relationships in all the IAM roles, S3 buckets, and more☆62Updated 3 weeks ago
- Visualize your Terraform files☆34Updated 4 years ago