fortinet / aws-lambda-guardduty
Lambda function to be called in CloudWatch when GuardDuty sends logs to CloudWatch. This script will write the malicious IP to a dedicated file in an S3 bucket. Firewall service (i.e. FortiOS) can pull this list, and add those malicious IPs to the blacklist.
☆14Updated last year
Related projects: ⓘ
- 'Continuous' AWS perimeter monitoring: Periodically scan internet facing AWS resources to detect misconfigured services.☆61Updated 5 years ago
- Example detection of compromise credentials in AWS☆118Updated 6 years ago
- Lightspin AWS IAM Vulnerability Scanner☆96Updated 3 years ago
- Tools for AWS forensics☆64Updated 8 years ago
- A Lambda-powered Security Orchestration framework for AWS GuardDuty☆51Updated 4 years ago
- IAMFinder enumerates and finds users and IAM roles in a target AWS account.☆107Updated 3 years ago
- Core incident handling plugins for aws_ir cli, incident pony, and more.☆21Updated 6 years ago
- Automation of VPC Traffic Mirror Sessions in AWS☆34Updated 2 years ago
- This script is used to generate some basic detections of the aws security services☆71Updated 2 years ago
- Blazing CloudTrail since 2018☆134Updated 5 years ago
- This command line tool counts the number of resources in different categories across Amazon regions.☆56Updated 4 years ago
- Visualize your Terraform files☆34Updated 4 years ago
- SyntheticSun is a defense-in-depth security automation and monitoring framework which utilizes threat intelligence, machine learning, man…☆76Updated 3 years ago
- InSpec profile to validate your VPC to the standards of the CIS Amazon Web Services Foundations Benchmark☆77Updated 3 months ago
- Manage GuardDuty At Enterprise Scale☆22Updated 4 years ago
- Updated incident response generator for training classes☆41Updated 3 years ago
- Scan your EC2 instance to find its vulnerabilities using Vuls (https://vuls.io/en/)☆87Updated last year
- AWS CIS Benchmark scanner☆39Updated 7 years ago
- ☆37Updated 4 years ago
- Prevent SSRF attacks on AWS EC2 via automated upgrades to the more secure Instance Metadata Service v2 (IMDSv2).☆137Updated 6 months ago
- Varna: Quick & Cheap AWS CloudTrail Monitoring with Event Query Language (EQL)☆50Updated last year
- CdkGoat is Bridgecrew's "Vulnerable by Design" AWS CDK repository. CdkGoat is a learning and training project that demonstrates how commo…☆43Updated last year
- Utility for downloading and mounting EBS snapshots using the EBS Direct API's☆72Updated last year
- Cloudformation Template and Lambda to detect if Instance Profile credentials are being used outside your AWS Account.☆28Updated 5 years ago
- Proof of concept incident response demo using SSM and AWS Fargate.☆13Updated 4 years ago
- AWS Metadata Proxy for protection against SSRF☆68Updated 4 years ago
- GSA Security Benchmarks and Tools☆21Updated 5 years ago
- ☆82Updated 4 years ago
- Reapsaw is a continuous security devsecops tool, which helps in enabling security into CI/CD Pipeline. It supports coverage for multiple …☆42Updated 3 years ago
- ☆38Updated this week