jonrau1 / AWS-DevSecOps-Factory
Sample DevSecOps pipelines (heavily biased on the "Sec") for various stacks and tools using open-source security tools and AWS native services
☆68Updated 3 years ago
Alternatives and similar repositories for AWS-DevSecOps-Factory:
Users that are interested in AWS-DevSecOps-Factory are comparing it to the libraries listed below
- AWS Certified Security Specialty (2020) course notes☆117Updated 4 years ago
- Code examples for the AWS Security Blog post: How to use CI/CD to deploy and configure AWS security services with Terraform☆96Updated 3 years ago
- AWS Security Analytics Bootstrap enables customers to perform security investigations on AWS service logs by providing an Amazon Athena a…☆246Updated this week
- Pre-configured response & remediation playbooks for AWS Security Hub☆65Updated 3 years ago
- AWS Organizations Service Control Policies (SCPs) written in HashiCorp Terraform.☆237Updated 5 months ago
- ☆112Updated 2 months ago
- Identify all permitted data paths originating from the Internet to Network Interfaces within AWS Accounts across the entire AWS Organizat…☆38Updated last year
- ThreatModel for Amazon S3 - Library of all the attack scenarios on Amazon S3, and how to mitigate them following a risk-based approach☆151Updated last year
- Assisted Log Enabler for AWS - Find AWS resources that are not logging, and turn them on.☆253Updated this week
- Example policies demonstrating how to implement a data perimeter on AWS.☆151Updated last week
- SCP management tool☆131Updated last year
- Collection of semi-useful Service Control Policies and scripts to manage them☆94Updated last month
- AWS IAM Permissions Guardrails https://aws-samples.github.io/aws-iam-permissions-guardrails/☆124Updated last year
- Crowdsourced list of sensitive IAM Actions☆142Updated 4 months ago
- Runs IAM policy linting and security checks against either a single AWS account or a set of member accounts of an AWS Organization.☆141Updated last week
- A docker container to simplify and secure the use of Infrastructure as Code (IaC)☆71Updated this week
- Resource types that can be publicly exposed on AWS☆324Updated 3 years ago
- A collection of 2020 artifacts describing the major pain points, vulnerabilities and concerns with Cloud Security.☆19Updated 4 years ago
- CloudSplaining on AWS Managed Policies☆41Updated this week
- ☆41Updated last year
- Convert cloudtrail data to MITRE ATT&CK Sightings☆79Updated 2 years ago
- Example AWS Service control policies to get started or mature your usage of AWS SCPs.☆237Updated 2 weeks ago
- ☆154Updated last year
- This solutions facilitates rapid deployment of Prowler, full AWS Organization analysis, and finding processing as part of a security post…☆55Updated 3 months ago
- Uses the AWS Cloud Control API to list resources that are present in a given AWS account and region(s). Discovered resources are written …☆158Updated this week
- The SOCless automation framework☆139Updated last month
- Automatically compile an AWS Service Control Policy that ONLY allows AWS services that are compliant with your preferred compliance frame…☆225Updated last year
- Create custom auto-remediation solutions using serverless functions in the cloud.☆53Updated last year
- ☆39Updated 3 years ago
- SkyWrapper helps to discover suspicious creation forms and uses of temporary tokens in AWS☆105Updated 3 years ago