jonrau1 / AWS-DevSecOps-Factory
Sample DevSecOps pipelines (heavily biased on the "Sec") for various stacks and tools using open-source security tools and AWS native services
☆67Updated 3 years ago
Alternatives and similar repositories for AWS-DevSecOps-Factory:
Users that are interested in AWS-DevSecOps-Factory are comparing it to the libraries listed below
- ThreatModel for Amazon S3 - Library of all the attack scenarios on Amazon S3, and how to mitigate them following a risk-based approach☆150Updated last year
- AWS Security Analytics Bootstrap enables customers to perform security investigations on AWS service logs by providing an Amazon Athena a…☆246Updated this week
- Pre-configured response & remediation playbooks for AWS Security Hub☆65Updated 3 years ago
- AWS Certified Security Specialty (2020) course notes☆117Updated 4 years ago
- SCP management tool☆130Updated last year
- This solutions facilitates rapid deployment of Prowler, full AWS Organization analysis, and finding processing as part of a security post…☆54Updated 2 months ago
- AWS Organizations Service Control Policies (SCPs) written in HashiCorp Terraform.☆237Updated 4 months ago
- Identify all permitted data paths originating from the Internet to Network Interfaces within AWS Accounts across the entire AWS Organizat…☆37Updated last year
- Collection of semi-useful Service Control Policies and scripts to manage them☆93Updated 2 weeks ago
- Crowdsourced list of sensitive IAM Actions☆141Updated 3 months ago
- Code examples for the AWS Security Blog post: How to use CI/CD to deploy and configure AWS security services with Terraform☆96Updated 3 years ago
- Resource types that can be publicly exposed on AWS☆322Updated 2 years ago
- Assisted Log Enabler for AWS - Find AWS resources that are not logging, and turn them on.☆245Updated this week
- Example AWS Service control policies to get started or mature your usage of AWS SCPs.☆232Updated last week
- A collection of 2020 artifacts describing the major pain points, vulnerabilities and concerns with Cloud Security.☆19Updated 4 years ago
- This solution supports a bidirectional integration between Security Hub and JIRA. Issues can be either created automatically or manually …☆37Updated 6 months ago
- KaiMonkey provides vulnerable infrastructure as code (IaC) to help explore and understand common cloud security threats exposed via IaC.☆97Updated last year
- Automated Forensics Orchestrator for Amazon EC2 is a self-service AWS Solution implementation that enterprise customers can deploy to qui…☆59Updated 2 months ago
- An AWS IAM policy statement parser and query tool.☆173Updated last year
- ☆281Updated 2 years ago
- Create custom auto-remediation solutions using serverless functions in the cloud.☆53Updated last year
- Terraform modules for an EC2 Image Builder Pipeline with an Amazon Linux 2 Baseline Container Recipe, which is used to deploy a Docker ba…☆39Updated last year
- ☆62Updated 3 years ago
- ☆89Updated 3 months ago
- Convert cloudtrail data to MITRE ATT&CK Sightings☆79Updated 2 years ago
- A docker container to simplify and secure the use of Infrastructure as Code (IaC)☆70Updated this week
- ☆370Updated 11 months ago
- Hands-on workshop on how to build security automation in pipelines☆37Updated 9 months ago
- Automatically compile an AWS Service Control Policy that ONLY allows AWS services that are compliant with your preferred compliance frame…☆225Updated last year
- ☆26Updated 4 years ago