jonrau1 / AWS-DevSecOps-Factory
Sample DevSecOps pipelines (heavily biased on the "Sec") for various stacks and tools using open-source security tools and AWS native services
☆68Updated 3 years ago
Alternatives and similar repositories for AWS-DevSecOps-Factory:
Users that are interested in AWS-DevSecOps-Factory are comparing it to the libraries listed below
- Pre-configured response & remediation playbooks for AWS Security Hub☆65Updated 3 years ago
- AWS Certified Security Specialty (2020) course notes☆119Updated 4 years ago
- AWS Organizations Service Control Policies (SCPs) written in HashiCorp Terraform.☆238Updated 6 months ago
- Create custom auto-remediation solutions using serverless functions in the cloud.☆53Updated last year
- Code examples for the AWS Security Blog post: How to use CI/CD to deploy and configure AWS security services with Terraform☆96Updated 3 years ago
- ThreatModel for Amazon S3 - Library of all the attack scenarios on Amazon S3, and how to mitigate them following a risk-based approach☆153Updated last year
- Identify all permitted data paths originating from the Internet to Network Interfaces within AWS Accounts across the entire AWS Organizat…☆39Updated last year
- Collection of semi-useful Service Control Policies and scripts to manage them☆97Updated 3 months ago
- ☆117Updated last month
- SCP management tool☆131Updated last year
- AWS Security Analytics Bootstrap enables customers to perform security investigations on AWS service logs by providing an Amazon Athena a…☆247Updated this week
- Example policies demonstrating how to implement a data perimeter on AWS.☆154Updated last week
- ☆26Updated 4 years ago
- A collection of 2020 artifacts describing the major pain points, vulnerabilities and concerns with Cloud Security.☆19Updated 4 years ago
- ☆18Updated 2 years ago
- This solution supports a bidirectional integration between Security Hub and JIRA. Issues can be either created automatically or manually …☆38Updated 9 months ago
- ☆156Updated last year
- CloudSplaining on AWS Managed Policies☆43Updated this week
- Crowdsourced list of sensitive IAM Actions☆144Updated 6 months ago
- Resource types that can be publicly exposed on AWS☆325Updated 3 years ago
- A docker container to simplify and secure the use of Infrastructure as Code (IaC)☆72Updated this week
- Example code for setting up CIS Benchmarks using EventBridge☆19Updated 3 years ago
- AWS IAM Permissions Guardrails https://aws-samples.github.io/aws-iam-permissions-guardrails/☆124Updated 2 years ago
- InSpec profile to validate your VPC to the standards of the CIS Amazon Web Services Foundations Benchmark☆78Updated 4 months ago
- ☆39Updated 3 years ago
- List of vendors that do not allow IMDSv2 enforcement☆141Updated last year
- Scripts to quickly fix security and compliance issues☆106Updated last year
- Automatically compile an AWS Service Control Policy that ONLY allows AWS services that are compliant with your preferred compliance frame…☆225Updated last year
- Example AWS Service control policies to get started or mature your usage of AWS SCPs.☆240Updated 2 months ago
- AWS SSO Reporter☆54Updated last year