Alternatives and similar repositories for shiftleft-iac-action

Users that are interested in shiftleft-iac-action are comparing it to the libraries listed below

• shellcromancer / audit-log-wall-of-shame
  Audit log wall of shame.
  ☆42Updated last month
• zmallen / cloudtrail2sightings
  Convert cloudtrail data to MITRE ATT&CK Sightings
  ☆80Updated 3 years ago
• SecurityRunners / CloudCommotion
  Cloud Commotion intends to cause chaos to simulate security incidents
  ☆146Updated last year
• jdyke / gcp-iam-analyzer
  Compares and analyzes GCP IAM roles.
  ☆77Updated 7 months ago
• orcasecurity / orca-toolbox
  ☆122Updated 4 months ago
• GitGuardian / ggcanary
  GitGuardian Canary Tokens
  ☆145Updated 3 months ago
• kpolley / slackurity
  Slack bot which promotes Defense in Depth/Zero Trust security practices
  ☆24Updated 2 years ago
• DataDog / workload-security-evaluator
  Tooling to simulate runtime attacks and test default runtime detections from Datadog Cloud Security Management.
  ☆32Updated last year
• tenable / EscalateGPT
  An AI-powered tool for discovering privilege escalation opportunities in AWS IAM configurations.
  ☆116Updated last month
• DataDog / supply-chain-firewall
  Supply-Chain Firewall (SCFW) is a tool for preventing the installation of malicious npm and PyPI packages
  ☆168Updated this week
• cado-security / cloudgrep
  cloudgrep is grep for cloud storage
  ☆325Updated 7 months ago
• aquia-inc / aws-guardduty-runbook-generator
  Generates runbooks for GuardDuty findings
  ☆39Updated last year
• marco-lancini / utils
  Useful scripts, Docker images, docker-compose apps, and Terraform modules.
  ☆151Updated 2 weeks ago
• orcasecurity-research / kte
  Test & Compare different Kubernetes security offerings on EKS, GKE and AKS
  ☆40Updated last year
• devsecflow / Cloud-Native-Assurance-Maturity-Model
  A comprehensive framework and assessment toolkit for measuring and improving Cloud Native security maturity across 8 critical business fu…
  ☆10Updated 3 months ago
• Hacking-the-Cloud / htc-ctfs
  Holds the public Hacking the Cloud CTFs.
  ☆59Updated last year
• SeisoLLC / easy_infra
  A docker container to simplify and secure the use of Infrastructure as Code (IaC)
  ☆78Updated this week
• adanalvarez / TrailDiscover
  An evolving repository of CloudTrail events with detailed descriptions, MITRE ATT&CK insights, real-world incidents, references and secur…
  ☆166Updated last week
• vectra-ai-research / derf
  DeRF (Detection Replay Framework) is an "Attacks As A Service" framework, allowing the emulation of offensive techniques and generation o…
  ☆102Updated last year
• StevenSmiley / aws-mine
  AWS honey token manager
  ☆89Updated last year
• gemini-oss / starfleet
  Whole-infrastructure automation tooling for AWS
  ☆42Updated last month
• Algbra-Labs-OSS / Chronicle
  ☆65Updated last year
• adanalvarez / TrailAlerts
  TrailAlerts is a AWS-native, serverless cloud-detection tool that lets you define simple rules as code and get rich alerts about events i…
  ☆49Updated 5 months ago
• carta / krang
  Knowledge Report Alert & Normalization Generator
  ☆27Updated last year
• adanalvarez / HoneyTrail
  Independently deploy customized honeyservices in AWS to trigger alerts on unauthorized access. It utilizes a dedicated CloudTrail for pre…
  ☆51Updated 11 months ago
• salesforce / metabadger
  Prevent SSRF attacks on AWS EC2 via automated upgrades to the more secure Instance Metadata Service v2 (IMDSv2).
  ☆143Updated 5 months ago
• kmcquade / OWASP-YouTube-2021
  Deliberately vulnerable AWS resources for security assessment demos
  ☆31Updated 3 years ago
• Nextdoor / cspm_evaluation_matrix
  Nextdoor's Cloud Security Posture Management (CSPM) Evaluation Matrix
  ☆58Updated 2 years ago
• trustoncloud / threatmodel-for-aws-s3
  Threat model for Amazon S3 - Library of all the attack scenarios on Amazon S3, and how to mitigate them following a risk-based approach
  ☆158Updated 2 years ago
• somethingnew2-0 / SimpleCSPM
  GCP CSPM using Google Sheets
  ☆37Updated 6 months ago