Cloud Security Tools

Cloud Container Attack Tool (CCAT)

Penetration Testing Tools

A tool for testing security of container environments, particularly in cloud settings.

Fortify on Demand

DevSecOps & Pipeline Security

A cloud-based application security service that integrates security testing into the DevOps toolchain.

aws-lint-iam-policies

Identity & Access Management

A tool for validating AWS IAM policies against best practices and identifying security issues.

JFrog Xray

DevSecOps & Pipeline Security

A software composition analysis (SCA) solution that identifies vulnerabilities in open-source components and license compliance violations.

AWS Control Tower Customizations

Compliance & Governance

A solution that combines AWS Control Tower and other AWS services to set up a secure, multi-account AWS environment using best practices.

Immersive Labs

Security Training & Simulation

A hands-on training platform for cloud security proficiency, simulating real-world cloud environments.

Azucar

Archived

Security Assessment & Audit

Security auditing tool for Azure environments

BlackSky Cloud Security Labs

Security Training & Simulation

Cloud security labs designed to prepare cybersecurity teams for managing and defending cloud infrastructures on AWS, Azure, and GCP.

auditkube

Security Assessment & Audit

A tool for enhancing security and compliance in Kubernetes environments, focusing on auditing and logging for regulations like HIPAA, PCI, and SOC2.

Pwned Labs

Security Training & Simulation

An interactive platform for hands-on training in cloud security, offering both free and premium labs.

Barbican

Secrets Management

Barbican is a ReST API designed for the secure storage, provisioning and management of secrets, including in OpenStack environments. Mirror of code maintained at opendev.org.

Cyral

Data Security & Encryption

Cyral is a data security platform that manages and secures data access across diverse databases, data pipelines, and data warehouses.