Cloud Security Tools

aws-lint-iam-policies

Identity & Access Management

A tool for validating AWS IAM policies against best practices and identifying security issues.

Spectral

DevSecOps & Pipeline Security

A DevSecOps tool that integrates security into the software development lifecycle, focusing on secret protection and code security.

auditkube

Security Assessment & Audit

A tool for enhancing security and compliance in Kubernetes environments, focusing on auditing and logging for regulations like HIPAA, PCI, and SOC2.

Fortify on Demand

DevSecOps & Pipeline Security

A cloud-based application security service that integrates security testing into the DevOps toolchain.

SkyWrapper

Identity & Access Management

SkyWrapper helps to discover suspicious creation forms and uses of temporary tokens in AWS

JFrog Xray

DevSecOps & Pipeline Security

A software composition analysis (SCA) solution that identifies vulnerabilities in open-source components and license compliance violations.

AWS Config RDKlib

Compliance & Governance

Python library to enable you to run custom AWS Config Rules at scale, using Lambda Layer.

Immersive Labs

Security Training & Simulation

A hands-on training platform for cloud security proficiency, simulating real-world cloud environments.

s3_objects_check

Security Assessment & Audit

Whitebox evaluation of effective S3 object permissions, to identify publicly accessible files.

BlackSky Cloud Security Labs

Security Training & Simulation

Cloud security labs designed to prepare cybersecurity teams for managing and defending cloud infrastructures on AWS, Azure, and GCP.

AWS Config to Elasticsearch

Configuration & Change Management

Generates an AWS Config Snapshot and ingests it into ElasticSearch for further analysis using Kibana.

Cyral

Data Security & Encryption

Cyral is a data security platform that manages and secures data access across diverse databases, data pipelines, and data warehouses.