The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning. Learn more →
Top 9 Python cloud-security Projects
-
ElectricEye
ElectricEye is a multi-cloud, multi-SaaS Python CLI tool for Asset Management, Security Posture Management & Attack Surface Monitoring supporting 100s of services and evaluations to harden your CSP & SaaS environments with controls mapped to over 20 industry, regulatory, and best practice controls frameworks
-
WorkOS
The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.
-
tfquery
tfquery: Run SQL queries on your Terraform infrastructure. Query resources and analyze its configuration using a SQL-powered framework.
-
varc
Volatile Artifact Collector collects a snapshot of volatile data from a system. It tells you what is happening on a system, and is of particular use when investigating a security incident.
-
aws-allowlister
Automatically compile an AWS Service Control Policy that ONLY allows AWS services that are compliant with your preferred compliance frameworks.
-
metabadger
Prevent SSRF attacks on AWS EC2 via automated upgrades to the more secure Instance Metadata Service v2 (IMDSv2).
-
InfluxDB
Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
-
GCP-Attack-Defense
A Project dedicated to documenting various attack and detection vectors that can be encountered within Google Cloud Platform (GCP).
Project mention: Launch HN: Slauth (YC S22) – auto-generate secure IAM policies for AWS and GCP | news.ycombinator.com | 2023-12-04Why are you using (very expensive) GPT, or any LLM for that matter, when this was already a solved problem using rulesets? Netflix for example has open source that does this already: https://github.com/Netflix/consoleme
Instead of analyzing your code, you just run your code with no permissions and it automatically detects permission failures and thens open those permissions, with a UI showing you what it did so you can remove any permissions you don't want.
That actually seems much more secure than trying to divine the rules from reading the code.
What value is the LLM adding here?
Python cloud-security related posts
- AWS SSO: Strategy for access to all member accounts
- GitHub - cado-security/varc: Volatile Artifact Collector -- Open Source Tool to Collect Volatile Data for Incident Response
- Open source tool for collecting volatile data on compromised systems
- Varc - Volatile Artifact Collector
- Is there a way to test policies without the AWS policy simulator? maybe an API or library?
- How do you handle IAM requests?
- Permissions manager
-
A note from our sponsor - WorkOS
workos.com | 19 Apr 2024
Index
What are some of the best open-source cloud-security projects in Python? This list will help you:
Project | Stars | |
---|---|---|
1 | consoleme | 3,064 |
2 | ElectricEye | 858 |
3 | tfquery | 326 |
4 | varc | 231 |
5 | aws-allowlister | 217 |
6 | metabadger | 133 |
7 | introspector | 66 |
8 | AWSXenos | 58 |
9 | GCP-Attack-Defense | 57 |