Scanning for AWS Security Issues with Trivy

• cargo-auditable

  23 547 7.9 Rust

  Make production Rust binaries auditable

  

• steampipe

  146 6,379 9.7 Go

  Zero-ETL, infinite possibilities. Live query APIs, code & more with SQL. No DB required.

  

Readers may also enjoy Steampipe [1]. It's an open source "ops as code" CLI to query 83+ services (AWS, GitHub, Terraform, etc) with SQL [2] that comes with hundreds of ready to use benchmarks (CIS, NIST, Cost) and dashboards built in HCL [3]. The AWS Compliance mod [4] and Trivy plugin [5] are specific examples. (Disclaimer - I'm a lead on the project.)

1 - https://steampipe.io

• WorkOS

  workos.com sponsored

  The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.

  

• steampipe-plugin-trivy

  2 8 6.0 Go

  Use SQL to instantly query advisories, vulnerabilities, packages, findings and more using Trivy. Open source CLI. No DB required.

  

• steampipe-mod-aws-compliance

  18 351 8.4 HCL

  Run individual controls or full compliance benchmarks for CIS, PCI, NIST, HIPAA and more across all of your AWS accounts using Powerpipe and Steampipe.

  

• cloudquery

  102 5,581 10.0 Go

  The open source high performance ELT framework powered by Apache Arrow

  

Shameless plug, you can also enjoy CloudQuery (https://github.com/cloudquery/cloudquery) where we take a more ELT approach so you can use plain SQL for policies (https://github.com/cloudquery/cloudquery/tree/main/plugins/s...) and then use any BI tools for visualization and monitoring (https://github.com/cloudquery/cloudquery/tree/main/plugins/s...).

Shout out to steampipe bellow as a similar project though that takes a more real-time approach rather then ELT which has it's use-cases as well.

• ScoutSuite

  24 6,159 6.1 Python

  Multi-Cloud Security Auditing Tool

  

Suggest a related project