cloud-security

Open-source projects categorized as cloud-security Edit details

Top 21 cloud-security Open-Source Projects

  • terrascan

    Detect compliance and security violations across Infrastructure as Code to mitigate risk before provisioning cloud native infrastructure.

    Project mention: Top 200 Kubernetes Tools for DevOps Engineer Like You | dev.to | 2022-01-15

    TerraScan - Detect compliance and security violations across Infrastructure as Code to mitigate risk before provisioning cloud native infrastructure. klum - Kubernetes Lazy User Manager Kyverno - Kubernetes Native Policy Management https://kyverno.io kiosk - kiosk office Multi-Tenancy Extension For Kubernetes - Secure Cluster Sharing & Self-Service Namespace Provisioning kube-bench - CIS Kubernetes Benchmark tool kube-hunter - Pentesting tool - Hunts for security weaknesses in Kubernetes clusters kube-who-can - Show who has RBAC permissions to perform actions on different resources in Kubernetes starboard - Kubernetes-native security toolkit Simulator - Kubernetes Security Training Platform - Focussing on security mitigation RBAC Lookup - Easily find roles and cluster roles attached to any user, service account, or group name in your Kubernetes cluster https://fairwinds.com Kubeaudit - kubeaudit helps you audit your Kubernetes clusters against common security controls Gangway - An application that can be used to easily enable authentication flows via OIDC for a kubernetes cluster Audit2rbac - Autogenerate RBAC policies based on Kubernetes audit logs Chartsec - Helm Chart security scanner kubestriker - Security Auditing tool Datree - CLI tool to prevent K8s misconfigurations by ensuring that manifests and Helm charts follow best practices as well as your organization’s policies Krane - Kubernetes RBAC static Analysis & visualisation tool Flaco - The Falco Project - Cloud-Native runtime security Clair - Vulnerability Static Analysis for Containers Anchore Cli - Coomand Line Interface built on top of anchore engine to manage and inspect images, policies, subscriptions and registries Project Quay - Container image registry designed to boost the security of your repositories via vulnerability scanning and tight access control Kubescape - Tool to test if Kubernetes is deployed securely according to multiple frameworks: regulatory, customized company policies and DevSecOps best practices, such as the NSA-CISA and the MITRE ATT&CK®

  • consoleme

    A Central Control Plane for AWS Permissions and Access

    Project mention: Permissions manager | reddit.com/r/aws | 2022-05-09

    Perhaps Consoleme from Netflix is a useful tool for you?

  • Scout APM

    Less time debugging, more time building. Scout APM allows you to find and fix performance issues with no hassle. Now with error monitoring and external services monitoring, Scout is a developer's best friend when it comes to application development.

  • kubernetes-goat

    Kubernetes Goat is a "Vulnerable by Design" cluster environment to learn and practice Kubernetes security using an interactive hands-on playground 🚀

    Project mention: Kubernetes Goat: An Interactive Kubernetes Security Learning Playground | news.ycombinator.com | 2022-06-04
  • cloudsplaining

    Cloudsplaining is an AWS IAM Security Assessment tool that identifies violations of least privilege and generates a risk-prioritized report.

    Project mention: Cloudsplaining - AWS IAM Security Assessment Tool | dev.to | 2022-06-03

    It is an open source contribution from Salesforce.

  • awesome-cloud-security

    🛡️ Awesome Cloud Security Resources ⚔️

    Project mention: GitHub - 4ndersonLin/awesome-cloud-security: 🛡️ Awesome Cloud Security Resources ⚔️ | reddit.com/r/devsecops | 2022-01-06
  • stratus-red-team

    :cloud: :zap: Granular, Actionable Adversary Emulation for the Cloud

    Project mention: Stratus Red team | reddit.com/r/devopspro | 2022-02-07
  • Fleet

    Open source device management, built on osquery. (by fleetdm)

    Project mention: invintory for linux. | reddit.com/r/sysadmin | 2022-05-09

    osquery, with or without fleetdm or kolide.

  • SonarQube

    Static code analysis for 29 languages.. Your projects are multi-language. So is SonarQube analysis. Find Bugs, Vulnerabilities, Security Hotspots, and Code Smells so you can release quality code every time. Get started analyzing your projects today for free.

  • SkyArk

    SkyArk helps to discover, assess and secure the most privileged entities in Azure and AWS

  • ElectricEye

    Continuously monitor your AWS attack surface and evaluate services for configurations that can lead to degradation of confidentiality, integrity or availability. All results can be exported to Security Hub, JSON, CSV, Databases, and more for further aggregation and analysis.

    Project mention: Continuously monitor your AWS services for (bad) configurations | news.ycombinator.com | 2022-03-24
  • awesome-aws-security

    Curated list of links, references, books videos, tutorials (Free or Paid), Exploit, CTFs, Hacking Practices etc. which are related to AWS Security

  • tfquery

    tfquery: Run SQL queries on your Terraform infrastructure. Query resources and analyze its configuration using a SQL-powered framework.

  • granted

    The easiest way to access your cloud.

    Project mention: Granted: a CLI to access the AWS console for multiple accounts and regions at once | reddit.com/r/aws | 2022-02-23

    This problem inspired us to create Granted. Granted is an open source CLI which allows multiple AWS console sessions to be used at once in your web browser. You can use Granted to view multiple accounts and regions at the same time. To achieve this, Granted uses native browser functionality like Firefox Tab Containers and Chrome Profiles.

  • iamzero

    Identity & Access Management simplified and secure.

    Project mention: AWS IAM Recorder | reddit.com/r/aws | 2022-01-12

    You probably want https://github.com/iann0036/iamlive or https://iamzero.dev/

  • aws-allowlister

    Automatically compile an AWS Service Control Policy that ONLY allows AWS services that are compliant with your preferred compliance frameworks.

    Project mention: https://github.com/salesforce/aws-allowlister | reddit.com/r/u_voronenko | 2021-09-30
  • awesome-cloud-security

    Curated list of awesome cloud security blogs, podcasts, standards, projects, and examples. (by Funkmyster)

    Project mention: Cloud Security | reddit.com/r/redteamsec | 2021-09-19
  • harp

    Secret management by contract toolchain (by elastic)

    Project mention: Harp v0.2.5 - Secret management by contract - PEM/JWT/TLSA template functions and GitHub Actions secret exporter. | reddit.com/r/golang | 2022-01-28

    Page is 404ing for me. Here’s the link the repo: https://github.com/elastic/harp/

  • metabadger

    Prevent SSRF attacks on AWS EC2 via automated upgrades to the more secure Instance Metadata Service v2 (IMDSv2).

    Project mention: Metabadger: Prevent SSRF Attacks on AWS EC2 via Automatic Upgrades to IMDSv2 | reddit.com/r/netsec | 2021-07-27
  • sgCheckup

    sgCheckup generates nmap output based on scanning your AWS Security Groups for unexpected open ports.

    Project mention: GitHub - goldfiglabs/sgCheckup: sgCheckup generates nmap output based on scanning your AWS Security Groups for unexpected open ports. | reddit.com/r/bag_o_news | 2021-09-03
  • paralus

    All-in-one Kubernetes access manager. User-level credentials, RBAC, SSO, audit logs.

    Project mention: Paralus enables secure, audited access to remote Kubernetes clusters for developers, operations, SREs and CI/CD tools. | reddit.com/r/kubernetes | 2022-06-29
  • introspector

    A schema and set of tools for using SQL to query cloud infrastructure.

  • AWSXenos

    AWSXenos will list all the trust relationships in all the IAM roles and S3 buckets

    Project mention: AWS open source news and updates #81 | dev.to | 2021-09-13

    AWSXenos if you are looking for open source tools to help you understand and then tighten up your IAM policies and permissions, then check this tool out from AirWalk. AWSXenos will list all the trust relationships in all the IAM roles, and S3 buckets, in an AWS account and give you a breakdown of all the accounts that have trust relationships to your account. If you are thinking that AWS Access Analyser does this, then you are no wrong, however, they have put together some reasons why this project might help you address additional features not available in Access Analyser.

NOTE: The open source projects on this list are ordered by number of github stars. The number of mentions indicates repo mentiontions in the last 12 Months or since we started tracking (Dec 2020). The latest post mention was on 2022-06-29.

cloud-security related posts

Index

What are some of the best open-source cloud-security projects? This list will help you:

Project Stars
1 terrascan 3,154
2 consoleme 2,832
3 kubernetes-goat 2,562
4 cloudsplaining 1,484
5 awesome-cloud-security 1,136
6 stratus-red-team 963
7 Fleet 853
8 SkyArk 693
9 ElectricEye 596
10 awesome-aws-security 356
11 tfquery 269
12 granted 220
13 iamzero 193
14 aws-allowlister 179
15 awesome-cloud-security 153
16 harp 131
17 metabadger 110
18 sgCheckup 78
19 paralus 74
20 introspector 57
21 AWSXenos 54
Find remote jobs at our new job board 99remotejobs.com. There are 2 new remote jobs listed recently.
Are you hiring? Post a new remote job listing for free.
SaaSHub - Software Alternatives and Reviews
SaaSHub helps you find the best software and product alternatives
www.saashub.com