awesome-cloud-security
cloud security guide
A curated collection of resources and examples for improving cloud security
A curated list of awesome cloud security blogs, podcasts, standards, projects, and examples.
585 stars
18 watching
112 forks
last commit: about 1 year ago
Linked from 2 awesome lists
awesomeawesome-listawsaws-securitycloudcloud-securitydata-loss-preventiondlpelasticsearchgoogle-cloud-securityhacktoberfesthacktoberfest2023hacktoberfestcebuinformation-securityloggingnistoracle-cloud-securitysecuritysecurity-standardswaf
Awesome Cloud Security / Public Cloud Governance / URL Services | |||
| https://doc-{user_provided}-{random_id}.{region}.cloudsearch.amazonaws.com | |||
| ftp://s-{random_id}.server.transfer.{region}.amazonaws.com | s | ||
| https://b-{random_id}-{1,2}.mq.{region}.amazonaws.com:8162 | |||
Awesome Cloud Security / Public Cloud Governance / MultiCloud Governance | |||
| Cloud Custodian | 5,488 | about 1 month ago | |
| CloudQuary | 5,913 | about 1 month ago | |
| Cloudsploit | 3,372 | about 1 month ago | |
| ManageIQ by RedHat | 1,350 | about 1 month ago | |
| Mist.io | 1,868 | 8 months ago | |
| NeuVector | 1,122 | about 1 month ago | |
| Triton by Joyent | 1,322 | 5 months ago | |
Awesome Cloud Security / Kubernetes Operators / Aqua | |||
| Aqua Security Operator | |||
| Starboard Operator | |||
Awesome Cloud Security / Kubernetes Operators / Misc | |||
| Anchore - Anchore Engine Operator | |||
| Falco Security - Falco Operator | |||
| Quay - Project Quay Container Security | |||
| Snyk - Snyk Operator | |||
| Splunk - Splunk Operator for Kubernetes | |||
| Sysdig - Sysdig Agent Operator | |||
Awesome Cloud Security / Container Tools / Anchore | |||
| Anchore Engine | 1,589 | almost 2 years ago | |
| Grype | 8,970 | about 1 month ago | |
| Kai | 63 | about 1 month ago | |
| Syft | 6,371 | about 1 month ago | |
Awesome Cloud Security / Container Tools / Aqua | |||
| Cloudsploit | 3,372 | about 1 month ago | |
| Kube-Bench | 7,129 | about 1 month ago | |
| Kube-Hunter | 4,774 | 10 months ago | |
| Kubectl-who-can | 850 | 6 months ago | |
| Trivy | 24,010 | about 1 month ago | |
Awesome Cloud Security / Container Tools / Misc | |||
| Docker - Docker Bench for Security | 9,195 | 3 months ago | |
| Elias - Dagda | 1,164 | over 1 year ago | |
| Falco Security - Falco | 7,460 | about 1 month ago | |
| Harbor - Harbor | 24,406 | about 1 month ago | |
| Quay - Clair | 10,409 | about 1 month ago | |
| Snyk - Snyk | 4,979 | about 1 month ago | |
| vchinnipilli - Kubestriker | 992 | 10 months ago | |
Awesome Cloud Security / Cloud Security Standards | |||
| ISO/IEC 27017:2015 | |||
| ISO/IEC 27018:2019 | |||
| MTCS SS 584 | |||
| CCM | |||
| NIST 800-53 | |||
Awesome Cloud Security / Learning / Blogs | |||
| AWS Security | |||
| Azure Security | |||
| Dark Reading | |||
Awesome Cloud Security / Learning / Courses / Oracle | |||
| Oracle Cloud Security Administrator | |||
Awesome Cloud Security / Learning / Courses / A Cloud Guru / Learning Paths | |||
| AWS Security Path | |||
| Azure Security Path | |||
| GCP Security Path | |||
Awesome Cloud Security / Learning / Labs | |||
| AWS Workshops | |||
Awesome Cloud Security / Learning / Labs / AWS Workshops | |||
| AWS Identity: Using Amazon Cognito for serverless consumer apps | |||
| AWS Network Firewall Workshop | |||
| AWS Networking Workshop | |||
| Access Delegation | |||
| Amazon VPC Endpoint Workshop | |||
| Build a Vulnerability Management Program Using AWS for AWS | |||
| Data Discovery and Classification with Amazon Macie | |||
| Data Protection | |||
| DevSecOps - Integrating security into your pipeline | |||
| Disaster Recovery on AWS | |||
| Finding and addressing Network Misconfigurations on AWS | |||
| Firewall Manager Service - WAF Policy | |||
| Getting Hands on with Amazon GuardDuty | |||
| Hands on Network Firewall Workshop | |||
| Implementing DDoS Resiliency | |||
| Infrastructure Identity on AWS | |||
| Integrating security into your container pipeline | |||
| Integration, Prioritization, and Response with AWS Security Hub | |||
| Introduction to WAF | |||
| Permission boundaries: how to delegate permissions on AWS | |||
| Protecting workloads on AWS from the instance to the edge | |||
| Scaling threat detection and response on AWS | |||
| Serverless Identity | |||
Awesome Cloud Security / Learning / Labs | |||
| PagerDuty Training Lab | |||
Awesome Cloud Security / Learning / Labs / PagerDuty Training Lab | |||
| PagerDuty Training GitHub | 411 | over 1 year ago | |
| PagerDuty Training for Engineers | |||
| PagerDuty Training for Everyone: Part 1 | |||
| PagerDuty Training for Everyone: Part 2 | |||
Awesome Cloud Security / Learning / Podcasts | |||
| Azure DevOps Podcast | |||
| Cloud Security Podcast by Google | |||
| Security Now | |||
Awesome Cloud Security / Learning / Vulnerable By Design | |||
| CloudGoat by Rhino Security Labs | 2,991 | about 1 month ago | |
| ServerlessGoat by OWASP | 320 | 6 months ago | |
| WrongSecrets by OWASP | 1,246 | about 1 month ago | |
Awesome Cloud Security / Certifications / Cloud Vendors | |||
| AWS Certified Security Specialty | |||
| Azure Security Engineer Associate | |||
| Google Professional Cloud Security Engineer | |||
| Oracle Cloud Platform Identity and Security Management | |||
Awesome Cloud Security / Certifications / ISC | |||
| CCSP - Certified Cloud Security Professional | |||
Awesome Cloud Security / Certifications / CSA | |||
| CCSK - Certificate of Cloud Security Knowledge | |||
| CCAK - Certificate of Cloud Auditing Knowledge | |||
Awesome Cloud Security / Projects / Alerting | |||
| 411 by Etsy | 973 | almost 2 years ago | |
| ElastAlert by Yelp | 8,004 | 5 months ago | |
| StreamAlert by Airbnb | 2,864 | about 1 year ago | |
Awesome Cloud Security / Projects / Automated Security Assessment | |||
| Prowler | 10,941 | about 1 month ago | |
| CloudFox | 1,983 | 3 months ago | |
| SkyArk | 877 | about 2 years ago | |
| Pacu | 4,422 | 2 months ago | |
| Bucket Finder | |||
| Boto3 | |||
| Principal Mapper | 1,436 | 6 months ago | |
| ScoutSuite | 6,794 | about 2 months ago | |
| s3_objects_check | 75 | almost 3 years ago | |
| cloudsplaining | 2,009 | about 1 month ago | |
| weirdAAL | 787 | almost 2 years ago | |
| cloudmapper | 6,017 | 6 months ago | |
| NetSPI/AWS_Consoler | 225 | over 4 years ago | |
Awesome Cloud Security / Projects / Benchmarking | |||
| AWS Security Benchmark | 618 | about 5 years ago | |
Awesome Cloud Security / Projects / Data Loss Prevention | |||
| Git Secrets by AWS Labs | 12,504 | 9 months ago | |
Awesome Cloud Security / Projects / Firewall Management / globaldatanet | |||
| AWS Firewall Factory | 237 | about 1 month ago | |
Awesome Cloud Security / Projects / Identity and Access Management / AWS Labs | |||
| AWS IAM Generator | 241 | over 3 years ago | |
Awesome Cloud Security / Projects / Identity and Access Management / Duo Labs | |||
| Parliament | 1,051 | 6 months ago | |
| CloudTracker | 888 | about 3 years ago | |
Awesome Cloud Security / Projects / Identity and Access Management / Netflix | |||
| Aardvark | 474 | 3 months ago | |
| ConsoleMe | 3,153 | 6 months ago | |
| PolicyUniverse | 427 | 7 months ago | |
| Repokid | 1,124 | over 1 year ago | |
Awesome Cloud Security / Projects / Identity and Access Management / Pinterest | |||
| Knox | 1,235 | about 1 month ago | |
Awesome Cloud Security / Projects / Identity and Access Management / Salesforce | |||
| Policy Sentry | 2,028 | about 1 month ago | |
| CloudSplaining | 2,009 | about 1 month ago | |
| AWS-AllowLister | 224 | over 1 year ago | |
| Terraform for Policy Guru | 29 | over 1 year ago | |
Awesome Cloud Security / Projects / Identity and Access Management / welldone.cloud | |||
| aws-lint-iam-policies | 119 | about 1 month ago | |
Awesome Cloud Security / Projects / Identity and Access Management / Misc | |||
| AWS Missing Tools by CloudAvail | 1,340 | over 5 years ago | |
| Awesome IAM List | 1,781 | 2 months ago | |
| Enumerate IAM by Andres Riancho | 1,105 | 12 months ago | |
| Kubernetes AWS IAM Authenticator by Kubernetes SIG | 2,218 | about 1 month ago | |
Awesome Cloud Security / Projects / Incident Response / AWS | |||
| AWS Incident Response Playbooks by AWS Samples | 935 | 8 months ago | |
| AWS Security Hub Automated Response and Remediation | 403 | about 1 month ago | |
Awesome Cloud Security / Projects / Incident Response / Netflix | |||
| Dispatch by Netflix | 5,188 | about 1 month ago | |
Awesome Cloud Security / Projects / Incident Response / PagerDuty | |||
| PagerDuty Automated Remediation Docs | 7 | almost 2 years ago | |
| PagerDuty Business Response Docs | 8 | about 3 years ago | |
| PagerDuty DevSecOps Docs | 13 | about 3 years ago | |
| PagerDuty Full Case Ownership Docs | 5 | about 3 years ago | |
| PagerDuty Full Service Ownership Docs | 22 | about 1 month ago | |
| PagerDuty Going OnCall Docs | 7 | over 2 years ago | |
| PagerDuty Incident Response Docs | 1,023 | over 1 year ago | |
| PagerDuty Operational Review Docs | 20 | about 3 years ago | |
| PagerDuty PostMortem Docs | 65 | over 2 years ago | |
| PagerDuty Retrospectives Docs | 9 | about 2 years ago | |
| PagerDuty Stakeholder Communication Docs | 9 | almost 2 years ago | |
Awesome Cloud Security / Projects / Incident Response / Velocidex | |||
| Velociraptor | 3,020 | about 1 month ago | |
Awesome Cloud Security / Projects / Spring | |||
| Spring Cloud Security | 27 | about 1 month ago | |
Awesome Cloud Security / Projects / Threat modeling | |||
| ThreatModel for Amazon S3 | 151 | over 1 year ago | Library of all the attack scenarios on Amazon S3 and how to mitigate them, following a risk-based approach |
Awesome Cloud Security / Examples / Ex. Automated Security Assessment | |||
| AWS Config Rules Repository | 1,621 | 4 months ago | |
| AWS Inspector Agent Autodeploy | 28 | over 6 years ago | |
| AWS Inspector Auto Remediation | 58 | over 6 years ago | |
| AWS Inspector Lambda Finding Processor | 39 | over 6 years ago | |
Awesome Cloud Security / Examples / Ex. Identity and Access Management | |||
| Amazon Cognito Streams connector for Amazon Redshift | 9 | over 4 years ago | |
Awesome Cloud Security / Examples / Ex. Logging | |||
| AWS Centralized Logging | 253 | 11 months ago | |
| AWS Config Snapshots to ElasticSearch | 71 | almost 5 years ago | |
| AWS CloudWatch Events Monitor Security Groups | 25 | about 5 years ago | |
Awesome Cloud Security / Examples / Ex. Web Application Firewall | |||
| AWS WAF Sample | 512 | about 5 years ago | |
| AWS WAF Security Automations | 863 | 3 months ago | |
Awesome Cloud Security / Misc / Other Awesome Lists | |||
| Awesome Cloud Cost Control | 41 | about 1 year ago | |
| Awesome Cloud Native Security | 309 | about 1 year ago | |
| Awesome Cloud Security | 585 | about 1 year ago | |
| Awesome IAM List | 1,781 | 2 months ago | |
| Awesome Incident Response List | 7,728 | 6 months ago | |
| Awesome Shodan Queries | 5,955 | 8 months ago | |
nccgroup/sadcloud
fit2cloud/riskscanner
vinum-security/kubernetes-security-checklist
ydcloudsecurity/cloud-security-guides
withsecurelabs/leonidas
projectdiscovery/cloudlist
bitnami/containers
rams3sh/aaia
iknowjason/ariacloud
alexivkin/kubepwn