Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Prowler is a security tool to perform AWS security best practices assessments, audits, incident response, continuous monitoring, hardening and forensics readiness. It contains more than 200 controls covering CIS, ISO27001, GDPR, HIPAA, SOC2, ENS and other security frameworks.

Stars: ✭ 4,561 (+2287.96%)

Mutual labels: aws, cloud, security-audit

Terracognita

Reads from existing Cloud Providers (reverse Terraform) and generates your infrastructure as code on Terraform configuration

Stars: ✭ 452 (+136.65%)

Mutual labels: aws, cloud, gcp

Infracost

Cloud cost estimates for Terraform in pull requests💰📉 Love your cloud bill!

Stars: ✭ 4,505 (+2258.64%)

Mutual labels: aws, cloud, gcp

Pulumi

Pulumi - Developer-First Infrastructure as Code. Your Cloud, Your Language, Your Way 🚀

Stars: ✭ 10,887 (+5600%)

Mutual labels: aws, cloud, gcp

Cloud Security Audit

A command line security audit tool for Amazon Web Services

Stars: ✭ 68 (-64.4%)

Mutual labels: aws, cloud, security-audit

Arvados

An open source platform for managing and analyzing biomedical big data

Stars: ✭ 274 (+43.46%)

Mutual labels: aws, cloud, gcp

Externalsecret Operator

An operator to fetch secrets from cloud services and inject them in Kubernetes

Stars: ✭ 177 (-7.33%)

Mutual labels: aws, cloud, gcp

Scoutsuite

Multi-Cloud Security Auditing Tool

Stars: ✭ 3,803 (+1891.1%)

Mutual labels: aws, cloud, gcp

My Links

Knowledge seeks no man

Stars: ✭ 311 (+62.83%)

Mutual labels: aws, cloud, gcp

Cloudblock

Cloudblock automates deployment of secure ad-blocking for all of your devices - even when mobile. Step-by-step text and video guides included! Compatible clouds include AWS, Azure, Google Cloud, and Oracle Cloud. Cloudblock deploys Wireguard VPN, Pi-Hole DNS Ad-blocking, and DNS over HTTPS in a cloud provider - or locally - using Terraform and Ansible.

Stars: ✭ 257 (+34.55%)

Mutual labels: aws, cloud, gcp

Terratag

Terratag is a CLI tool that enables users of Terraform to automatically create and maintain tags across their entire set of AWS, Azure, and GCP resources

Stars: ✭ 385 (+101.57%)

Mutual labels: aws, cloud, gcp

Engine

Deploy your apps on any Cloud provider in just a few seconds

Stars: ✭ 1,132 (+492.67%)

Mutual labels: aws, cloud, gcp

Go Cloud

The Go Cloud Development Kit (Go CDK): A library and tools for open cloud development in Go.

Stars: ✭ 8,124 (+4153.4%)

Mutual labels: aws, cloud, gcp

Learning Cloud

List of resources - courses, sample code, articles and screencasts for learning AWS, Azure, GCP and Alibaba Cloud

Stars: ✭ 100 (-47.64%)

Mutual labels: aws, cloud, gcp

Seldon Server

Machine Learning Platform and Recommendation Engine built on Kubernetes

Stars: ✭ 1,435 (+651.31%)

Mutual labels: aws, cloud, gcp

View All Similar Projects ➔

OpenCSPM

Open Cloud Security Posture Management, OpenCSPM, is an open-source platform for gaining deeper insight into your cloud configuration and metadata to help understand and reduce risk over time.

Who is OpenCSPM for?

Security teams running infrastructure in cloud environments looking to gain visibility into security risk across the entire account and track the resolution of those issues.
Development and Infrastructure teams looking for a set of security best-practices to follow as they develop new systems and bake security in early and often.
Red Teams wanting to create targeted scenarios specific to their environment with the highest impact and benefit to their Blue Team.
Any organization looking to establish a baseline of security issues, prioritize them by risk, and track them to closure over time.

What does OpenCSPM do?

When deployed inside your environment, it can:

collect several types of cloud configuration data on a one-time or recurring basis from your cloud account resources (VMs, Clusters, IAM, etc),
parse and load that data into a graph database with deep linked relationships between resources to support advanced querying capabilities,
run a customizable series of policy checks to determine conformance and record passing/failing resources on a recurring basis,
create custom groupings of related policy checks that aid in tracking remediation efforts and reduction in risk over time,
and provide notifications when deviations from desired baselines occur to multiple destinations.

High-level Architecture

OpenCSPM has several key components that work together:

Structured configuration and metadata is collected from the GCP Cloud Asset Inventory and Kubernetes API to a Storage Bucket or local filesystem.
The data is parsed and loaded into a Graph Database with complex relationships intact.
One or more customizable sets of policy checks ("control packs") are run against the parsed inventory data, and results are stored.
The API/Engine serves up the user interface, handles tracking of campaigns, and notifications.

Getting Started

Ready to get going? Follow the instructions for getting started or watch the following getting started video:

Support and Community

OpenCSPM is undergoing active development and community assistance is available via the OpenCSPM Slack Channel. If you have found an issue, please file it using a GitHub issue.

Contributing

We invite you to submit requests for new features and bug reports using a Github issue. If you would like to contribute to OpenCSPM, please review our development guide.

Creators

OpenCSPM was made open-source software by Josh Larsen and Brad Geesaman, the co-founders of Darkbit. Darkbit is a cloud-native security assessment consulting firm based in the US that helps organizations understand the risks in their cloud and Kubernetes resource configurations.

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].

Stars: ✭ 191

Visit Git Page 🔗Visit User Page 🔗Visit Issues Page (2) 🔗