My arsenal of AWS security tools

I’ve been using and collecting a list of helpful tools for AWS security. This list is about the ones that I have tried at least once and I think they are good to look at for your own benefit and most important: to make your AWS cloud environment more secure.

They are not in any specific order, I just wanted to group them somehow. I have my favorites depending on the requirements but you can also have yours once you test them.

Feel free to send a pull request for improvements or add more tools (open source only in this list) here:

New additions at https://github.com/toniblyx/my-arsenal-of-aws-security-tools

 

Defensive (Hardening, Security Assessment, Inventory)

Offensive:

Continuous Security Auditing:

DFIR:

Development Security:

S3 Buckets Auditing:

Training:

Others:

4 thoughts to “My arsenal of AWS security tools”

  1. Great work! Can you please let me know if there is a way to analyze the inbound logs of our VPC flowlogs and compare them with existing IP addresses of our EC2 instance fleet and alert us if there is a suspected intrusions or exfiltrations. Thank you!

Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.