Cloud Security

AWS IAM Permissions Guardrails https://aws-samples.github.io/aws-iam-permissions-guardrails/

Some actionable advice that can be undertaken to establish a cloud security program aimed at protecting a cloud native, service provider agnostic, container-based, offering.

CloudGPT - Use ChatGPT to analyze AWS policies for vulnerabilities - gpt.py

Read up on cloud incident response, including how it differs from traditional incident response, its benefits and challenges, best practices and more.

If you haven’t been using VPC endpoints until now, AWS's two new condition keys should make you consider doing so

AWS SCP Best Practices. Contribute to hashishrajan/aws-scp-best-practice-policies development by creating an account on GitHub.

Cloud Security Podcast is a community first WEEKLY VIDEO PODCAST, where each week we interview CyberSecurity Leaders and Cloud Security Practitioners from around the world to help you learn How to and What's HOT in Cloud Security. Video Host: Ashish is a Chief Information Security Officer (CISO) who is passionate about helping people get Cloud Security jobs and help CyberSecurity professionals do their job better in Public Cloud. Before being a CISO, Ashish has been a Security Architect, SOC Manager, Cloud Security Engineer, Identity and Access Management Consultant, Pentester(for 1 month). Cloud Security Meetup We also hold global meetup events and conferences for Cloud Security enthusiast & practitioners. Cloud Security Academy Academy to learn unbiased multi-cloud disciplinary Cloud Security practices to help you succeed as a Cloud Security Practitioner. All the information is on www.cloudsecuritypodcast.tv SUBSCRIBE TO THE CHANNEL TO BE NOTIFIED OF THE NEXT EVENT

Cloud Security Specialist, Principal Consultant & Cloudsec lead @ WithSecure

Cloud Security Posture Management (CSPM). Contribute to aquasecurity/cloudsploit development by creating an account on GitHub.

Steampipe is an open source tool to instantly query your cloud services (e.g. AWS, Azure, GCP and more) with SQL. No DB required.

Prowler is an Open Source Security tool to perform Cloud Security best practices assessments, audits, incident response, continuous monitoring, hardening and forensics readiness. It contains hundre...

Open Source Cloud Security. Contribute to Zeus-Labs/ZeusCloud development by creating an account on GitHub.

Multi-Cloud Security Auditing Tool. Contribute to nccgroup/ScoutSuite development by creating an account on GitHub.

🛡️ Awesome Cloud Security Resources ⚔️. Contribute to 4ndersonLin/awesome-cloud-security development by creating an account on GitHub.

List of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc. - GitHub - toniblyx/my-arsenal-of-aws-security-tools: List of open source tools for AWS security: defensive, o...

The encyclopedia for offensive security in the cloud

2022-02 - We have launched ControlCatalog, a friendly UI for our in-depth ThreatModels.

There are many tools available today that are designed to automate security checks. For example, here’s a good list of open-source AWS…

🤔 ABOUT CLOUD SECURITY GUY 😃 Hello ! I am Taimur Ijlal and I am a multi-award winning, information security leader with over 20 years of international experience in cyber-security and IT risk management in the fin-tech industry. I am currently based in London UK where I moved after being awarded a UK Global Talent ( Tech Nation Visa ) . This Youtube channel was created to share advice about Cloud Security , Cyber-Security careers and Artificial Intelligence risks. MY PROGRAMS ============== 👨‍💻️ Interested in cyber security career coaching ? Check this : https://www.fiverr.com/taimur74/coach-you-on-how-to-succeed-in-your-cybersecurity-career 🇬🇧 Interested in moving to the UK under Tech Nation VISA ? Check this: 👉https://uk-global-talent.thinkific.com/courses/global-talent-visa FOLLOW ME ON MEDIUM ====================== Ⓜ️ Follow me on Medium: 👉https://medium.com/@taimurcloud123

Evaluate your response to these 20 cloud security scenarios covering logging, RBAC, malicious access, and more.