Wazuh - The Open Source Security Platform. Unified XDR and SIEM protection for endpoints and cloud workloads.

Constellation is the first Confidential Kubernetes. Constellation shields entire Kubernetes clusters from the (cloud) infrastructure using confidential computing.

Kubernetes Goat is a "Vulnerable by Design" cluster environment to learn and practice Kubernetes security using an interactive hands-on playground 🚀

awesome cloud security 收集一些国内外不错的云安全资源，该项目主要面向国内的安全人员

Cloud security projects with Spring Cloud Config Server and Vault

A GitHub Action to analyze Terraform and IaC configurations in Security Command Center.

Security interview questions with possible explanation for roles in AppSec, Pentesting, Cloud Security, DevSecOps, Network Security and so on

This repository supports the blog site www.cloudauditcontrols.com.

Query, provision and operate Cloud and SaaS resources and APIs using an extensible SQL based framework

Security Remediation Guides

ElectricEye is a multi-cloud, multi-SaaS Python CLI tool for Asset Management, Security Posture Management & Attack Surface Monitoring supporting 100s of services and evaluations to harden your CSP & SaaS environments with controls mapped to over 20 industry, regulatory, and best practice controls frameworks

An evolving repository of CloudTrail events with detailed descriptions, MITRE ATT&CK insights, real-world incidents, references and security implications

All-in-one Kubernetes access manager. User-level credentials, RBAC, SSO, audit logs.

Detect compliance and security violations across Infrastructure as Code to mitigate risk before provisioning cloud native infrastructure.

The easiest way to access your cloud.

AWS Control Tower and Lacework allow seamless multi-account cloud security. With Lacework and AWS Control Tower, enrolling a new AWS account now means security best practices and monitoring are automatically applied consistently across your organization. Account administrators can automatically add Lacework's security auditing and monitoring to …

An encyclopedia for offensive and defensive security knowledge in cloud native technologies.

Registry for cloud and SaaS providers for StackQL, generated from extensions to the providers OpenAPI3 specification

Powerful+Fast+Low Privilege Kubernetes service discovery tools via kubernetes DNS service. Currently supported service ip-port BruteForcing / AXFR Domain Transfer Dump / Coredns WildCard Dump / Pod Verified IP discovery

A comprehensive open-source repository providing tutorials and guides for mastering Microsoft Azure, covering topics from fundamentals and networking to advanced cloud solutions and trends.