awesome-repositories.com
Blog
awesome-repositories.com

Entdecke die besten Open-Source-Repositories mit KI-gestützter Suche.

EntdeckenKuratierte SuchenOpen-Source-AlternativenSelf-hosted SoftwareBlogSitemap
ProjektÜber unsRanking-MethodikPresseMCP-Server
RechtlichesDatenschutzAGB
© 2026 Bringes Technology SRL·VAT RO45896025·hello@awesome-repositories.com
·

7 Repos

Awesome GitHub RepositoriesCloud Security

Tools for auditing, scanning, and managing multi-cloud infrastructure security.

Explore 7 awesome GitHub repositories matching part of an awesome list · Cloud Security. Refine with filters or upvote what's useful.

Awesome Cloud Security GitHub Repositories

Finde die besten Repos mit KI.Wir suchen mit KI nach den am besten passenden Repositories.
  • toniblyx/prowlerAvatar von toniblyx

    toniblyx/prowler

    14,005Auf GitHub ansehen↗

    Prowler is a multi-cloud security scanner and security posture management tool. It automates security and compliance assessments across multiple cloud environments to identify misconfigurations and vulnerabilities. The project provides a multi-cloud security analysis engine that operates as an automated auditor, evaluating infrastructure against industry-standard regulatory frameworks and security benchmarks. It features a cloud security visualization dashboard that uses a graph database to map cloud inventory and visualize potential attack paths. Capabilities include automated cloud infrast

    Provides security auditing capabilities across diverse cloud providers to identify infrastructure vulnerabilities.

    Python
    Auf GitHub ansehen↗14,005
  • turbot/steampipeAvatar von turbot

    turbot/steampipe

    7,701Auf GitHub ansehen↗

    Steampipe is a cloud infrastructure query engine and API-to-SQL mapper that translates REST and GraphQL API responses into relational rows and columns. It allows for the retrieval and joining of real-time data from multiple cloud service providers using a relational database interface. The project functions as a PostgreSQL foreign data wrapper and an SQLite API extension, mapping external API endpoints to virtual tables. This enables the use of standard SQL to query live cloud services and aggregate data from different providers and service accounts into a single unified dataset. The system

    SQL-based querying for cloud infrastructure and security benchmarks.

    Goawsazurecis
    Auf GitHub ansehen↗7,701
  • nccgroup/scoutsuiteAvatar von nccgroup

    nccgroup/ScoutSuite

    7,548Auf GitHub ansehen↗

    ScoutSuite is a multi-cloud security audit and configuration tool designed to identify security risks and misconfigurations across cloud environments. It functions as a security posture manager and compliance auditor, gathering resource metadata from cloud APIs to evaluate infrastructure against security benchmarks. The tool provides auditing capabilities for AWS, Google Cloud, DigitalOcean, and Kubernetes clusters and control planes. It distinguishes itself by decoupling data collection from analysis, allowing users to cache cloud configurations locally for offline auditing and iterative rul

    Multi-cloud security scanning tool.

    Pythonauditingawsazure
    Auf GitHub ansehen↗7,548
  • aquasecurity/tfsecAvatar von aquasecurity

    aquasecurity/tfsec

    7,013Auf GitHub ansehen↗

    tfsec is a static analysis tool and infrastructure as code linter designed to detect security misconfigurations and compliance violations in Terraform infrastructure code. It functions as a cloud security posture tool and policy enforcement engine that evaluates configurations against established security benchmarks. The tool provides multi-cloud security auditing for providers including AWS, Azure, Google Cloud, and Kubernetes, as well as specialized scanning for DigitalOcean, OpenStack, CloudStack, and GitHub configurations. It identifies insecure settings such as public access or unencrypt

    Detects security misconfigurations across identity, networking, storage, and compute resources in Google Cloud.

    Go
    Auf GitHub ansehen↗7,013
  • cloud-custodian/cloud-custodianAvatar von cloud-custodian

    cloud-custodian/cloud-custodian

    6,011Auf GitHub ansehen↗

    Cloud Custodian is an open-source rules engine that uses declarative YAML policies to query, filter, and take automated actions on cloud resources for governance and compliance. It functions as a stateless policy execution engine, where each policy evaluation runs as an independent, idempotent operation without maintaining internal state between runs. Policies are defined using a YAML-based domain-specific language that structures rules as a query-filter-action pipeline. The engine supports dry-run validation, allowing users to simulate policy actions against live resources without applying c

    Framework for multi-cloud security analysis.

    Python
    Auf GitHub ansehen↗6,011
  • aquasecurity/cloudsploitAvatar von aquasecurity

    aquasecurity/cloudsploit

    3,705Auf GitHub ansehen↗

    Cloudsploit is a cloud security posture management tool and multi-cloud security auditor. It audits cloud infrastructure for misconfigurations and compliance risks across multiple providers, specifically AWS and Azure, by evaluating resource configurations against a set of security plugins. The project functions as a cloud compliance scanner that maps infrastructure scan results to regulatory frameworks and security policy standards. It also serves as an automated cloud remediation tool, executing corrective actions to fix detected misconfigurations via SDK calls. The system covers resource

    Detection of security risks in cloud infrastructure.

    JavaScriptalibabaaquaaws
    Auf GitHub ansehen↗3,705
  • cloudgraphdev/cliAvatar von cloudgraphdev

    cloudgraphdev/cli

    891Auf GitHub ansehen↗

    The universal GraphQL API and CSPM tool for AWS, Azure, GCP, K8s, and tencent.

    GraphQL-based security analysis for cloud environments.

    TypeScript
    Auf GitHub ansehen↗891
  1. Home
  2. Part of an Awesome List
  3. DevOps & Infrastructure
  4. Cloud Security

Unter-Tags erkunden

  • Google Cloud Resource AuditsSecurity auditing and misconfiguration detection for Google Cloud Platform resources. **Distinct from Cloud Security:** Specifically targets GCP resource definitions for security flaws rather than general multi-cloud security management.