awesome-repositories.com
Blog
awesome-repositories.com

Descubre los mejores repositorios open-source con nuestra búsqueda potenciada por IA.

ExplorarBúsquedas curadasAlternativas open-sourceSoftware autohospedableBlogMapa del sitio
ProyectoAcerca deCómo clasificamosPrensaServidor MCP
Aviso legalPrivacidadTérminos
© 2026 Bringes Technology SRL·VAT RO45896025·hello@awesome-repositories.com
·

7 repositorios

Awesome GitHub RepositoriesCloud Security

Tools for auditing, scanning, and managing multi-cloud infrastructure security.

Explore 7 awesome GitHub repositories matching part of an awesome list · Cloud Security. Refine with filters or upvote what's useful.

Awesome Cloud Security GitHub Repositories

Encuentra los mejores repositorios con IA.Buscaremos los repositorios que mejor coincidan usando IA.
  • toniblyx/prowlerAvatar de toniblyx

    toniblyx/prowler

    14,005Ver en GitHub↗

    Prowler is a multi-cloud security scanner and security posture management tool. It automates security and compliance assessments across multiple cloud environments to identify misconfigurations and vulnerabilities. The project provides a multi-cloud security analysis engine that operates as an automated auditor, evaluating infrastructure against industry-standard regulatory frameworks and security benchmarks. It features a cloud security visualization dashboard that uses a graph database to map cloud inventory and visualize potential attack paths. Capabilities include automated cloud infrast

    Provides security auditing capabilities across diverse cloud providers to identify infrastructure vulnerabilities.

    Python
    Ver en GitHub↗14,005
  • turbot/steampipeAvatar de turbot

    turbot/steampipe

    7,701Ver en GitHub↗

    Steampipe is a cloud infrastructure query engine and API-to-SQL mapper that translates REST and GraphQL API responses into relational rows and columns. It allows for the retrieval and joining of real-time data from multiple cloud service providers using a relational database interface. The project functions as a PostgreSQL foreign data wrapper and an SQLite API extension, mapping external API endpoints to virtual tables. This enables the use of standard SQL to query live cloud services and aggregate data from different providers and service accounts into a single unified dataset. The system

    SQL-based querying for cloud infrastructure and security benchmarks.

    Goawsazurecis
    Ver en GitHub↗7,701
  • nccgroup/scoutsuiteAvatar de nccgroup

    nccgroup/ScoutSuite

    7,548Ver en GitHub↗

    ScoutSuite is a multi-cloud security audit and configuration tool designed to identify security risks and misconfigurations across cloud environments. It functions as a security posture manager and compliance auditor, gathering resource metadata from cloud APIs to evaluate infrastructure against security benchmarks. The tool provides auditing capabilities for AWS, Google Cloud, DigitalOcean, and Kubernetes clusters and control planes. It distinguishes itself by decoupling data collection from analysis, allowing users to cache cloud configurations locally for offline auditing and iterative rul

    Multi-cloud security scanning tool.

    Pythonauditingawsazure
    Ver en GitHub↗7,548
  • aquasecurity/tfsecAvatar de aquasecurity

    aquasecurity/tfsec

    7,013Ver en GitHub↗

    tfsec is a static analysis tool and infrastructure as code linter designed to detect security misconfigurations and compliance violations in Terraform infrastructure code. It functions as a cloud security posture tool and policy enforcement engine that evaluates configurations against established security benchmarks. The tool provides multi-cloud security auditing for providers including AWS, Azure, Google Cloud, and Kubernetes, as well as specialized scanning for DigitalOcean, OpenStack, CloudStack, and GitHub configurations. It identifies insecure settings such as public access or unencrypt

    Detects security misconfigurations across identity, networking, storage, and compute resources in Google Cloud.

    Go
    Ver en GitHub↗7,013
  • cloud-custodian/cloud-custodianAvatar de cloud-custodian

    cloud-custodian/cloud-custodian

    6,011Ver en GitHub↗

    Cloud Custodian is an open-source rules engine that uses declarative YAML policies to query, filter, and take automated actions on cloud resources for governance and compliance. It functions as a stateless policy execution engine, where each policy evaluation runs as an independent, idempotent operation without maintaining internal state between runs. Policies are defined using a YAML-based domain-specific language that structures rules as a query-filter-action pipeline. The engine supports dry-run validation, allowing users to simulate policy actions against live resources without applying c

    Framework for multi-cloud security analysis.

    Python
    Ver en GitHub↗6,011
  • aquasecurity/cloudsploitAvatar de aquasecurity

    aquasecurity/cloudsploit

    3,705Ver en GitHub↗

    Cloudsploit is a cloud security posture management tool and multi-cloud security auditor. It audits cloud infrastructure for misconfigurations and compliance risks across multiple providers, specifically AWS and Azure, by evaluating resource configurations against a set of security plugins. The project functions as a cloud compliance scanner that maps infrastructure scan results to regulatory frameworks and security policy standards. It also serves as an automated cloud remediation tool, executing corrective actions to fix detected misconfigurations via SDK calls. The system covers resource

    Detection of security risks in cloud infrastructure.

    JavaScriptalibabaaquaaws
    Ver en GitHub↗3,705
  • cloudgraphdev/cliAvatar de cloudgraphdev

    cloudgraphdev/cli

    891Ver en GitHub↗

    The universal GraphQL API and CSPM tool for AWS, Azure, GCP, K8s, and tencent.

    GraphQL-based security analysis for cloud environments.

    TypeScript
    Ver en GitHub↗891
  1. Home
  2. Part of an Awesome List
  3. DevOps & Infrastructure
  4. Cloud Security

Explorar subetiquetas

  • Google Cloud Resource AuditsSecurity auditing and misconfiguration detection for Google Cloud Platform resources. **Distinct from Cloud Security:** Specifically targets GCP resource definitions for security flaws rather than general multi-cloud security management.