Security_monkey
| Project Name | Stars | Downloads | Repos Using This | Packages Using This | Most Recent Commit | Total Releases | Latest Release | Open Issues | License | Language |
|---|---|---|---|---|---|---|---|---|---|---|
| Sops | 12,944 | 65 | 6 days ago | 13 | May 09, 2022 | 383 | mpl-2.0 | Go | ||
| Simple and flexible tool for managing secrets | ||||||||||
| Prowler | 8,148 | a day ago | 18 | apache-2.0 | Python | |||||
| Prowler is an Open Source Security tool for AWS, Azure and GCP to perform Cloud Security best practices assessments, audits, incident response, compliance, continuous monitoring, hardening and forensics readiness. Includes CIS, NIST 800, NIST CSF, CISA, FedRAMP, PCI-DSS, GDPR, HIPAA, FFIEC, SOC2, GXP, Well-Architected Security, ENS and more. | ||||||||||
| My Arsenal Of Aws Security Tools | 8,148 | 16 days ago | 2 | apache-2.0 | Shell | |||||
| List of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc. | ||||||||||
| Devops Resources | 6,951 | 13 days ago | 13 | Groovy | ||||||
| DevOps resources - Linux, Jenkins, AWS, SRE, Prometheus, Docker, Python, Ansible, Git, Kubernetes, Terraform, OpenStack, SQL, NoSQL, Azure, GCP | ||||||||||
| Tfsec | 5,894 | 13 | 3 days ago | 404 | September 21, 2022 | 112 | mit | Go | ||
| Security scanner for your Terraform code | ||||||||||
| Cloudmapper | 5,520 | 5 days ago | 200 | bsd-3-clause | JavaScript | |||||
| CloudMapper helps you analyze your Amazon Web Services (AWS) environments. | ||||||||||
| Scoutsuite | 5,373 | 2 days ago | 44 | April 06, 2022 | 172 | gpl-2.0 | Python | |||
| Multi-Cloud Security Auditing Tool | ||||||||||
| Steampipe | 5,266 | 3 | 2 days ago | 352 | September 20, 2022 | 243 | agpl-3.0 | Go | ||
| Use SQL to instantly query your cloud services (AWS, Azure, GCP and more). Open source CLI. No DB required. | ||||||||||
| Devsecops | 4,559 | 24 days ago | 1 | mit | ||||||
| Ultimate DevSecOps library | ||||||||||
| Security_monkey | 4,334 | 2 years ago | 1 | June 15, 2015 | 85 | apache-2.0 | Python | |||
| Security Monkey monitors AWS, GCP, OpenStack, and GitHub orgs for assets and their changes over time. | ||||||||||
NOTE: Security Monkey is in maintenance mode and will be end-of-life in 2020.
- For AWS users, please make use of AWS Config.
- For GCP users, please make use of Cloud Asset Inventory.
Security Monkey
Security Monkey monitors your AWS and GCP accounts for policy changes and alerts on insecure configurations. Support is available for OpenStack public and private clouds. Security Monkey can also watch and monitor your GitHub organizations, teams, and repositories.
It provides a single UI to browse and search through all of your accounts, regions, and cloud services. The monkey remembers previous states and can show you exactly what changed, and when.
Security Monkey can be extended with custom account types, custom watchers, custom auditors, and custom alerters.
It works on CPython 2.7. It is known to work on Ubuntu Linux and OS X.
| Develop Branch | Master Branch |
|---|---|
 |
 |
 |
 |
Special Note:
Netflix's support for Security Monkey has been reduced for minor bug fixes only. That being said, we are happy to accept and merge pull-requests that fix bugs and add new features as appropriate.
PLEASE READ: BREAKING CHANGES FOR 1.0
If you are upgrading to 1.0 for the first time, please review the Quickstart and the Autostarting documents as there is a new deployment pattern for Security Monkey. Also, new IAM permissions have been added.
Project resources
- Security Monkey Architecture
- Quickstart
- User Guide
- Upgrading
- Changelog
- Source code
- Issue tracker
- Gitter.im Chat Room
- CloudAux
- PolicyUniverse
- Troubleshooting
Instance Diagram
The components that make up Security Monkey are as follows (not AWS specific):
Access Diagram
Security Monkey accesses accounts to scan via credentials it is provided ("Role Assumption" where available).
