mendel129's starred repositories
cloud-custodian
Rules engine for cloud security, cost optimization, and governance, DSL in yaml for policies to query, filter, and take actions on resources
ThreatMapper
Open Source Cloud Native Application Protection Platform (CNAPP)
security-research
This project hosts security advisories and their accompanying proof-of-concepts related to research conducted at Google which impact non-Google owned code.
htmlpurifier
Standards compliant HTML filter written in PHP
cloudformation-guard
Guard offers a policy-as-code domain-specific language (DSL) to write rules and validate JSON- and YAML-formatted data such as CloudFormation Templates, K8s configurations, and Terraform JSON plans/configurations against those rules. Take this survey to provide feedback about cfn-guard: https://amazonmr.au1.qualtrics.com/jfe/form/SV_bpyzpfoYGGuuUl0
saas-attacks
Offensive security drives defensive security. We're sharing a collection of SaaS attack techniques to help defenders understand the threats they face. #nolockdown
certspotter
Certificate Transparency Log Monitor
m5stick-nemo
M5 Stick C firmware for high-tech pranks
awesome-secure-defaults
Awesome secure by default libraries to help you eliminate bug classes!
aws-security-survival-kit
Bare minimum AWS Security Alerting and Configuration
threat-composer
A simple threat modeling tool to help humans to reduce time-to-value when threat modeling
aws-iot-device-sdk-python-v2
Next generation AWS IoT Client SDK for Python using the AWS Common Runtime
inverting-proxy
Reverse proxy that inverts the direction of traffic
devsecopsguides.github.io
DevSecOpsGuides
jupyter-notebook-for-incident-response
A library of Incident Response notebooks using Jupyter. We will show how you can leverage pre-defined notebook files to guide your incident responders in identifying, containing, eradicating, and recovering from an incident.
vault-policy-guide
A brief guide to help illustrate some of the more nuanced aspects of HashiCorp Vault's policies.
jwt-webtool
Source code repo for the online JWT webtool.
aws-guard-rules-registry
Rules Registry for Compliance Frameworks
security-analysis-tool
Security Analysis Tool (SAT) analyzes customer's Databricks account and workspace security configurations and provides recommendations that help them follow Databrick's security best practices. When a customer runs SAT, it will compare their workspace configurations against a set of security best practices and delivers a report.
terraform-aws-ca
Terraform module for serverless certificate authority on AWS