ElectricEye is a multi-cloud, multi-SaaS Python CLI tool for Asset Management, Security Posture Management & Attack Surface Monitoring supporting 100s of services and evaluations to harden your CSP & SaaS environments with controls mapped to over 20 industry, regulatory, and best practice controls frameworks

A collection of lambda functions to collect data from Cloudwatch, Kinesis, VPC Flow logs, S3, security-hub and AWS Inspector

Advanced AWS Security Automation Resources: Used by Udemy Course 🎓

AWS native Static Application Security Testing (SAST) utility to find and eradicate vulnerable software packages stored in AWS CodeArtifact. Built for both real-time distributed and centralized deployments.

An AWS Security Hub Custom Findings provider, using the Have I Been Pwned API

Analyse database activity with Aurora Database Activity Streams and send findings to Security Hub

An AWS Security Hub Custom Findings provider, using the Have I Been Pwned API

AWS Organization baseline configuration

Detect and automate responses to Kubernetes privilege escalation risks in AWS EKS. Mapped to NIST 800-53, CIS Controls, and ISO 27001 using AWS-native services.

Sample demonstrating how to use AWS Systems Manager Inventory to detect file changes on EC2 instances and publish findings to AWS Security Hub and Amazon Security Lake.

This AWS SAM (Serverless Application Model) deployment configures the required resources to send Trend Micro's Cloud One Application Security events to AWS Security Hub.

Event driven AWS security automation platform GuardDuty threat detection, Security Hub (CIS 1.4 + PCI DSS), Inspector v2, Macie, and IAM Access Analyzer feeding EventBridge rules that trigger Lambda auto remediation: EC2 isolation, IAM credential revocation, malicious IP blocking (WAFv2 + NACL), and S3 hardening. Full audit trail in DynamoDB.

This solution supports a bidirectional integration between Security Hub and JIRA. Issues can be either created automatically or manually by using custom actions.