CloudQuery: Open source cloud asset inventory with set of pre-baked SQL policies for security and compliance.
Cloud-custodian: Rules engine for cloud security, cost optimization, and governance.
consoleme: A Central Control Plane for AWS Permissions and Access
cs suite: Tool for auditing the security posture of AWS/GCP/Azure.
Deepfence ThreatMapper: Apache v2, powerful runtime vulnerability scanner for kubernetes, virtual machines and serverless.
dftimewolf: A multi-cloud framework for orchestrating forensic collection, processing and data export.
diffy: Diffy is a digital forensics and incident response (DFIR) tool developed by Netflix.
ElectricEye: Continuously monitor AWS services for configurations.
Forseti security: GCP inventory monitoring and policy enforcement tool.
Hammer: A multi-account cloud security tool for AWS. It identifies misconfigurations and insecure data exposures within most popular AWS resources.
kics: Find security vulnerabilities, compliance issues, and infrastructure misconfigurations early in the development cycle of your infrastructure-as-code.
Matano: Open source serverless security lake platform on AWS that lets you ingest, store, and analyze data into an Apache Iceberg data lake and run realtime Python detections as code.
Metabadger: Prevent SSRF attacks on AWS EC2 via automated upgrades to the more secure Instance Metadata Service v2 (IMDSv2).
Cloud Risk Encyclopedia by Orca Security: 900+ documented cloud security risks, with ability to filter by cloud vendor, compliance framework, risk category, and criticality.