{"id":26219667,"url":"https://github.com/paulveillard/cybersecurity-cloud-security","last_synced_at":"2025-07-14T07:33:05.261Z","repository":{"id":273937875,"uuid":"623095102","full_name":"paulveillard/cybersecurity-cloud-security","owner":"paulveillard","description":"An ongoing \u0026 curated collection of awesome software best practices and techniques, libraries and frameworks, E-books and videos, websites, blog posts, links to github Repositories, technical guidelines and important resources about Cloud Security in Cybersecurity.","archived":false,"fork":false,"pushed_at":"2025-02-01T18:09:29.000Z","size":9751,"stargazers_count":4,"open_issues_count":0,"forks_count":1,"subscribers_count":2,"default_branch":"main","last_synced_at":"2025-06-13T14:07:28.618Z","etag":null,"topics":["aws","aws-cloud","azure","cloud","cloud-computing","cloud-security-audit","cloud-security-posture-management-platform","cloud-security-tools","cloud-services","cloudsecurity","cybersecurity","gcp","google-cloud","google-cloud-platform","oracle","well-architected"],"latest_commit_sha":null,"homepage":"","language":null,"has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/paulveillard.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null}},"created_at":"2023-04-03T17:25:44.000Z","updated_at":"2025-05-25T12:04:55.000Z","dependencies_parsed_at":"2025-04-16T01:57:51.215Z","dependency_job_id":"cb00c5fc-f67e-4855-9463-fbdfcbbf266f","html_url":"https://github.com/paulveillard/cybersecurity-cloud-security","commit_stats":null,"previous_names":["paulveillard/cybersecurity-cloud-security"],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/paulveillard/cybersecurity-cloud-security","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/paulveillard%2Fcybersecurity-cloud-security","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/paulveillard%2Fcybersecurity-cloud-security/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/paulveillard%2Fcybersecurity-cloud-security/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/paulveillard%2Fcybersecurity-cloud-security/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/paulveillard","download_url":"https://codeload.github.com/paulveillard/cybersecurity-cloud-security/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/paulveillard%2Fcybersecurity-cloud-security/sbom","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":265255432,"owners_count":23735260,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["aws","aws-cloud","azure","cloud","cloud-computing","cloud-security-audit","cloud-security-posture-management-platform","cloud-security-tools","cloud-services","cloudsecurity","cybersecurity","gcp","google-cloud","google-cloud-platform","oracle","well-architected"],"created_at":"2025-03-12T14:18:51.024Z","updated_at":"2025-07-14T07:33:05.235Z","avatar_url":"https://github.com/paulveillard.png","language":null,"funding_links":[],"categories":[],"sub_categories":[],"readme":"#  Cloud Security: Theory, Techniques, Testing and Tools\n\nAn ongoing \u0026 curated collection of awesome software best practices and techniques, libraries and frameworks, E-books and videos, websites, blog posts, links to github Repositories, technical guidelines and important resources about Cloud Security in Cybersecurity.\n\u003e Thanks to all contributors, you're awesome and wouldn't be possible without you! Our goal is to build a categorized community-driven collection of very well-known resources.\n\n# `Table of Contents`\n\n\n\n# Threat Research \n - [Cloud Security Alliance Research](https://cloudsecurityalliance.org/research/) \n - [Datadog Security Labs](https://securitylabs.datadoghq.com/)\n - [Elastic Security Labs](https://www.elastic.co/security-labs)\n - [Google Project Zero](https://googleprojectzero.blogspot.com/)\n - [Microsoft Security Response Center](https://www.microsoft.com/en-us/msrc)\n - [Orca Research Pod](https://orca.security/about/orca-research-pod/) \n - [Rapid7 Research](https://www.rapid7.com/research/) \n - [Sysdig Threat Research](https://sysdig.com/threat-research/)\n - [Team Nautilus by Aqua Security](https://www.aquasec.com/research/) \n - [Unit 42 by Palo Alto Networks](https://unit42.paloaltonetworks.com/)\n - [Wiz Cloud Threat Landscape](https://threats.wiz.io/)\n\n\n# Security Vendors\n\n## Publicly listed vendors\n\nThese are vendors with publicly traded stocks. The links lead to a vendor's website, LinkedIn company page and the stock price on [Yahoo! Finance](https://finance.yahoo.com/). \n\n - [Check Point](https://www.checkpoint.com/) | [LinkedIn](https://www.linkedin.com/company/check-point-software-technologies/about/) | [CHKP](https://finance.yahoo.com/quote/CHKP/)\n - [Cisco](https://www-cloud.cisco.com/site/us/en/products/security/index.html) | [LinkedIn](https://www.linkedin.com/company/cisco/) | [CSCO](https://finance.yahoo.com/quote/CSCO/)\n - [CloudFlare](https://www.cloudflare.com) | [LinkedIn](https://www.linkedin.com/company/cloudflare/) | [NET](https://finance.yahoo.com/quote/NET/)\n - [CrowdStrike](https://www.crowdstrike.com/) | [LinkedIn](https://www.linkedin.com/company/crowdstrike/) | [CRWD](https://finance.yahoo.com/quote/CRWD)\n - [CyberArk](https://www.cyberark.com) | [LinkedIn](https://www.linkedin.com/company/cyber-ark-software/) | [CYBR](https://finance.yahoo.com/quote/CYBR/) \n - [Datadog](https://www.datadoghq.com/) | [LinkedIn](https://www.linkedin.com/company/datadog/about/) | [DDOG](https://finance.yahoo.com/quote/ddog)\n - [Fortinet](https://www.fortinet.com) | [LinkedIn](https://www.linkedin.com/company/fortinet/) | [FTNT](https://finance.yahoo.com/quote/FTNT/)\n - [Palo Alto Networks](https://www.paloaltonetworks.com/) | [LinkedIn](https://www.linkedin.com/company/palo-alto-networks) | [PANW](https://finance.yahoo.com/quote/PANW)\n - [Qualys](https://www.qualys.com/) | [LinkedIn](https://www.linkedin.com/company/qualys) | [QLYS](https://finance.yahoo.com/quote/QLYS)\n - [Radware](https://www.radware.com/) | [LinkedIn](https://www.linkedin.com/company/radware/about/) | [RDWR](https://finance.yahoo.com/quote/RDWR)\n - [SentinelOne](https://www.sentinelone.com/) | [LinkedIn](https://www.linkedin.com/company/sentinelone) | [S](https://finance.yahoo.com/quote/S)\n - [Tenable](https://www.tenable.com/) | [LinkedIn](https://www.linkedin.com/company/tenableinc) | [TENB](https://finance.yahoo.com/quote/TENB)\n - [Varonis](https://www.varonis.com/) | [LinkedIn](https://www.linkedin.com/company/varonis/) | [VRNS](https://finance.yahoo.com/quote/VRNS/)\n - [Zscaler](https://www.zscaler.com/) | [LinkedIn](https://www.linkedin.com/company/zscaler/) | [ZS](https://finance.yahoo.com/quote/ZS)\n\n### Formerly listed\n - [HashiCorp](https://www.hashicorp.com) | [LinkedIn](https://www.linkedin.com/company/hashicorp/) | [HCP](https://finance.yahoo.com/quote/HCP)\n - [Splunk](https://www.splunk.com/) | [LinkedIn](https://www.linkedin.com/company/splunk/) | [SPLK](https://finance.yahoo.com/quote/SPLK)\n\n\n## Private Vendors\nVenture-funded companies\n\n - [AccuKnox](https://www.accuknox.com/) | [LinkedIn](https://www.linkedin.com/company/accuknox/) | [Crunchbase](https://www.crunchbase.com/organization/accuknox)\n - [Aikido](https://www.aikido.dev/) | [LinkedIn](https://www.linkedin.com/company/aikido-security/) | [Crunchbase](https://www.crunchbase.com/organization/aikido-security)\n - [Aqua Security](https://www.aquasec.com/) | [LinkedIn](https://www.linkedin.com/company/aquasecteam/) | [Crunchbase](https://www.crunchbase.com/organization/aquasecurity)\n - [ARMO](https://www.armosec.io/) | [LinkedIn](https://www.linkedin.com/company/armosec/) | [Crunchbase](https://www.crunchbase.com/organization/cyber-armor)\n - [Arnica](https://www.arnica.io/) | [LinkedIn](https://www.linkedin.com/company/arnica-io/) | [Crunchbase](https://www.crunchbase.com/organization/arnica-io)\n - [Astrix](https://astrix.security) | [LinkedIn](https://www.linkedin.com/company/astrix-security/) | [Crunchbase](https://www.crunchbase.com/organization/astrix-security)\n - [Avalor](https://www.avalor.io) | [LinkedIn](https://www.linkedin.com/company/avalorsec/) | [Crunchbase](https://www.crunchbase.com/organization/avalor-72e5)\n - [Bright Security](https://brightsec.com/) | [LinkedIn](https://www.linkedin.com/company/neuralegion/) | [Crunchbase](https://www.crunchbase.com/organization/neuralegion)\n - [Chainloop](https://chainloop.dev) | [LinkedIn](https://www.linkedin.com/company/chainloop-dev) | [Crunchbase](https://www.crunchbase.com/organization/chainloop)\n - [Clutch](https://www.clutch.security/) | [LinkedIn](https://www.linkedin.com/company/clutch-security/) | [Crunchbase](https://www.crunchbase.com/organization/clutch-security)\n - [Coalfire](https://www.coalfire.com) | [LinkedIn](https://www.linkedin.com/company/coalfire/) | [Crunchbase](https://www.crunchbase.com/organization/coalfire-system)\n - [Curity](https://curity.io/) | [LinkedIn](https://www.linkedin.com/company/curity/) | [Crunchbase](https://www.crunchbase.com/organization/curity)\n - [Cyera](https://www.cyera.io/) | [LinkedIn](https://www.linkedin.com/company/cyera/) | [Crunchbase](https://www.crunchbase.com/organization/cyera)\n - [Cyscale](https://cyscale.com) | [LinkedIn](https://www.linkedin.com/company/cyscale/) | [Crunchbase](https://www.crunchbase.com/organization/cyscale)\n - [Cyware](https://cyware.com/) | [LinkedIn](https://www.linkedin.com/company/cyware/) | [Crunchbase](https://www.crunchbase.com/organization/cyware)\n - [Darktrace](https://darktrace.com/) | [LinkedIn](https://www.linkedin.com/company/darktrace/) | [Crunchbase](https://www.crunchbase.com/organization/darktrace)\n - [Deepfence](https://www.deepfence.io/) | [LinkedIn](https://www.linkedin.com/company/deepfence-inc) | [Crunchbase](https://www.crunchbase.com/organization/deepfence)\n - [Deepsource](https://deepsource.com) | [LinkedIn](https://www.linkedin.com/company/deepsourcelabs) | [Crunchbase](https://www.crunchbase.com/organization/deepsource)\n - [Eureka Security](https://www.eureka.security/) | [LinkedIn](https://www.linkedin.com/company/eureka-security/) | [Crunchbase](https://www.crunchbase.com/organization/eureka-security)\n - [Endor Labs](https://pangea.cloud/) | [LinkedIn](https://www.linkedin.com/company/endorlabs/insights/) | [Crunchbase](https://www.crunchbase.com/organization/endor-labs)\n - [Entro](https://entro.security) | [LinkedIn](https://www.linkedin.com/company/entro-security/) | [Crunchbase](https://www.crunchbase.com/organization/entro-cf4f)\n - [Gem Security](https://www.gem.security/) | [LinkedIn](https://www.linkedin.com/company/gemsecurity/) | [Crunchbase](https://www.crunchbase.com/organization/gem-f4a1)\n - [GitGuardian](https://www.gitguardian.com/) | [LinkedIn](https://www.linkedin.com/company/gitguardian/) | [Crunchbase](https://www.crunchbase.com/organization/gitguardian)\n - [Grip Security](https://www.grip.security/) | [LinkedIn](https://www.linkedin.com/company/grip-security/) | [Crunchbase](https://www.crunchbase.com/organization/grip-security)\n - [Hunters](https://www.hunters.security/) | [LinkedIn](https://www.linkedin.com/company/hunters-ai/) | [Crunchbase](https://www.crunchbase.com/organization/hunters-ai)\n - [JupiterOne](https://www.jupiterone.com/) | [LinkedIn](https://www.linkedin.com/company/jupiterone/) | [Crunchbase](https://www.crunchbase.com/organization/jupiterone)\n - [Kloudle](https://kloudle.com/) | [LinkedIn](https://www.linkedin.com/company/kloudle/) | [Crunchbase](https://www.crunchbase.com/organization/kloudle)\n - [Lacework](https://www.lacework.com/) | [LinkedIn](https://www.linkedin.com/company/lacework/) | [Crunchbase](https://www.crunchbase.com/organization/lacework)\n - [Lightlytics](https://www.lightlytics.com/) | [LinkedIn](https://www.linkedin.com/company/lightlytics/) | [Crunchbase](https://www.crunchbase.com/organization/lightlytics)\n - [Lineaje](https://www.lineaje.dev/) | [LinkedIn](https://www.linkedin.com/company/lineaje/) | [Crunchbase](https://www.crunchbase.com/organization/lineaje)\n - [Matano](https://matanosecurity.com/) | [LinkedIn](https://www.linkedin.com/company/matanolabs/) | [Crunchbase](https://www.crunchbase.com/organization/matano)\n - [Metomic](https://metomic.io) | [LinkedIn](https://www.linkedin.com/company/metomic/) | [Crunchbase](https://www.crunchbase.com/organization/metomic)\n - [Netwrix](https://www.netwrix.com/) | [LinkedIn](https://www.linkedin.com/company/netwrix-corporation/) | [Crunchbase](https://www.crunchbase.com/organization/netwrix)\n - [Normalyze](https://normalyze.ai/) | [LinkedIn](https://www.linkedin.com/company/normalyze/) | [Crunchbase](https://www.crunchbase.com/organization/normalyze)\n - [Noq](https://www.noq.dev) | [LinkedIn](https://www.linkedin.com/company/noq-software/) | [Crunchbase](https://www.crunchbase.com/organization/noq-software)\n - [OASIS Security](https://www.oasis.security/) | [LinkedIn](https://www.linkedin.com/company/non-human-identity-management-oasis/) | [Crunchbase](https://www.crunchbase.com/organization/oasis-security-ltd)\n - [OpenRaven](https://www.openraven.com) | [Linkedin](https://www.linkedin.com/company/open-raven/) | [Crunchbase](https://www.crunchbase.com/organization/open-raven) \n - [Orca Security](https://orca.security/) | [LinkedIn](https://www.linkedin.com/company/orca-security/) | [Crunchbase](https://www.crunchbase.com/organization/orca-security)\n - [OpsHelm](https://www.opshelm.com/) | [LinkedIn](https://www.linkedin.com/company/opshelm/) | [Crunchbase](https://www.crunchbase.com/organization/opshelm)\n - [Query](https://www.query.ai/) | [LinkedIn](https://www.linkedin.com/company/goquery/) | [Crunchbase](https://www.crunchbase.com/organization/query-ai)\n - [Pangea](https://pangea.cloud/) | [Linkedin](https://www.linkedin.com/company/pangea-cyber/) | [Crunchbase](https://www.crunchbase.com/organization/pengea)\n - [Permiso](https://permiso.io/) | [LinkedIn](https://www.linkedin.com/company/permiso-security/) | [Crunchbase](https://www.crunchbase.com/organization/permiso-security)\n - [PingSafe](https://www.pingsafe.com) | [LinkedIn](https://www.linkedin.com/company/pingsafe/) | [Crunchbase](https://www.crunchbase.com/organization/pingsafe)\n - [Plerion](https://plerion.com) | [LinkedIn](https://www.linkedin.com/company/plerion/) | [Crunchbase](https://www.crunchbase.com/organization/plerion)\n - [Prevasio](https://www.prevasio.io/) | [LinkedIn](https://www.linkedin.com/company/prevasio/) | [Crunchbase](https://www.crunchbase.com/organization/prevasio)\n - [Rapid7](https://www.rapid7.com) | [Linkedin](https://www.linkedin.com/company/rapid7/) | [Crunchbase](https://www.crunchbase.com/organization/rapid7)\n - [Runecast](https://www.runecast.com/) | [LinkedIn](https://www.linkedin.com/company/runecast/) | [Crunchbase](https://www.crunchbase.com/organization/runecast)\n - [RunReveal](https://runreveal.com) | [LinkedIn](https://www.linkedin.com/company/runreveal/) | [Crunchbase](https://www.crunchbase.com/organization/runreveal)\n - [Salt Security](https://salt.security) | [LinkedIn](https://www.linkedin.com/company/saltsecurity/) | [Crunchbase](https://www.crunchbase.com/organization/saltsecurity)\n - [SecureDawn](https://securedawn.com/) | [LinkedIn](https://www.linkedin.com/company/securedawn/) | [Crunchbase](https://www.crunchbase.com/organization/securedawn)\n - [Seemplicity](https://seemplicity.io/) | [LinkedIn](https://www.linkedin.com/company/seemplicity/) | [Crunchbase](https://www.crunchbase.com/organization/seemplicity)\n - [Sentra](https://www.sentra.io/) | [LinkedIn](https://www.linkedin.com/company/sentra-io/) | [Crunchbase](https://www.crunchbase.com/organization/sentra)\n - [Scrut Automation](https://www.scrut.io/) | [LinkedIn](https://www.linkedin.com/company/scrut-automation/) | [Crunchbase](https://www.crunchbase.com/organization/scrut-automation)\n - [Slauth](https://www.slauth.io) | [LinkedIn](https://www.linkedin.com/company/slauth-io/) | [Crunchbase](https://www.crunchbase.com/organization/slauth-io)\n - [Snyk](https://snyk.io/) | [LinkedIn](https://www.linkedin.com/company/snyk/) | [Crunchbase](https://www.crunchbase.com/organization/snyk)\n - [Sonar](https://www.sonarsource.com/) | [LinkedIn](https://www.linkedin.com/company/sonarsource/) | [Crunchbase](https://www.crunchbase.com/organization/sonarsource)\n - [Sonrai Security](https://sonraisecurity.com/) | [LinkedIn](https://www.linkedin.com/company/sonrai-security/) | [Crunchbase](https://www.crunchbase.com/organization/sonrai-security)\n - [Sophos](https://www.sophos.com/) | [LinkedIn](https://www.linkedin.com/company/sophos/) | [Crunchbase](https://www.crunchbase.com/organization/sophos)\n - [Soveren](https://soveren.io/) | [LinkedIn](https://www.linkedin.com/company/soveren-security/) | [Crunchbase](https://www.crunchbase.com/organization/soveren)\n - [Spyderbat](https://www.spyderbat.com/) | [LinkedIn](https://www.linkedin.com/company/spyderbat/) | [Crunchbase](https://www.crunchbase.com/organization/spyderbat)\n - [StrongDM](https://www.strongdm.com/) | [LinkedIn](https://www.linkedin.com/company/strongdm/) | [Crunchbase](https://www.crunchbase.com/organization/strongdm)\n - [Sweet Security](https://www.sweet.security/) | [Linkedin](https://www.linkedin.com/company/sweet-security/) | [Crunchbase](https://www.crunchbase.com/organization/sweet-security)\n - [Tigera](https://www.tigera.io/) | [LinkedIn](https://www.linkedin.com/company/tigera/) | [Crunchbase](https://www.crunchbase.com/organization/tigera)\n - [Tines](https://www.tines.com/) | [LinkedIn](https://www.linkedin.com/company/tines-io/) | [Crunchbase](https://www.crunchbase.com/organization/tines)\n - [Torq](https://torq.io/) | [LinkedIn](https://www.linkedin.com/company/torqio/) | [Crunchbase](https://www.crunchbase.com/organization/stackpulse)\n - [Trellix](https://www.trellix.com/en-us/index.html) | [LinkedIn](https://www.linkedin.com/company/trellixsecurity/) | [Crunchbase](https://www.crunchbase.com/organization/trellix)\n - [Twingate](https://www.twingate.com/) | [LinkedIn](https://www.linkedin.com/company/twingate/) | [Crunchbase](https://www.crunchbase.com/organization/twingate)\n - [UpGuard](https://www.upguard.com/) | [LinkedIn](https://www.linkedin.com/company/upguard/) | [Crunchbase](https://www.crunchbase.com/organization/upguard)\n - [Upwind](https://www.upwind.io/) | [LinkedIn](https://www.linkedin.com/company/upwindsecurity/) | [Crunchbase](https://www.crunchbase.com/organization/upwind-security)\n - [Wazuh](https://wazuh.com) | [LinkedIn](https://www.linkedin.com/company/wazuh/) | [Crunchbase](https://www.crunchbase.com/organization/wazuh)\n - [Wiz](https://www.wiz.io/) | [LinkedIn](https://www.linkedin.com/company/wizsecurity/) | [Crunchbase](https://www.crunchbase.com/organization/wiz-inc)\n\n\n\n## Acquisitions\n\n- Accurics | [LinkedIn](https://www.linkedin.com/company/accurics/) | [Crunchbase](https://www.crunchbase.com/organization/accurics) --\u003e [acquired by Tenable](https://www.tenable.com/press-releases/tenable-completes-acquisition-of-accurics)\n- [Bionic](https://bionic.ai/) | [LinkedIn](https://www.linkedin.com/company/bionicai/) | [Crunchbase](https://www.crunchbase.com/organization/bionic-9498) --\u003e [acquired by Crowdstrike](https://www.crowdstrike.com/press-releases/crowdstrike-to-acquire-bionic-to-extend-cloud-security-leadership/)\n- [Bit Discovery](https://bitdiscovery.com/) | [LinkedIn](https://www.linkedin.com/company/bitdiscovery/) | [Crunchbase](https://www.crunchbase.com/organization/bit-discovery) --\u003e [acquired by Tenable](https://www.tenable.com/press-releases/tenable-completes-acquisition-of-bit-discovery)\n- [Cider Security](https://www.cidersecurity.io/) | [LinkedIn](https://www.linkedin.com/company/cider-security/) | [Crunchbase](https://www.crunchbase.com/organization/cider-security) --\u003e [acquired by Palo Alto Networks](https://www.paloaltonetworks.com/company/press/2022/palo-alto-networks-completes-acquisition-of-cider-security)\n- [Cymptom] | [LinkedIn](https://www.linkedin.com/company/cymptom/) | [Crunchbase](https://www.crunchbase.com/organization/cymptom)--\u003e [acquired by Tenable](https://www.tenable.com/blog/tenables-acquisition-of-cymptom-an-attack-path-informed-approach-to-cybersecurity)\n- [Dig Security](https://www.dig.security) | [LinkedIn](https://www.linkedin.com/company/dig-security/about/) | [Crunchbase](https://www.crunchbase.com/organization/dig-security) --\u003e [acquired by Palo Alto Networks](https://www.paloaltonetworks.com/blog/2023/10/palo-alto-networks-dig-security/)\n- [Ermetic](https://ermetic.com/) | [LinkedIn](https://www.linkedin.com/company/ermetic/) | [Crunchbase](https://www.crunchbase.com/organization/ermetic) --\u003e [acquired by Tenable](https://www.tenable.com/press-releases/tenable-completes-acquisition-of-ermetic)\n- Flawcheck | [Crunchbase](https://www.crunchbase.com/organization/flawcheck) --\u003e [acquired by Tenable](https://www.tenable.com/press-releases/tenable-network-security-acquires-container-security-company-flawcheck)\n- [Gem Security](https://www.gem.security/) | [LinkedIn](https://www.linkedin.com/company/gemsecurity/) | [Crunchbase](https://www.crunchbase.com/organization/gem-f4a1) --\u003e [acquired by Wiz](https://www.wiz.io/blog/wiz-acquires-gem-security-to-reinvent-threat-detection-in-the-cloud)\n- [Isovalent](https://isovalent.com) | [LinkedIn](https://www.linkedin.com/company/isovalent/) | [Crunchbase](https://www.crunchbase.com/organization/covalent-io) --\u003e [acquired by Cisco](https://investor.cisco.com/news/news-details/2023/Cisco-to-Acquire-Isovalent-to-Define-the-Future-of-Multicloud-Networking-and-Security/default.aspx)\n- [Laminar](https://laminarsecurity.com) | [LinkedIn](https://www.linkedin.com/company/laminar-security/) | [Crunchbase](https://www.crunchbase.com/organization/laminar-d49d) --\u003e [acquired by Rubrik](https://www.rubrik.com/blog/company/23/8/rubrik-and-laminar-together-securing-the-worlds-data)\n- [Lightspin](https://www.lightspin.io/) | [LinkedIn](https://www.linkedin.com/company/lightspin) | [Crunchbase](https://www.crunchbase.com/organization/lightspin-technologies-ltd) --\u003e [acquired by Cisco](https://blogs.cisco.com/news/blogs-cisco-com-news-cisco-announces-its-intent-to-acquire-cloud-security-software-company)\n- [Mandiant](https://www.mandiant.com) | [LinkedIn](https://www.linkedin.com/company/mandiant/) | [Crunchbase](https://www.crunchbase.com/organization/mandiant) --\u003e [acquired by Google](https://cloud.google.com/blog/products/identity-security/google-completes-acquisition-of-mandiant)\n- [Raftt](https://www.raftt.io/) | [LinkedIn](https://www.linkedin.com/company/raftt/) | [Crunchbase](https://www.crunchbase.com/organization/raftt) --\u003e [acquired by Wiz](https://www.wiz.io/blog/wiz-acquires-raftt)\n- [Robust Intelligence](https://www.robustintelligence.com/) | [LinkedIn](https://www.linkedin.com/company/robust-intelligence/) | [Crunchbase](https://www.crunchbase.com/organization/robust-intelligence) --\u003e [acquired by Cisco](https://www.linkedin.com/company/robust-intelligence/)\n- Sinefa | [LinkedIn](https://www.linkedin.com/company/sinefa/) | [Crunchbase](https://www.crunchbase.com/organization/sinefa) --\u003e [acquired by Palo Alto Networks](https://www.marketscreener.com/quote/stock/PALO-ALTO-NETWORKS-INC-11067980/news/Palo-Alto-Networks-Inc-completed-the-acquisition-of-Sinefa-Inc-for-27-million-33606776/)\n- [Spera](https://www.spera.security/) | [LinkedIn](https://www.linkedin.com/company/spera-security/) | [Crunchbase](https://www.crunchbase.com/organization/spera-fbce) --\u003e [acquired by Okta](https://www.okta.com/blog/2023/12/okta-acquisition-advances-identity-powered-security/)\n- [Zycada Networks](https://www.zycada.com/) | [LinkedIn](https://www.linkedin.com/company/zycada-networks/) | [Crunchbase](https://www.crunchbase.com/organization/zycada-networks) --\u003e [acquired by Palo Alto Networks](https://www.linkedin.com/posts/subbuvaradarajan_palo-alto-networks-raises-the-bar-delivering-activity-7191854116598435841-v5Rz/)\n\n### Acquisitions by Vendor\n\n#### Palo Alto Networks\nOrdered by date (descending)\n\n- Talon, $825M - Dec 2023\n- Dig Security, $350M - Dec 2023\n- Zycada Networks, undisclosed - April 2023\n- Cider Security, $198M - Dec 2022\n- Expanse, $797M - Dec 2020\n- Crypsis, $228M - Sept 2020\n- Cloudgenix, $403M - April 2020\n- Sinefa, $44M - Nov 2020\n- Aporeto, $144M - Dec 2019\n- Twistlock, $378M - July 2019\n- Demisto, $474M - March 2019\n- RedLock, $158M - Oct 2018\n- Secdo, $83M - April 2018\n- Evident.io, $293M - March 2018\n- Cyvera, $178M - April 2014\n- Bridgecrew, $157M - March 2021\n- Aporeto, $144M - Dec 2019\n- Lightcyber, $103M - Feb 2017\n\n#### Cisco\n- Deep Factor - August 2024\n- Isovalent - December 2023 [blog post](https://blogs.cisco.com/news/defining-the-future-of-multicloud-networking-and-security-cisco-announces-intent-to-acquire-isovalent)\n- Oort - July 2023 [blog](https://blogs.cisco.com/news/cisco-announces-intent-to-acquire-oort)\n- Robust Intelligence - August 2024 [blog post](https://www.crunchbase.com/organization/robust-intelligence)\n\n#### Datadog\nincludes only security-related acquisitions\nOrdered by date (descending)\n- Sqreen - February 2021 [press release](https://www.datadoghq.com/about/latest-news/press-releases/datadog-signs-definitive-agreement-to-acquire-sqreen/)\n- Seekret - April 2022 [press release](https://www.datadoghq.com/about/latest-news/press-releases/datadog-acquires-seekret-to-make-api-observability-accessible/)\n- Hdiv Security - May 2022 [press release](https://investors.datadoghq.com/news-releases/news-release-details/datadog-signs-definitive-agreement-acquire-hdiv-security)\n\n\n#### Tenable\nOrdered by date (descending)\n- Ermetic, $265M - Sept 2023\n- Bit Discovery, $44.5M - April 2022\n- Cymptom, undisclosed - Feb 2022\n- Accurics, $160M - Sept 2021\n- FlawCheck, undisclosed - Oct 2016\n\n\n#### Wiz\nOrdered by date (descending)\n- Gem Security, undisclosed - April 2024\n- Rafft, undisclosed - December 2023\n\n\n## Managed Service Providers\n\n-  [Red Canary](https://redcanary.com/) | [LinkedIn](https://www.linkedin.com/company/redcanary/) | [Crunchbase](https://www.crunchbase.com/organization/red-canary)\n\n## Cloud Platforms\nNative security products offered by the major cloud platforms (AWS, GCP, Azure)\n\n- [AWS Shared Responsibility Model](https://aws.amazon.com/compliance/shared-responsibility-model/)\n- [GCP Shared responsibilities and shared fate on Google Cloud](https://cloud.google.com/architecture/framework/security/shared-responsibility-shared-fate)\n- [Azure Shared Responsibility in the cloud](https://learn.microsoft.com/en-us/azure/security/fundamentals/shared-responsibility)\n- [DigitalOcean Shared Responsibliity Model](https://www.digitalocean.com/security/shared-responsibility-model)\n\n\n### GCP\n- [Chronicle Security Operations](https://chronicle.security)\n- [Chronicle SOAR](https://cloud.google.com/chronicle/docs/soar/overview-and-introduction/soar-overview)\n- [Chronicle SIEM](https://cloud.google.com/chronicle/docs/overview)\n\n### AWS\n- [AWS Cloud Security](https://aws.amazon.com/security/)\n- [Amazon Detective](https://aws.amazon.com/detective)\n- [Amazon GuardDuty](https://aws.amazon.com/guardduty/)\n- [Amazon Security Lake](https://aws.amazon.com/security-lake)\n- [AWS Artifact](https://aws.amazon.com/artifact/)\n- [AWS Audit Manager](https://aws.amazon.com/audit-manager/)\n- [AWS Config](https://aws.amazon.com/config)\n- [AWS Security Hub](https://aws.amazon.com/security-hub/)\n- [AWS Trusted Advisor](https://aws.amazon.com/premiumsupport/technology/trusted-advisor/)\n\n### Azure / Microsoft\n- [Azure Security](https://azure.microsoft.com/en-us/explore/security)\n- [Azure Policy](https://azure.microsoft.com/en-us/products/azure-policy/)\n- [Microsoft Compliance](https://learn.microsoft.com/en-us/compliance/)\n- [Microsoft Defender for Cloud](https://azure.microsoft.com/en-us/products/defender-for-cloud/)\n- [Microsoft Sentinel](https://www.microsoft.com/de-de/security/business/siem-and-xdr/microsoft-sentinel)\n\n# Open Source Projects\n- [Altimeter](https://github.com/tableau/altimeter)\n- [AWS Firewall Factory](https://github.com/globaldatanet/aws-firewall-factory)\n- [BloodHound](https://github.com/BloodHoundAD/BloodHound)\n- [Cartography](https://github.com/lyft/cartography)\n- [Chainloop](https://github.com/chainloop-dev/chainloop)\n- [Checkov](https://github.com/bridgecrewio/checkov)\n- [Cilium](https://github.com/cilium/)\n- [Cloudbeat](https://github.com/elastic/cloudbeat)\n- [Cloudquery](https://github.com/cloudquery/cloudquery)\n- [CloudSploit](https://github.com/aquasecurity/cloudsploit)\n- [DefectDojo](https://github.com/DefectDojo/django-DefectDojo)\n- [Falco](https://github.com/falcosecurity/falco)\n- [Fix Inventory](https://github.com/someengineering/fixinventory)\n- [Gapps](https://github.com/bmarsh9/gapps)\n- [Greenbone OpenVAS Scanner](https://github.com/greenbone/openvas-scanner)\n- [KubeArmor](https://github.com/kubearmor/KubeArmor)\n- [KubeScape](https://github.com/kubescape/kubescape)\n- [Magpie](https://github.com/openraven/magpie)\n- [Prowler](https://github.com/prowler-cloud/prowler)\n- [S3Scanner](https://github.com/sa7mon/S3Scanner)\n- [Sadcloud](https://github.com/nccgroup/sadcloud)\n- [ScoutSuite](https://github.com/nccgroup/ScoutSuite)\n- [Steampipe](https://github.com/turbot/steampipe)\n- [tfsec](https://github.com/aquasecurity/tfsec)\n- [ThreatMapper](https://github.com/deepfence/threatmapper)\n- [trivy](https://github.com/aquasecurity/trivy)\n- [Wazuh](https://github.com/wazuh/wazuh)\n- [ZeusCloud](https://github.com/Zeus-Labs/ZeusCloud)\n\n# Security Categories / Glossary\n- AI-SPM - AI Security Posture Management\n- ASPM - Application Security Posture Management\n- CAASM - Cyber Asset Attack Surface Management\n- CASB - Cloud Access Security Brokers\n- CCO - Corporate Compliance and Oversight\n- CDR - Cloud Detection and Response\n- CIEM - Cloud Infrastructure Entitlement Management\n- CNAPP - Cloud-native Application Protection Platform\n- CSPM - Cloud Security Posture Management\n- CWPP - Cloud Workload Protection Platform\n- CTEM - Continuous Threat Exposure Management \n- DSPM - Data Security Posture Management\n- EDR - Endpoint Detection and Response \n- GRC - Governance, Risk and Compliance\n- IGA - Identity Governance Administration\n- ITDR - Identity Threat Detection and Response\n- KSPM - Kubernetes Security Posture Management\n- MDR - Managed Detection and Response\n- PAM - Privileged Access Management\n- SIEM - Security Information and Event Management\n- SOAR - Security Orchestration, Automation and Response\n- SOC - Security Operations Center\n- XDR - Extended Detection and Response\n- XSIAM - Extended Security Intelligence and Automation Management\n\n# Security Resources\n- Nextdoor CSPM Evaluation Matrix [GitHub](https://github.com/Nextdoor/cspm_evaluation_matrix)\n- Simple CSPM - GCP CSPM using Google Sheets [GitHub](https://github.com/somethingnew2-0/SimpleCSPM)\n- Prisma Cloud Channel Resource [GitHub](https://github.com/PaloAltoNetworks/prisma_channel_resources#prisma-cloud-channel-resources)\n- What is eBPF? [eBPF Docs](https://ebpf.io/what-is-ebpf/)\n- Building a Security Graph Application on Amazon Neptune [GitHub](https://github.com/aws/graph-notebook/blob/main/src/graph_notebook/notebooks/03-Sample-Applications/04-Security-Graphs/01-Building-a-Security-Graph-Application-with-openCypher.ipynb)\n\n# Security Newsletters\n- [CloudSecList](https://cloudseclist.com) by [Marco Lancini](https://www.linkedin.com/in/marcolancini/)\n- [Frankly Speaking](https://franklyspeaking.substack.com) by [Frank Wang](https://www.linkedin.com/in/frankw1/)\n- [Securing the Cloud](https://www.linkedin.com/newsletters/securing-the-cloud-7085768785009274880/) by [Brandon Carroll](https://www.linkedin.com/in/brandoncarroll/)\n- [tl;dr sec](https://tldrsec.com) by [Clint Gibler](https://www.linkedin.com/in/clintgibler/)\n- [Venture in Security](https://ventureinsecurity.net) by [Ross Haleliuk](https://www.linkedin.com/in/rosshaleliuk/)\n\n# Security Podcasts\n- [Brakeing Down Security](https://brakeingsecurity.com)\n- [CISO Tradecraft](https://cisotradecraft.com)\n- [CyberWire Daily](https://thecyberwire.com/podcasts/daily-podcast)\n- [Darknet Diaries](https://darknetdiaries.com)\n- [Google Cloud Security Podcast](https://cloud.withgoogle.com/cloudsecurity/podcast/)\n- [Hacking Humans](https://thecyberwire.com/podcasts/hacking-humans)\n- [Malicious Life](https://malicious.life/)\n- [Risky Business](https://risky.biz/)\n- [Security Now](https://twit.tv/shows/security-now)\n- [Smashing Security](https://smashingsecurity.com)\n- [Privacy, Security, \u0026 OSINT Show](https://inteltechniques.com/podcast.html)\n- [Social-Engineer Podcast](https://www.social-engineer.org/category/podcast/)\n- [Unsupervised Learning](https://omny.fm/shows/unsupervised-learning)\n  \n# Security Frameworks\n- [CIS Benchmarks List](https://www.cisecurity.org/cis-benchmarks)\n- [CIS AWS Benchmarks](https://www.cisecurity.org/benchmark/amazon_web_services)\n- [CIS Google Cloud Computing Platform Benchmarks](https://www.cisecurity.org/benchmark/google_cloud_computing_platform)\n- [CIS Microsoft Azure Benchmarks](https://www.cisecurity.org/benchmark/azure)\n- [CIS Oracle Cloud Benchmark](/www.cisecurity.org/benchmark/oracle_cloud)\n- [ISO 27001](https://www.iso.org/standard/27001)/[27002](https://www.iso.org/standard/75652.html)\n- [NIST Security and Privacy Controls for Information Systems and Organizations](https://csrc.nist.gov/pubs/sp/800/53/r5/upd1/final)\n- [NIS 2](https://digital-strategy.ec.europa.eu/en/policies/nis2-directive)\n- [System and Organization Controls (SOC)](https://www.aicpa-cima.com/resources/landing/system-and-organization-controls-soc-suite-of-services)\n\n# Cyber Insurance\n- [Anzen](https://www.anzen.com/) | [LinkedIn](https://www.linkedin.com/company/goanzen/)\n\n# Conferences\n\n## Community\n- [Chaos Communication Congress](https://events.ccc.de/en/congress/)\n- [DEF CON](https://www.defcon.org/)\n- [GrrCon](https://grrcon.com/)\n- [Hackers on Planet Earth (HOPE)](https://hope.net/)\n- [HushCon](https://hushcon.com/)\n- [Nullcon](https://nullcon.net/)\n- [OWASP](https://owasp.org/)\n- [Security BSides](https://bsides.org/)\n- [ShmooCon](https://shmoocon.org/)\n- [THOTCON](https://thotcon.org/)\n- [ToorCon](https://toorcon.net/)\n- [Wild West Hackin' Fest](https://www.wildwesthackinfest.com/)\n\n## Industry\n- [AWS re:Invent](https://reinvent.awsevents.com/)\n- [Billington Cybersecurity Summit](https://billingtoncybersummit.com/)\n- [Black Hat](https://www.blackhat.com/)\n- [Cyber Security \u0026 Cloud Expo](https://www.cybersecuritycloudexpo.com/)\n- [Cybersec Europe](https://www.cyberseceurope.com/)\n- [Cybersecurity Summit](https://cybersecuritysumm.it/)\n- [CyberTech Global](https://www.cybertechconference.com/)\n- [Deutscher IT Security Congress](https://www.pco-online.de/kongress2024)\n- [fwd:cloudsec](https://fwdcloudsec.org)\n- [FS-ISAC Summit](https://www.fsisac.com/events)\n- [Gartner Security \u0026 Risk Management Summit](https://www.gartner.com/en/conferences/hub/security-conferences)\n- [Infosecurity Europe](https://www.infosecurityeurope.com/)\n- [Interop Tokyo](https://www.interop.jp/)\n- [IOT Solutions World Congress](https://www.iotsworldcongress.com/)\n- [ISACA North America Conference](https://www.isaca.org/training-and-events/conferences/isaca-north-america-conference)\n- [it-sa](https://www.itsa365.de/en/it-sa-expo-congress/exhibition-info)\n- [RSA Conference](https://www.rsaconference.com/)\n- [SANS Cyber Threat Intelligence Summit](https://www.sans.org/event)\n- [Sector](https://www.blackhat.com/sector/)\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fpaulveillard%2Fcybersecurity-cloud-security","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fpaulveillard%2Fcybersecurity-cloud-security","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fpaulveillard%2Fcybersecurity-cloud-security/lists"}