{"id":19852497,"url":"https://github.com/someengineering/cloud-security-list","last_synced_at":"2025-04-10T02:28:03.640Z","repository":{"id":182070693,"uuid":"667366339","full_name":"someengineering/cloud-security-list","owner":"someengineering","description":"A list of cloud security tools and vendors.","archived":false,"fork":false,"pushed_at":"2024-09-06T20:00:48.000Z","size":278,"stargazers_count":155,"open_issues_count":2,"forks_count":25,"subscribers_count":13,"default_branch":"main","last_synced_at":"2025-04-02T18:53:49.609Z","etag":null,"topics":["attack-surface-management","aws","azure","cnapp","cspm","dspm","gcp","security","siem"],"latest_commit_sha":null,"homepage":"","language":null,"has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"cc0-1.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/someengineering.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2023-07-17T10:44:39.000Z","updated_at":"2025-03-19T20:18:09.000Z","dependencies_parsed_at":"2023-10-24T15:39:51.239Z","dependency_job_id":"2f8947a5-0a78-4c5f-b12d-de54f2faea07","html_url":"https://github.com/someengineering/cloud-security-list","commit_stats":null,"previous_names":["someengineering/awesome-cloud-infrastructure-security","someengineering/cloud-security-list"],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/someengineering%2Fcloud-security-list","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/someengineering%2Fcloud-security-list/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/someengineering%2Fcloud-security-list/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/someengineering%2Fcloud-security-list/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/someengineering","download_url":"https://codeload.github.com/someengineering/cloud-security-list/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":248143898,"owners_count":21054841,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["attack-surface-management","aws","azure","cnapp","cspm","dspm","gcp","security","siem"],"created_at":"2024-11-12T14:03:04.713Z","updated_at":"2025-04-10T02:28:03.605Z","avatar_url":"https://github.com/someengineering.png","language":null,"readme":"Cloud security engineers are notoriously overworked and under-resourced. This curated list has links to tools, frameworks and resources to make their lives easier. \n\n# Threat Research \n - [Cloud Security Alliance Research](https://cloudsecurityalliance.org/research/) \n - [Datadog Security Labs](https://securitylabs.datadoghq.com/)\n - [Elastic Security Labs](https://www.elastic.co/security-labs)\n - [Google Project Zero](https://googleprojectzero.blogspot.com/)\n - [Microsoft Security Response Center](https://www.microsoft.com/en-us/msrc)\n - [Orca Research Pod](https://orca.security/about/orca-research-pod/) \n - [Rapid7 Research](https://www.rapid7.com/research/) \n - [Sysdig Threat Research](https://sysdig.com/threat-research/)\n - [Team Nautilus by Aqua Security](https://www.aquasec.com/research/) \n - [Unit 42 by Palo Alto Networks](https://unit42.paloaltonetworks.com/)\n - [Wiz Cloud Threat Landscape](https://threats.wiz.io/)\n\n\n# Security Vendors\n\n## Publicly listed vendors\n\nThese are vendors with publicly traded stocks. The links lead to a vendor's website, LinkedIn company page and the stock price on [Yahoo! Finance](https://finance.yahoo.com/). \n\n - [Check Point](https://www.checkpoint.com/) | [LinkedIn](https://www.linkedin.com/company/check-point-software-technologies/about/) | [CHKP](https://finance.yahoo.com/quote/CHKP/)\n - [Cisco](https://www-cloud.cisco.com/site/us/en/products/security/index.html) | [LinkedIn](https://www.linkedin.com/company/cisco/) | [CSCO](https://finance.yahoo.com/quote/CSCO/)\n - [CloudFlare](https://www.cloudflare.com) | [LinkedIn](https://www.linkedin.com/company/cloudflare/) | [NET](https://finance.yahoo.com/quote/NET/)\n - [CrowdStrike](https://www.crowdstrike.com/) | [LinkedIn](https://www.linkedin.com/company/crowdstrike/) | [CRWD](https://finance.yahoo.com/quote/CRWD)\n - [CyberArk](https://www.cyberark.com) | [LinkedIn](https://www.linkedin.com/company/cyber-ark-software/) | [CYBR](https://finance.yahoo.com/quote/CYBR/) \n - [Datadog](https://www.datadoghq.com/) | [LinkedIn](https://www.linkedin.com/company/datadog/about/) | [DDOG](https://finance.yahoo.com/quote/ddog)\n - [Fortinet](https://www.fortinet.com) | [LinkedIn](https://www.linkedin.com/company/fortinet/) | [FTNT](https://finance.yahoo.com/quote/FTNT/)\n - [Palo Alto Networks](https://www.paloaltonetworks.com/) | [LinkedIn](https://www.linkedin.com/company/palo-alto-networks) | [PANW](https://finance.yahoo.com/quote/PANW)\n - [Qualys](https://www.qualys.com/) | [LinkedIn](https://www.linkedin.com/company/qualys) | [QLYS](https://finance.yahoo.com/quote/QLYS)\n - [Radware](https://www.radware.com/) | [LinkedIn](https://www.linkedin.com/company/radware/about/) | [RDWR](https://finance.yahoo.com/quote/RDWR)\n - [SentinelOne](https://www.sentinelone.com/) | [LinkedIn](https://www.linkedin.com/company/sentinelone) | [S](https://finance.yahoo.com/quote/S)\n - [Tenable](https://www.tenable.com/) | [LinkedIn](https://www.linkedin.com/company/tenableinc) | [TENB](https://finance.yahoo.com/quote/TENB)\n - [Varonis](https://www.varonis.com/) | [LinkedIn](https://www.linkedin.com/company/varonis/) | [VRNS](https://finance.yahoo.com/quote/VRNS/)\n - [Zscaler](https://www.zscaler.com/) | [LinkedIn](https://www.linkedin.com/company/zscaler/) | [ZS](https://finance.yahoo.com/quote/ZS)\n\n### Formerly listed\n - [HashiCorp](https://www.hashicorp.com) | [LinkedIn](https://www.linkedin.com/company/hashicorp/) | [HCP](https://finance.yahoo.com/quote/HCP)\n - [Splunk](https://www.splunk.com/) | [LinkedIn](https://www.linkedin.com/company/splunk/) | [SPLK](https://finance.yahoo.com/quote/SPLK)\n\n\n## Private Vendors\nVenture-funded companies\n\n - [AccuKnox](https://www.accuknox.com/) | [LinkedIn](https://www.linkedin.com/company/accuknox/) | [Crunchbase](https://www.crunchbase.com/organization/accuknox)\n - [Aikido](https://www.aikido.dev/) | [LinkedIn](https://www.linkedin.com/company/aikido-security/) | [Crunchbase](https://www.crunchbase.com/organization/aikido-security)\n - [Aqua Security](https://www.aquasec.com/) | [LinkedIn](https://www.linkedin.com/company/aquasecteam/) | [Crunchbase](https://www.crunchbase.com/organization/aquasecurity)\n - [ARMO](https://www.armosec.io/) | [LinkedIn](https://www.linkedin.com/company/armosec/) | [Crunchbase](https://www.crunchbase.com/organization/cyber-armor)\n - [Arnica](https://www.arnica.io/) | [LinkedIn](https://www.linkedin.com/company/arnica-io/) | [Crunchbase](https://www.crunchbase.com/organization/arnica-io)\n - [Astrix](https://astrix.security) | [LinkedIn](https://www.linkedin.com/company/astrix-security/) | [Crunchbase](https://www.crunchbase.com/organization/astrix-security)\n - [Avalor](https://www.avalor.io) | [LinkedIn](https://www.linkedin.com/company/avalorsec/) | [Crunchbase](https://www.crunchbase.com/organization/avalor-72e5)\n - [Bright Security](https://brightsec.com/) | [LinkedIn](https://www.linkedin.com/company/neuralegion/) | [Crunchbase](https://www.crunchbase.com/organization/neuralegion)\n - [Chainloop](https://chainloop.dev) | [LinkedIn](https://www.linkedin.com/company/chainloop-dev) | [Crunchbase](https://www.crunchbase.com/organization/chainloop)\n - [Clutch](https://www.clutch.security/) | [LinkedIn](https://www.linkedin.com/company/clutch-security/) | [Crunchbase](https://www.crunchbase.com/organization/clutch-security)\n - [Coalfire](https://www.coalfire.com) | [LinkedIn](https://www.linkedin.com/company/coalfire/) | [Crunchbase](https://www.crunchbase.com/organization/coalfire-system)\n - [Curity](https://curity.io/) | [LinkedIn](https://www.linkedin.com/company/curity/) | [Crunchbase](https://www.crunchbase.com/organization/curity)\n - [Cyera](https://www.cyera.io/) | [LinkedIn](https://www.linkedin.com/company/cyera/) | [Crunchbase](https://www.crunchbase.com/organization/cyera)\n - [Cyscale](https://cyscale.com) | [LinkedIn](https://www.linkedin.com/company/cyscale/) | [Crunchbase](https://www.crunchbase.com/organization/cyscale)\n - [Cyware](https://cyware.com/) | [LinkedIn](https://www.linkedin.com/company/cyware/) | [Crunchbase](https://www.crunchbase.com/organization/cyware)\n - [Darktrace](https://darktrace.com/) | [LinkedIn](https://www.linkedin.com/company/darktrace/) | [Crunchbase](https://www.crunchbase.com/organization/darktrace)\n - [Deepfence](https://www.deepfence.io/) | [LinkedIn](https://www.linkedin.com/company/deepfence-inc) | [Crunchbase](https://www.crunchbase.com/organization/deepfence)\n - [Deepsource](https://deepsource.com) | [LinkedIn](https://www.linkedin.com/company/deepsourcelabs) | [Crunchbase](https://www.crunchbase.com/organization/deepsource)\n - [Eureka Security](https://www.eureka.security/) | [LinkedIn](https://www.linkedin.com/company/eureka-security/) | [Crunchbase](https://www.crunchbase.com/organization/eureka-security)\n - [Endor Labs](https://pangea.cloud/) | [LinkedIn](https://www.linkedin.com/company/endorlabs/insights/) | [Crunchbase](https://www.crunchbase.com/organization/endor-labs)\n - [Entro](https://entro.security) | [LinkedIn](https://www.linkedin.com/company/entro-security/) | [Crunchbase](https://www.crunchbase.com/organization/entro-cf4f)\n - [Gem Security](https://www.gem.security/) | [LinkedIn](https://www.linkedin.com/company/gemsecurity/) | [Crunchbase](https://www.crunchbase.com/organization/gem-f4a1)\n - [GitGuardian](https://www.gitguardian.com/) | [LinkedIn](https://www.linkedin.com/company/gitguardian/) | [Crunchbase](https://www.crunchbase.com/organization/gitguardian)\n - [Grip Security](https://www.grip.security/) | [LinkedIn](https://www.linkedin.com/company/grip-security/) | [Crunchbase](https://www.crunchbase.com/organization/grip-security)\n - [Hunters](https://www.hunters.security/) | [LinkedIn](https://www.linkedin.com/company/hunters-ai/) | [Crunchbase](https://www.crunchbase.com/organization/hunters-ai)\n - [JupiterOne](https://www.jupiterone.com/) | [LinkedIn](https://www.linkedin.com/company/jupiterone/) | [Crunchbase](https://www.crunchbase.com/organization/jupiterone)\n - [Kloudle](https://kloudle.com/) | [LinkedIn](https://www.linkedin.com/company/kloudle/) | [Crunchbase](https://www.crunchbase.com/organization/kloudle)\n - [Lacework](https://www.lacework.com/) | [LinkedIn](https://www.linkedin.com/company/lacework/) | [Crunchbase](https://www.crunchbase.com/organization/lacework)\n - [Lightlytics](https://www.lightlytics.com/) | [LinkedIn](https://www.linkedin.com/company/lightlytics/) | [Crunchbase](https://www.crunchbase.com/organization/lightlytics)\n - [Lineaje](https://www.lineaje.dev/) | [LinkedIn](https://www.linkedin.com/company/lineaje/) | [Crunchbase](https://www.crunchbase.com/organization/lineaje)\n - [Matano](https://matanosecurity.com/) | [LinkedIn](https://www.linkedin.com/company/matanolabs/) | [Crunchbase](https://www.crunchbase.com/organization/matano)\n - [Metomic](https://metomic.io) | [LinkedIn](https://www.linkedin.com/company/metomic/) | [Crunchbase](https://www.crunchbase.com/organization/metomic)\n - [Netwrix](https://www.netwrix.com/) | [LinkedIn](https://www.linkedin.com/company/netwrix-corporation/) | [Crunchbase](https://www.crunchbase.com/organization/netwrix)\n - [Normalyze](https://normalyze.ai/) | [LinkedIn](https://www.linkedin.com/company/normalyze/) | [Crunchbase](https://www.crunchbase.com/organization/normalyze)\n - [Noq](https://www.noq.dev) | [LinkedIn](https://www.linkedin.com/company/noq-software/) | [Crunchbase](https://www.crunchbase.com/organization/noq-software)\n - [OASIS Security](https://www.oasis.security/) | [LinkedIn](https://www.linkedin.com/company/non-human-identity-management-oasis/) | [Crunchbase](https://www.crunchbase.com/organization/oasis-security-ltd)\n - [OpenRaven](https://www.openraven.com) | [Linkedin](https://www.linkedin.com/company/open-raven/) | [Crunchbase](https://www.crunchbase.com/organization/open-raven) \n - [Orca Security](https://orca.security/) | [LinkedIn](https://www.linkedin.com/company/orca-security/) | [Crunchbase](https://www.crunchbase.com/organization/orca-security)\n - [OpsHelm](https://www.opshelm.com/) | [LinkedIn](https://www.linkedin.com/company/opshelm/) | [Crunchbase](https://www.crunchbase.com/organization/opshelm)\n - [Query](https://www.query.ai/) | [LinkedIn](https://www.linkedin.com/company/goquery/) | [Crunchbase](https://www.crunchbase.com/organization/query-ai)\n - [Pangea](https://pangea.cloud/) | [Linkedin](https://www.linkedin.com/company/pangea-cyber/) | [Crunchbase](https://www.crunchbase.com/organization/pengea)\n - [Permiso](https://permiso.io/) | [LinkedIn](https://www.linkedin.com/company/permiso-security/) | [Crunchbase](https://www.crunchbase.com/organization/permiso-security)\n - [PingSafe](https://www.pingsafe.com) | [LinkedIn](https://www.linkedin.com/company/pingsafe/) | [Crunchbase](https://www.crunchbase.com/organization/pingsafe)\n - [Plerion](https://plerion.com) | [LinkedIn](https://www.linkedin.com/company/plerion/) | [Crunchbase](https://www.crunchbase.com/organization/plerion)\n - [Prevasio](https://www.prevasio.io/) | [LinkedIn](https://www.linkedin.com/company/prevasio/) | [Crunchbase](https://www.crunchbase.com/organization/prevasio)\n - [Rapid7](https://www.rapid7.com) | [Linkedin](https://www.linkedin.com/company/rapid7/) | [Crunchbase](https://www.crunchbase.com/organization/rapid7)\n - [Runecast](https://www.runecast.com/) | [LinkedIn](https://www.linkedin.com/company/runecast/) | [Crunchbase](https://www.crunchbase.com/organization/runecast)\n - [RunReveal](https://runreveal.com) | [LinkedIn](https://www.linkedin.com/company/runreveal/) | [Crunchbase](https://www.crunchbase.com/organization/runreveal)\n - [Salt Security](https://salt.security) | [LinkedIn](https://www.linkedin.com/company/saltsecurity/) | [Crunchbase](https://www.crunchbase.com/organization/saltsecurity)\n - [SecureDawn](https://securedawn.com/) | [LinkedIn](https://www.linkedin.com/company/securedawn/) | [Crunchbase](https://www.crunchbase.com/organization/securedawn)\n - [Seemplicity](https://seemplicity.io/) | [LinkedIn](https://www.linkedin.com/company/seemplicity/) | [Crunchbase](https://www.crunchbase.com/organization/seemplicity)\n - [Sentra](https://www.sentra.io/) | [LinkedIn](https://www.linkedin.com/company/sentra-io/) | [Crunchbase](https://www.crunchbase.com/organization/sentra)\n - [Scrut Automation](https://www.scrut.io/) | [LinkedIn](https://www.linkedin.com/company/scrut-automation/) | [Crunchbase](https://www.crunchbase.com/organization/scrut-automation)\n - [Slauth](https://www.slauth.io) | [LinkedIn](https://www.linkedin.com/company/slauth-io/) | [Crunchbase](https://www.crunchbase.com/organization/slauth-io)\n - [Snyk](https://snyk.io/) | [LinkedIn](https://www.linkedin.com/company/snyk/) | [Crunchbase](https://www.crunchbase.com/organization/snyk)\n - [Sonar](https://www.sonarsource.com/) | [LinkedIn](https://www.linkedin.com/company/sonarsource/) | [Crunchbase](https://www.crunchbase.com/organization/sonarsource)\n - [Sonrai Security](https://sonraisecurity.com/) | [LinkedIn](https://www.linkedin.com/company/sonrai-security/) | [Crunchbase](https://www.crunchbase.com/organization/sonrai-security)\n - [Sophos](https://www.sophos.com/) | [LinkedIn](https://www.linkedin.com/company/sophos/) | [Crunchbase](https://www.crunchbase.com/organization/sophos)\n - [Soveren](https://soveren.io/) | [LinkedIn](https://www.linkedin.com/company/soveren-security/) | [Crunchbase](https://www.crunchbase.com/organization/soveren)\n - [Spyderbat](https://www.spyderbat.com/) | [LinkedIn](https://www.linkedin.com/company/spyderbat/) | [Crunchbase](https://www.crunchbase.com/organization/spyderbat)\n - [StrongDM](https://www.strongdm.com/) | [LinkedIn](https://www.linkedin.com/company/strongdm/) | [Crunchbase](https://www.crunchbase.com/organization/strongdm)\n - [Sweet Security](https://www.sweet.security/) | [Linkedin](https://www.linkedin.com/company/sweet-security/) | [Crunchbase](https://www.crunchbase.com/organization/sweet-security)\n - [Tigera](https://www.tigera.io/) | [LinkedIn](https://www.linkedin.com/company/tigera/) | [Crunchbase](https://www.crunchbase.com/organization/tigera)\n - [Tines](https://www.tines.com/) | [LinkedIn](https://www.linkedin.com/company/tines-io/) | [Crunchbase](https://www.crunchbase.com/organization/tines)\n - [Torq](https://torq.io/) | [LinkedIn](https://www.linkedin.com/company/torqio/) | [Crunchbase](https://www.crunchbase.com/organization/stackpulse)\n - [Trellix](https://www.trellix.com/en-us/index.html) | [LinkedIn](https://www.linkedin.com/company/trellixsecurity/) | [Crunchbase](https://www.crunchbase.com/organization/trellix)\n - [Twingate](https://www.twingate.com/) | [LinkedIn](https://www.linkedin.com/company/twingate/) | [Crunchbase](https://www.crunchbase.com/organization/twingate)\n - [UpGuard](https://www.upguard.com/) | [LinkedIn](https://www.linkedin.com/company/upguard/) | [Crunchbase](https://www.crunchbase.com/organization/upguard)\n - [Upwind](https://www.upwind.io/) | [LinkedIn](https://www.linkedin.com/company/upwindsecurity/) | [Crunchbase](https://www.crunchbase.com/organization/upwind-security)\n - [Wazuh](https://wazuh.com) | [LinkedIn](https://www.linkedin.com/company/wazuh/) | [Crunchbase](https://www.crunchbase.com/organization/wazuh)\n - [Wiz](https://www.wiz.io/) | [LinkedIn](https://www.linkedin.com/company/wizsecurity/) | [Crunchbase](https://www.crunchbase.com/organization/wiz-inc)\n\n\n\n## Acquisitions\n\n- Accurics | [LinkedIn](https://www.linkedin.com/company/accurics/) | [Crunchbase](https://www.crunchbase.com/organization/accurics) --\u003e [acquired by Tenable](https://www.tenable.com/press-releases/tenable-completes-acquisition-of-accurics)\n- [Bionic](https://bionic.ai/) | [LinkedIn](https://www.linkedin.com/company/bionicai/) | [Crunchbase](https://www.crunchbase.com/organization/bionic-9498) --\u003e [acquired by Crowdstrike](https://www.crowdstrike.com/press-releases/crowdstrike-to-acquire-bionic-to-extend-cloud-security-leadership/)\n- [Bit Discovery](https://bitdiscovery.com/) | [LinkedIn](https://www.linkedin.com/company/bitdiscovery/) | [Crunchbase](https://www.crunchbase.com/organization/bit-discovery) --\u003e [acquired by Tenable](https://www.tenable.com/press-releases/tenable-completes-acquisition-of-bit-discovery)\n- [Cider Security](https://www.cidersecurity.io/) | [LinkedIn](https://www.linkedin.com/company/cider-security/) | [Crunchbase](https://www.crunchbase.com/organization/cider-security) --\u003e [acquired by Palo Alto Networks](https://www.paloaltonetworks.com/company/press/2022/palo-alto-networks-completes-acquisition-of-cider-security)\n- [Cymptom] | [LinkedIn](https://www.linkedin.com/company/cymptom/) | [Crunchbase](https://www.crunchbase.com/organization/cymptom)--\u003e [acquired by Tenable](https://www.tenable.com/blog/tenables-acquisition-of-cymptom-an-attack-path-informed-approach-to-cybersecurity)\n- [Dig Security](https://www.dig.security) | [LinkedIn](https://www.linkedin.com/company/dig-security/about/) | [Crunchbase](https://www.crunchbase.com/organization/dig-security) --\u003e [acquired by Palo Alto Networks](https://www.paloaltonetworks.com/blog/2023/10/palo-alto-networks-dig-security/)\n- [Ermetic](https://ermetic.com/) | [LinkedIn](https://www.linkedin.com/company/ermetic/) | [Crunchbase](https://www.crunchbase.com/organization/ermetic) --\u003e [acquired by Tenable](https://www.tenable.com/press-releases/tenable-completes-acquisition-of-ermetic)\n- Flawcheck | [Crunchbase](https://www.crunchbase.com/organization/flawcheck) --\u003e [acquired by Tenable](https://www.tenable.com/press-releases/tenable-network-security-acquires-container-security-company-flawcheck)\n- [Gem Security](https://www.gem.security/) | [LinkedIn](https://www.linkedin.com/company/gemsecurity/) | [Crunchbase](https://www.crunchbase.com/organization/gem-f4a1) --\u003e [acquired by Wiz](https://www.wiz.io/blog/wiz-acquires-gem-security-to-reinvent-threat-detection-in-the-cloud)\n- [Isovalent](https://isovalent.com) | [LinkedIn](https://www.linkedin.com/company/isovalent/) | [Crunchbase](https://www.crunchbase.com/organization/covalent-io) --\u003e [acquired by Cisco](https://investor.cisco.com/news/news-details/2023/Cisco-to-Acquire-Isovalent-to-Define-the-Future-of-Multicloud-Networking-and-Security/default.aspx)\n- [Laminar](https://laminarsecurity.com) | [LinkedIn](https://www.linkedin.com/company/laminar-security/) | [Crunchbase](https://www.crunchbase.com/organization/laminar-d49d) --\u003e [acquired by Rubrik](https://www.rubrik.com/blog/company/23/8/rubrik-and-laminar-together-securing-the-worlds-data)\n- [Lightspin](https://www.lightspin.io/) | [LinkedIn](https://www.linkedin.com/company/lightspin) | [Crunchbase](https://www.crunchbase.com/organization/lightspin-technologies-ltd) --\u003e [acquired by Cisco](https://blogs.cisco.com/news/blogs-cisco-com-news-cisco-announces-its-intent-to-acquire-cloud-security-software-company)\n- [Mandiant](https://www.mandiant.com) | [LinkedIn](https://www.linkedin.com/company/mandiant/) | [Crunchbase](https://www.crunchbase.com/organization/mandiant) --\u003e [acquired by Google](https://cloud.google.com/blog/products/identity-security/google-completes-acquisition-of-mandiant)\n- [Raftt](https://www.raftt.io/) | [LinkedIn](https://www.linkedin.com/company/raftt/) | [Crunchbase](https://www.crunchbase.com/organization/raftt) --\u003e [acquired by Wiz](https://www.wiz.io/blog/wiz-acquires-raftt)\n- [Robust Intelligence](https://www.robustintelligence.com/) | [LinkedIn](https://www.linkedin.com/company/robust-intelligence/) | [Crunchbase](https://www.crunchbase.com/organization/robust-intelligence) --\u003e [acquired by Cisco](https://www.linkedin.com/company/robust-intelligence/)\n- Sinefa | [LinkedIn](https://www.linkedin.com/company/sinefa/) | [Crunchbase](https://www.crunchbase.com/organization/sinefa) --\u003e [acquired by Palo Alto Networks](https://www.marketscreener.com/quote/stock/PALO-ALTO-NETWORKS-INC-11067980/news/Palo-Alto-Networks-Inc-completed-the-acquisition-of-Sinefa-Inc-for-27-million-33606776/)\n- [Spera](https://www.spera.security/) | [LinkedIn](https://www.linkedin.com/company/spera-security/) | [Crunchbase](https://www.crunchbase.com/organization/spera-fbce) --\u003e [acquired by Okta](https://www.okta.com/blog/2023/12/okta-acquisition-advances-identity-powered-security/)\n- [Zycada Networks](https://www.zycada.com/) | [LinkedIn](https://www.linkedin.com/company/zycada-networks/) | [Crunchbase](https://www.crunchbase.com/organization/zycada-networks) --\u003e [acquired by Palo Alto Networks](https://www.linkedin.com/posts/subbuvaradarajan_palo-alto-networks-raises-the-bar-delivering-activity-7191854116598435841-v5Rz/)\n\n### Acquisitions by Vendor\n\n#### Palo Alto Networks\nOrdered by date (descending)\n\n- Talon, $825M - Dec 2023\n- Dig Security, $350M - Dec 2023\n- Zycada Networks, undisclosed - April 2023\n- Cider Security, $198M - Dec 2022\n- Expanse, $797M - Dec 2020\n- Crypsis, $228M - Sept 2020\n- Cloudgenix, $403M - April 2020\n- Sinefa, $44M - Nov 2020\n- Aporeto, $144M - Dec 2019\n- Twistlock, $378M - July 2019\n- Demisto, $474M - March 2019\n- RedLock, $158M - Oct 2018\n- Secdo, $83M - April 2018\n- Evident.io, $293M - March 2018\n- Cyvera, $178M - April 2014\n- Bridgecrew, $157M - March 2021\n- Aporeto, $144M - Dec 2019\n- Lightcyber, $103M - Feb 2017\n\n#### Cisco\n- Deep Factor - August 2024\n- Isovalent - December 2023 [blog post](https://blogs.cisco.com/news/defining-the-future-of-multicloud-networking-and-security-cisco-announces-intent-to-acquire-isovalent)\n- Oort - July 2023 [blog](https://blogs.cisco.com/news/cisco-announces-intent-to-acquire-oort)\n- Robust Intelligence - August 2024 [blog post](https://www.crunchbase.com/organization/robust-intelligence)\n\n#### Datadog\nincludes only security-related acquisitions\nOrdered by date (descending)\n- Sqreen - February 2021 [press release](https://www.datadoghq.com/about/latest-news/press-releases/datadog-signs-definitive-agreement-to-acquire-sqreen/)\n- Seekret - April 2022 [press release](https://www.datadoghq.com/about/latest-news/press-releases/datadog-acquires-seekret-to-make-api-observability-accessible/)\n- Hdiv Security - May 2022 [press release](https://investors.datadoghq.com/news-releases/news-release-details/datadog-signs-definitive-agreement-acquire-hdiv-security)\n\n\n#### Tenable\nOrdered by date (descending)\n- Ermetic, $265M - Sept 2023\n- Bit Discovery, $44.5M - April 2022\n- Cymptom, undisclosed - Feb 2022\n- Accurics, $160M - Sept 2021\n- FlawCheck, undisclosed - Oct 2016\n\n\n#### Wiz\nOrdered by date (descending)\n- Gem Security, undisclosed - April 2024\n- Rafft, undisclosed - December 2023\n\n\n## Managed Service Providers\n\n-  [Red Canary](https://redcanary.com/) | [LinkedIn](https://www.linkedin.com/company/redcanary/) | [Crunchbase](https://www.crunchbase.com/organization/red-canary)\n\n## Cloud Platforms\nNative security products offered by the major cloud platforms (AWS, GCP, Azure)\n\n- [AWS Shared Responsibility Model](https://aws.amazon.com/compliance/shared-responsibility-model/)\n- [GCP Shared responsibilities and shared fate on Google Cloud](https://cloud.google.com/architecture/framework/security/shared-responsibility-shared-fate)\n- [Azure Shared Responsibility in the cloud](https://learn.microsoft.com/en-us/azure/security/fundamentals/shared-responsibility)\n- [DigitalOcean Shared Responsibliity Model](https://www.digitalocean.com/security/shared-responsibility-model)\n\n\n### GCP\n- [Chronicle Security Operations](https://chronicle.security)\n- [Chronicle SOAR](https://cloud.google.com/chronicle/docs/soar/overview-and-introduction/soar-overview)\n- [Chronicle SIEM](https://cloud.google.com/chronicle/docs/overview)\n\n### AWS\n- [AWS Cloud Security](https://aws.amazon.com/security/)\n- [Amazon Detective](https://aws.amazon.com/detective)\n- [Amazon GuardDuty](https://aws.amazon.com/guardduty/)\n- [Amazon Security Lake](https://aws.amazon.com/security-lake)\n- [AWS Artifact](https://aws.amazon.com/artifact/)\n- [AWS Audit Manager](https://aws.amazon.com/audit-manager/)\n- [AWS Config](https://aws.amazon.com/config)\n- [AWS Security Hub](https://aws.amazon.com/security-hub/)\n- [AWS Trusted Advisor](https://aws.amazon.com/premiumsupport/technology/trusted-advisor/)\n\n### Azure / Microsoft\n- [Azure Security](https://azure.microsoft.com/en-us/explore/security)\n- [Azure Policy](https://azure.microsoft.com/en-us/products/azure-policy/)\n- [Microsoft Compliance](https://learn.microsoft.com/en-us/compliance/)\n- [Microsoft Defender for Cloud](https://azure.microsoft.com/en-us/products/defender-for-cloud/)\n- [Microsoft Sentinel](https://www.microsoft.com/de-de/security/business/siem-and-xdr/microsoft-sentinel)\n\n# Open Source Projects\n- [Altimeter](https://github.com/tableau/altimeter)\n- [AWS Firewall Factory](https://github.com/globaldatanet/aws-firewall-factory)\n- [BloodHound](https://github.com/BloodHoundAD/BloodHound)\n- [Cartography](https://github.com/lyft/cartography)\n- [Chainloop](https://github.com/chainloop-dev/chainloop)\n- [Checkov](https://github.com/bridgecrewio/checkov)\n- [Cilium](https://github.com/cilium/)\n- [Cloudbeat](https://github.com/elastic/cloudbeat)\n- [Cloudquery](https://github.com/cloudquery/cloudquery)\n- [CloudSploit](https://github.com/aquasecurity/cloudsploit)\n- [DefectDojo](https://github.com/DefectDojo/django-DefectDojo)\n- [Falco](https://github.com/falcosecurity/falco)\n- [Fix Inventory](https://github.com/someengineering/fixinventory)\n- [Gapps](https://github.com/bmarsh9/gapps)\n- [Greenbone OpenVAS Scanner](https://github.com/greenbone/openvas-scanner)\n- [KubeArmor](https://github.com/kubearmor/KubeArmor)\n- [KubeScape](https://github.com/kubescape/kubescape)\n- [Magpie](https://github.com/openraven/magpie)\n- [Prowler](https://github.com/prowler-cloud/prowler)\n- [S3Scanner](https://github.com/sa7mon/S3Scanner)\n- [Sadcloud](https://github.com/nccgroup/sadcloud)\n- [ScoutSuite](https://github.com/nccgroup/ScoutSuite)\n- [Steampipe](https://github.com/turbot/steampipe)\n- [tfsec](https://github.com/aquasecurity/tfsec)\n- [ThreatMapper](https://github.com/deepfence/threatmapper)\n- [trivy](https://github.com/aquasecurity/trivy)\n- [Wazuh](https://github.com/wazuh/wazuh)\n- [ZeusCloud](https://github.com/Zeus-Labs/ZeusCloud)\n\n# Security Categories / Glossary\n- AI-SPM - AI Security Posture Management\n- ASPM - Application Security Posture Management\n- CAASM - Cyber Asset Attack Surface Management\n- CASB - Cloud Access Security Brokers\n- CCO - Corporate Compliance and Oversight\n- CDR - Cloud Detection and Response\n- CIEM - Cloud Infrastructure Entitlement Management\n- CNAPP - Cloud-native Application Protection Platform\n- CSPM - Cloud Security Posture Management\n- CWPP - Cloud Workload Protection Platform\n- CTEM - Continuous Threat Exposure Management \n- DSPM - Data Security Posture Management\n- EDR - Endpoint Detection and Response \n- GRC - Governance, Risk and Compliance\n- IGA - Identity Governance Administration\n- ITDR - Identity Threat Detection and Response\n- KSPM - Kubernetes Security Posture Management\n- MDR - Managed Detection and Response\n- PAM - Privileged Access Management\n- SIEM - Security Information and Event Management\n- SOAR - Security Orchestration, Automation and Response\n- SOC - Security Operations Center\n- XDR - Extended Detection and Response\n- XSIAM - Extended Security Intelligence and Automation Management\n\n# Security Resources\n- Nextdoor CSPM Evaluation Matrix [GitHub](https://github.com/Nextdoor/cspm_evaluation_matrix)\n- Simple CSPM - GCP CSPM using Google Sheets [GitHub](https://github.com/somethingnew2-0/SimpleCSPM)\n- Prisma Cloud Channel Resource [GitHub](https://github.com/PaloAltoNetworks/prisma_channel_resources#prisma-cloud-channel-resources)\n- What is eBPF? [eBPF Docs](https://ebpf.io/what-is-ebpf/)\n- Building a Security Graph Application on Amazon Neptune [GitHub](https://github.com/aws/graph-notebook/blob/main/src/graph_notebook/notebooks/03-Sample-Applications/04-Security-Graphs/01-Building-a-Security-Graph-Application-with-openCypher.ipynb)\n\n# Security Newsletters\n- [CloudSecList](https://cloudseclist.com) by [Marco Lancini](https://www.linkedin.com/in/marcolancini/)\n- [Frankly Speaking](https://franklyspeaking.substack.com) by [Frank Wang](https://www.linkedin.com/in/frankw1/)\n- [Securing the Cloud](https://www.linkedin.com/newsletters/securing-the-cloud-7085768785009274880/) by [Brandon Carroll](https://www.linkedin.com/in/brandoncarroll/)\n- [tl;dr sec](https://tldrsec.com) by [Clint Gibler](https://www.linkedin.com/in/clintgibler/)\n- [Venture in Security](https://ventureinsecurity.net) by [Ross Haleliuk](https://www.linkedin.com/in/rosshaleliuk/)\n\n# Security Podcasts\n- [Brakeing Down Security](https://brakeingsecurity.com)\n- [CISO Tradecraft](https://cisotradecraft.com)\n- [CyberWire Daily](https://thecyberwire.com/podcasts/daily-podcast)\n- [Darknet Diaries](https://darknetdiaries.com)\n- [Google Cloud Security Podcast](https://cloud.withgoogle.com/cloudsecurity/podcast/)\n- [Hacking Humans](https://thecyberwire.com/podcasts/hacking-humans)\n- [Malicious Life](https://malicious.life/)\n- [Risky Business](https://risky.biz/)\n- [Security Now](https://twit.tv/shows/security-now)\n- [Smashing Security](https://smashingsecurity.com)\n- [Privacy, Security, \u0026 OSINT Show](https://inteltechniques.com/podcast.html)\n- [Social-Engineer Podcast](https://www.social-engineer.org/category/podcast/)\n- [Unsupervised Learning](https://omny.fm/shows/unsupervised-learning)\n  \n# Security Frameworks\n- [CIS Benchmarks List](https://www.cisecurity.org/cis-benchmarks)\n- [CIS AWS Benchmarks](https://www.cisecurity.org/benchmark/amazon_web_services)\n- [CIS Google Cloud Computing Platform Benchmarks](https://www.cisecurity.org/benchmark/google_cloud_computing_platform)\n- [CIS Microsoft Azure Benchmarks](https://www.cisecurity.org/benchmark/azure)\n- [CIS Oracle Cloud Benchmark](/www.cisecurity.org/benchmark/oracle_cloud)\n- [ISO 27001](https://www.iso.org/standard/27001)/[27002](https://www.iso.org/standard/75652.html)\n- [NIST Security and Privacy Controls for Information Systems and Organizations](https://csrc.nist.gov/pubs/sp/800/53/r5/upd1/final)\n- [NIS 2](https://digital-strategy.ec.europa.eu/en/policies/nis2-directive)\n- [System and Organization Controls (SOC)](https://www.aicpa-cima.com/resources/landing/system-and-organization-controls-soc-suite-of-services)\n\n# Cyber Insurance\n- [Anzen](https://www.anzen.com/) | [LinkedIn](https://www.linkedin.com/company/goanzen/)\n\n# Conferences\n\n## Community\n- [Chaos Communication Congress](https://events.ccc.de/en/congress/)\n- [DEF CON](https://www.defcon.org/)\n- [GrrCon](https://grrcon.com/)\n- [Hackers on Planet Earth (HOPE)](https://hope.net/)\n- [HushCon](https://hushcon.com/)\n- [Nullcon](https://nullcon.net/)\n- [OWASP](https://owasp.org/)\n- [Security BSides](https://bsides.org/)\n- [ShmooCon](https://shmoocon.org/)\n- [THOTCON](https://thotcon.org/)\n- [ToorCon](https://toorcon.net/)\n- [Wild West Hackin' Fest](https://www.wildwesthackinfest.com/)\n\n## Industry\n- [AWS re:Invent](https://reinvent.awsevents.com/)\n- [Billington Cybersecurity Summit](https://billingtoncybersummit.com/)\n- [Black Hat](https://www.blackhat.com/)\n- [Cyber Security \u0026 Cloud Expo](https://www.cybersecuritycloudexpo.com/)\n- [Cybersec Europe](https://www.cyberseceurope.com/)\n- [Cybersecurity Summit](https://cybersecuritysumm.it/)\n- [CyberTech Global](https://www.cybertechconference.com/)\n- [Deutscher IT Security Congress](https://www.pco-online.de/kongress2024)\n- [fwd:cloudsec](https://fwdcloudsec.org)\n- [FS-ISAC Summit](https://www.fsisac.com/events)\n- [Gartner Security \u0026 Risk Management Summit](https://www.gartner.com/en/conferences/hub/security-conferences)\n- [Infosecurity Europe](https://www.infosecurityeurope.com/)\n- [Interop Tokyo](https://www.interop.jp/)\n- [IOT Solutions World Congress](https://www.iotsworldcongress.com/)\n- [ISACA North America Conference](https://www.isaca.org/training-and-events/conferences/isaca-north-america-conference)\n- [it-sa](https://www.itsa365.de/en/it-sa-expo-congress/exhibition-info)\n- [RSA Conference](https://www.rsaconference.com/)\n- [SANS Cyber Threat Intelligence Summit](https://www.sans.org/event)\n- [Sector](https://www.blackhat.com/sector/)\n","funding_links":[],"categories":["Others"],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsomeengineering%2Fcloud-security-list","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fsomeengineering%2Fcloud-security-list","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsomeengineering%2Fcloud-security-list/lists"}