Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.
Awesome Lists | Featured Topics | Projects
https://github.com/someengineering/cloud-security-list

A list of cloud security tools and vendors.
https://github.com/someengineering/cloud-security-list
attack-surface-management aws azure cnapp cspm dspm gcp security siem
Last synced: 1 day ago
JSON representation
A list of cloud security tools and vendors.
Host: GitHub
URL: https://github.com/someengineering/cloud-security-list
Owner: someengineering
License: cc0-1.0
Created: 2023-07-17T10:44:39.000Z (over 1 year ago)
Default Branch: main
Last Pushed: 2024-09-06T20:00:48.000Z (2 months ago)
Last Synced: 2024-09-06T23:28:45.064Z (2 months ago)
Topics: attack-surface-management, aws, azure, cnapp, cspm, dspm, gcp, security, siem
Homepage:
Size: 271 KB
Stars: 122
Watchers: 12
Forks: 20
Open Issues: 0
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project

README

        Cloud security engineers are notoriously overworked and under-resourced. This curated list has links to tools, frameworks and resources to make their lives easier. 

# Threat Research 

 - [Cloud Security Alliance Research](https://cloudsecurityalliance.org/research/) 

 - [Datadog Security Labs](https://securitylabs.datadoghq.com/)

 - [Elastic Security Labs](https://www.elastic.co/security-labs)

 - [Google Project Zero](https://googleprojectzero.blogspot.com/)

 - [Microsoft Security Response Center](https://www.microsoft.com/en-us/msrc)

 - [Orca Research Pod](https://orca.security/about/orca-research-pod/) 

 - [Rapid7 Research](https://www.rapid7.com/research/) 

 - [Sysdig Threat Research](https://sysdig.com/threat-research/)

 - [Team Nautilus by Aqua Security](https://www.aquasec.com/research/) 

 - [Unit 42 by Palo Alto Networks](https://unit42.paloaltonetworks.com/)

 - [Wiz Cloud Threat Landscape](https://threats.wiz.io/)

# Security Vendors

## Publicly listed vendors

These are vendors with publicly traded stocks. The links lead to a vendor's website, LinkedIn company page and the stock price on [Yahoo! Finance](https://finance.yahoo.com/). 

 - [Check Point](https://www.checkpoint.com/) | [LinkedIn](https://www.linkedin.com/company/check-point-software-technologies/about/) | [CHKP](https://finance.yahoo.com/quote/CHKP/)

 - [Cisco](https://www-cloud.cisco.com/site/us/en/products/security/index.html) | [LinkedIn](https://www.linkedin.com/company/cisco/) | [CSCO](https://finance.yahoo.com/quote/CSCO/)

 - [CloudFlare](https://www.cloudflare.com) | [LinkedIn](https://www.linkedin.com/company/cloudflare/) | [NET](https://finance.yahoo.com/quote/NET/)

 - [CrowdStrike](https://www.crowdstrike.com/) | [LinkedIn](https://www.linkedin.com/company/crowdstrike/) | [CRWD](https://finance.yahoo.com/quote/CRWD)

 - [CyberArk](https://www.cyberark.com) | [LinkedIn](https://www.linkedin.com/company/cyber-ark-software/) | [CYBR](https://finance.yahoo.com/quote/CYBR/) 

 - [Datadog](https://www.datadoghq.com/) | [LinkedIn](https://www.linkedin.com/company/datadog/about/) | [DDOG](https://finance.yahoo.com/quote/ddog)

 - [Fortinet](https://www.fortinet.com) | [LinkedIn](https://www.linkedin.com/company/fortinet/) | [FTNT](https://finance.yahoo.com/quote/FTNT/)

 - [Palo Alto Networks](https://www.paloaltonetworks.com/) | [LinkedIn](https://www.linkedin.com/company/palo-alto-networks) | [PANW](https://finance.yahoo.com/quote/PANW)

 - [Qualys](https://www.qualys.com/) | [LinkedIn](https://www.linkedin.com/company/qualys) | [QLYS](https://finance.yahoo.com/quote/QLYS)

 - [Radware](https://www.radware.com/) | [LinkedIn](https://www.linkedin.com/company/radware/about/) | [RDWR](https://finance.yahoo.com/quote/RDWR)

 - [SentinelOne](https://www.sentinelone.com/) | [LinkedIn](https://www.linkedin.com/company/sentinelone) | [S](https://finance.yahoo.com/quote/S)

 - [Tenable](https://www.tenable.com/) | [LinkedIn](https://www.linkedin.com/company/tenableinc) | [TENB](https://finance.yahoo.com/quote/TENB)

 - [Varonis](https://www.varonis.com/) | [LinkedIn](https://www.linkedin.com/company/varonis/) | [VRNS](https://finance.yahoo.com/quote/VRNS/)

 - [Zscaler](https://www.zscaler.com/) | [LinkedIn](https://www.linkedin.com/company/zscaler/) | [ZS](https://finance.yahoo.com/quote/ZS)

### Formerly listed

 - [HashiCorp](https://www.hashicorp.com) | [LinkedIn](https://www.linkedin.com/company/hashicorp/) | [HCP](https://finance.yahoo.com/quote/HCP)

 - [Splunk](https://www.splunk.com/) | [LinkedIn](https://www.linkedin.com/company/splunk/) | [SPLK](https://finance.yahoo.com/quote/SPLK)

## Private Vendors

Venture-funded companies

 - [AccuKnox](https://www.accuknox.com/) | [LinkedIn](https://www.linkedin.com/company/accuknox/) | [Crunchbase](https://www.crunchbase.com/organization/accuknox)

 - [Aikido](https://www.aikido.dev/) | [LinkedIn](https://www.linkedin.com/company/aikido-security/) | [Crunchbase](https://www.crunchbase.com/organization/aikido-security)

 - [Aqua Security](https://www.aquasec.com/) | [LinkedIn](https://www.linkedin.com/company/aquasecteam/) | [Crunchbase](https://www.crunchbase.com/organization/aquasecurity)

 - [ARMO](https://www.armosec.io/) | [LinkedIn](https://www.linkedin.com/company/armosec/) | [Crunchbase](https://www.crunchbase.com/organization/cyber-armor)

 - [Arnica](https://www.arnica.io/) | [LinkedIn](https://www.linkedin.com/company/arnica-io/) | [Crunchbase](https://www.crunchbase.com/organization/arnica-io)

 - [Astrix](https://astrix.security) | [LinkedIn](https://www.linkedin.com/company/astrix-security/) | [Crunchbase](https://www.crunchbase.com/organization/astrix-security)

 - [Avalor](https://www.avalor.io) | [LinkedIn](https://www.linkedin.com/company/avalorsec/) | [Crunchbase](https://www.crunchbase.com/organization/avalor-72e5)

 - [Bright Security](https://brightsec.com/) | [LinkedIn](https://www.linkedin.com/company/neuralegion/) | [Crunchbase](https://www.crunchbase.com/organization/neuralegion)

 - [Chainloop](https://chainloop.dev) | [LinkedIn](https://www.linkedin.com/company/chainloop-dev) | [Crunchbase](https://www.crunchbase.com/organization/chainloop)

 - [Clutch](https://www.clutch.security/) | [LinkedIn](https://www.linkedin.com/company/clutch-security/) | [Crunchbase](https://www.crunchbase.com/organization/clutch-security)

 - [Coalfire](https://www.coalfire.com) | [LinkedIn](https://www.linkedin.com/company/coalfire/) | [Crunchbase](https://www.crunchbase.com/organization/coalfire-system)

 - [Curity](https://curity.io/) | [LinkedIn](https://www.linkedin.com/company/curity/) | [Crunchbase](https://www.crunchbase.com/organization/curity)

 - [Cyera](https://www.cyera.io/) | [LinkedIn](https://www.linkedin.com/company/cyera/) | [Crunchbase](https://www.crunchbase.com/organization/cyera)

 - [Cyscale](https://cyscale.com) | [LinkedIn](https://www.linkedin.com/company/cyscale/) | [Crunchbase](https://www.crunchbase.com/organization/cyscale)

 - [Cyware](https://cyware.com/) | [LinkedIn](https://www.linkedin.com/company/cyware/) | [Crunchbase](https://www.crunchbase.com/organization/cyware)

 - [Darktrace](https://darktrace.com/) | [LinkedIn](https://www.linkedin.com/company/darktrace/) | [Crunchbase](https://www.crunchbase.com/organization/darktrace)

 - [Deepfence](https://www.deepfence.io/) | [LinkedIn](https://www.linkedin.com/company/deepfence-inc) | [Crunchbase](https://www.crunchbase.com/organization/deepfence)

 - [Deepsource](https://deepsource.com) | [LinkedIn](https://www.linkedin.com/company/deepsourcelabs) | [Crunchbase](https://www.crunchbase.com/organization/deepsource)

 - [Eureka Security](https://www.eureka.security/) | [LinkedIn](https://www.linkedin.com/company/eureka-security/) | [Crunchbase](https://www.crunchbase.com/organization/eureka-security)

 - [Endor Labs](https://pangea.cloud/) | [LinkedIn](https://www.linkedin.com/company/endorlabs/insights/) | [Crunchbase](https://www.crunchbase.com/organization/endor-labs)

 - [Entro](https://entro.security) | [LinkedIn](https://www.linkedin.com/company/entro-security/) | [Crunchbase](https://www.crunchbase.com/organization/entro-cf4f)

 - [Gem Security](https://www.gem.security/) | [LinkedIn](https://www.linkedin.com/company/gemsecurity/) | [Crunchbase](https://www.crunchbase.com/organization/gem-f4a1)

 - [GitGuardian](https://www.gitguardian.com/) | [LinkedIn](https://www.linkedin.com/company/gitguardian/) | [Crunchbase](https://www.crunchbase.com/organization/gitguardian)

 - [Grip Security](https://www.grip.security/) | [LinkedIn](https://www.linkedin.com/company/grip-security/) | [Crunchbase](https://www.crunchbase.com/organization/grip-security)

 - [Hunters](https://www.hunters.security/) | [LinkedIn](https://www.linkedin.com/company/hunters-ai/) | [Crunchbase](https://www.crunchbase.com/organization/hunters-ai)

 - [JupiterOne](https://www.jupiterone.com/) | [LinkedIn](https://www.linkedin.com/company/jupiterone/) | [Crunchbase](https://www.crunchbase.com/organization/jupiterone)

 - [Kloudle](https://kloudle.com/) | [LinkedIn](https://www.linkedin.com/company/kloudle/) | [Crunchbase](https://www.crunchbase.com/organization/kloudle)

 - [Lacework](https://www.lacework.com/) | [LinkedIn](https://www.linkedin.com/company/lacework/) | [Crunchbase](https://www.crunchbase.com/organization/lacework)

 - [Lightlytics](https://www.lightlytics.com/) | [LinkedIn](https://www.linkedin.com/company/lightlytics/) | [Crunchbase](https://www.crunchbase.com/organization/lightlytics)

 - [Lineaje](https://www.lineaje.dev/) | [LinkedIn](https://www.linkedin.com/company/lineaje/) | [Crunchbase](https://www.crunchbase.com/organization/lineaje)

 - [Matano](https://matanosecurity.com/) | [LinkedIn](https://www.linkedin.com/company/matanolabs/) | [Crunchbase](https://www.crunchbase.com/organization/matano)

 - [Metomic](https://metomic.io) | [LinkedIn](https://www.linkedin.com/company/metomic/) | [Crunchbase](https://www.crunchbase.com/organization/metomic)

 - [Netwrix](https://www.netwrix.com/) | [LinkedIn](https://www.linkedin.com/company/netwrix-corporation/) | [Crunchbase](https://www.crunchbase.com/organization/netwrix)

 - [Normalyze](https://normalyze.ai/) | [LinkedIn](https://www.linkedin.com/company/normalyze/) | [Crunchbase](https://www.crunchbase.com/organization/normalyze)

 - [Noq](https://www.noq.dev) | [LinkedIn](https://www.linkedin.com/company/noq-software/) | [Crunchbase](https://www.crunchbase.com/organization/noq-software)

 - [OASIS Security](https://www.oasis.security/) | [LinkedIn](https://www.linkedin.com/company/non-human-identity-management-oasis/) | [Crunchbase](https://www.crunchbase.com/organization/oasis-security-ltd)

 - [OpenRaven](https://www.openraven.com) | [Linkedin](https://www.linkedin.com/company/open-raven/) | [Crunchbase](https://www.crunchbase.com/organization/open-raven) 

 - [Orca Security](https://orca.security/) | [LinkedIn](https://www.linkedin.com/company/orca-security/) | [Crunchbase](https://www.crunchbase.com/organization/orca-security)

 - [OpsHelm](https://www.opshelm.com/) | [LinkedIn](https://www.linkedin.com/company/opshelm/) | [Crunchbase](https://www.crunchbase.com/organization/opshelm)

 - [Query](https://www.query.ai/) | [LinkedIn](https://www.linkedin.com/company/goquery/) | [Crunchbase](https://www.crunchbase.com/organization/query-ai)

 - [Pangea](https://pangea.cloud/) | [Linkedin](https://www.linkedin.com/company/pangea-cyber/) | [Crunchbase](https://www.crunchbase.com/organization/pengea)

 - [Permiso](https://permiso.io/) | [LinkedIn](https://www.linkedin.com/company/permiso-security/) | [Crunchbase](https://www.crunchbase.com/organization/permiso-security)

 - [PingSafe](https://www.pingsafe.com) | [LinkedIn](https://www.linkedin.com/company/pingsafe/) | [Crunchbase](https://www.crunchbase.com/organization/pingsafe)

 - [Plerion](https://plerion.com) | [LinkedIn](https://www.linkedin.com/company/plerion/) | [Crunchbase](https://www.crunchbase.com/organization/plerion)

 - [Prevasio](https://www.prevasio.io/) | [LinkedIn](https://www.linkedin.com/company/prevasio/) | [Crunchbase](https://www.crunchbase.com/organization/prevasio)

 - [Rapid7](https://www.rapid7.com) | [Linkedin](https://www.linkedin.com/company/rapid7/) | [Crunchbase](https://www.crunchbase.com/organization/rapid7)

 - [Runecast](https://www.runecast.com/) | [LinkedIn](https://www.linkedin.com/company/runecast/) | [Crunchbase](https://www.crunchbase.com/organization/runecast)

 - [RunReveal](https://runreveal.com) | [LinkedIn](https://www.linkedin.com/company/runreveal/) | [Crunchbase](https://www.crunchbase.com/organization/runreveal)

 - [Salt Security](https://salt.security) | [LinkedIn](https://www.linkedin.com/company/saltsecurity/) | [Crunchbase](https://www.crunchbase.com/organization/saltsecurity)

 - [SecureDawn](https://securedawn.com/) | [LinkedIn](https://www.linkedin.com/company/securedawn/) | [Crunchbase](https://www.crunchbase.com/organization/securedawn)

 - [Seemplicity](https://seemplicity.io/) | [LinkedIn](https://www.linkedin.com/company/seemplicity/) | [Crunchbase](https://www.crunchbase.com/organization/seemplicity)

 - [Sentra](https://www.sentra.io/) | [LinkedIn](https://www.linkedin.com/company/sentra-io/) | [Crunchbase](https://www.crunchbase.com/organization/sentra)

 - [Scrut Automation](https://www.scrut.io/) | [LinkedIn](https://www.linkedin.com/company/scrut-automation/) | [Crunchbase](https://www.crunchbase.com/organization/scrut-automation)

 - [Slauth](https://www.slauth.io) | [LinkedIn](https://www.linkedin.com/company/slauth-io/) | [Crunchbase](https://www.crunchbase.com/organization/slauth-io)

 - [Snyk](https://snyk.io/) | [LinkedIn](https://www.linkedin.com/company/snyk/) | [Crunchbase](https://www.crunchbase.com/organization/snyk)

 - [Sonar](https://www.sonarsource.com/) | [LinkedIn](https://www.linkedin.com/company/sonarsource/) | [Crunchbase](https://www.crunchbase.com/organization/sonarsource)

 - [Sonrai Security](https://sonraisecurity.com/) | [LinkedIn](https://www.linkedin.com/company/sonrai-security/) | [Crunchbase](https://www.crunchbase.com/organization/sonrai-security)

 - [Sophos](https://www.sophos.com/) | [LinkedIn](https://www.linkedin.com/company/sophos/) | [Crunchbase](https://www.crunchbase.com/organization/sophos)

 - [Soveren](https://soveren.io/) | [LinkedIn](https://www.linkedin.com/company/soveren-security/) | [Crunchbase](https://www.crunchbase.com/organization/soveren)

 - [Spyderbat](https://www.spyderbat.com/) | [LinkedIn](https://www.linkedin.com/company/spyderbat/) | [Crunchbase](https://www.crunchbase.com/organization/spyderbat)

 - [StrongDM](https://www.strongdm.com/) | [LinkedIn](https://www.linkedin.com/company/strongdm/) | [Crunchbase](https://www.crunchbase.com/organization/strongdm)

 - [Sweet Security](https://www.sweet.security/) | [Linkedin](https://www.linkedin.com/company/sweet-security/) | [Crunchbase](https://www.crunchbase.com/organization/sweet-security)

 - [Tigera](https://www.tigera.io/) | [LinkedIn](https://www.linkedin.com/company/tigera/) | [Crunchbase](https://www.crunchbase.com/organization/tigera)

 - [Tines](https://www.tines.com/) | [LinkedIn](https://www.linkedin.com/company/tines-io/) | [Crunchbase](https://www.crunchbase.com/organization/tines)

 - [Torq](https://torq.io/) | [LinkedIn](https://www.linkedin.com/company/torqio/) | [Crunchbase](https://www.crunchbase.com/organization/stackpulse)

 - [Trellix](https://www.trellix.com/en-us/index.html) | [LinkedIn](https://www.linkedin.com/company/trellixsecurity/) | [Crunchbase](https://www.crunchbase.com/organization/trellix)

 - [Twingate](https://www.twingate.com/) | [LinkedIn](https://www.linkedin.com/company/twingate/) | [Crunchbase](https://www.crunchbase.com/organization/twingate)

 - [UpGuard](https://www.upguard.com/) | [LinkedIn](https://www.linkedin.com/company/upguard/) | [Crunchbase](https://www.crunchbase.com/organization/upguard)

 - [Upwind](https://www.upwind.io/) | [LinkedIn](https://www.linkedin.com/company/upwindsecurity/) | [Crunchbase](https://www.crunchbase.com/organization/upwind-security)

 - [Wazuh](https://wazuh.com) | [LinkedIn](https://www.linkedin.com/company/wazuh/) | [Crunchbase](https://www.crunchbase.com/organization/wazuh)

 - [Wiz](https://www.wiz.io/) | [LinkedIn](https://www.linkedin.com/company/wizsecurity/) | [Crunchbase](https://www.crunchbase.com/organization/wiz-inc)

## Acquisitions

- Accurics | [LinkedIn](https://www.linkedin.com/company/accurics/) | [Crunchbase](https://www.crunchbase.com/organization/accurics) --> [acquired by Tenable](https://www.tenable.com/press-releases/tenable-completes-acquisition-of-accurics)

- [Bionic](https://bionic.ai/) | [LinkedIn](https://www.linkedin.com/company/bionicai/) | [Crunchbase](https://www.crunchbase.com/organization/bionic-9498) --> [acquired by Crowdstrike](https://www.crowdstrike.com/press-releases/crowdstrike-to-acquire-bionic-to-extend-cloud-security-leadership/)

- [Bit Discovery](https://bitdiscovery.com/) | [LinkedIn](https://www.linkedin.com/company/bitdiscovery/) | [Crunchbase](https://www.crunchbase.com/organization/bit-discovery) --> [acquired by Tenable](https://www.tenable.com/press-releases/tenable-completes-acquisition-of-bit-discovery)

- [Cider Security](https://www.cidersecurity.io/) | [LinkedIn](https://www.linkedin.com/company/cider-security/) | [Crunchbase](https://www.crunchbase.com/organization/cider-security) --> [acquired by Palo Alto Networks](https://www.paloaltonetworks.com/company/press/2022/palo-alto-networks-completes-acquisition-of-cider-security)

- [Cymptom] | [LinkedIn](https://www.linkedin.com/company/cymptom/) | [Crunchbase](https://www.crunchbase.com/organization/cymptom)--> [acquired by Tenable](https://www.tenable.com/blog/tenables-acquisition-of-cymptom-an-attack-path-informed-approach-to-cybersecurity)

- [Dig Security](https://www.dig.security) | [LinkedIn](https://www.linkedin.com/company/dig-security/about/) | [Crunchbase](https://www.crunchbase.com/organization/dig-security) --> [acquired by Palo Alto Networks](https://www.paloaltonetworks.com/blog/2023/10/palo-alto-networks-dig-security/)

- [Ermetic](https://ermetic.com/) | [LinkedIn](https://www.linkedin.com/company/ermetic/) | [Crunchbase](https://www.crunchbase.com/organization/ermetic) --> [acquired by Tenable](https://www.tenable.com/press-releases/tenable-completes-acquisition-of-ermetic)

- Flawcheck | [Crunchbase](https://www.crunchbase.com/organization/flawcheck) --> [acquired by Tenable](https://www.tenable.com/press-releases/tenable-network-security-acquires-container-security-company-flawcheck)

- [Gem Security](https://www.gem.security/) | [LinkedIn](https://www.linkedin.com/company/gemsecurity/) | [Crunchbase](https://www.crunchbase.com/organization/gem-f4a1) --> [acquired by Wiz](https://www.wiz.io/blog/wiz-acquires-gem-security-to-reinvent-threat-detection-in-the-cloud)

- [Isovalent](https://isovalent.com) | [LinkedIn](https://www.linkedin.com/company/isovalent/) | [Crunchbase](https://www.crunchbase.com/organization/covalent-io) --> [acquired by Cisco](https://investor.cisco.com/news/news-details/2023/Cisco-to-Acquire-Isovalent-to-Define-the-Future-of-Multicloud-Networking-and-Security/default.aspx)

- [Laminar](https://laminarsecurity.com) | [LinkedIn](https://www.linkedin.com/company/laminar-security/) | [Crunchbase](https://www.crunchbase.com/organization/laminar-d49d) --> [acquired by Rubrik](https://www.rubrik.com/blog/company/23/8/rubrik-and-laminar-together-securing-the-worlds-data)

- [Lightspin](https://www.lightspin.io/) | [LinkedIn](https://www.linkedin.com/company/lightspin) | [Crunchbase](https://www.crunchbase.com/organization/lightspin-technologies-ltd) --> [acquired by Cisco](https://blogs.cisco.com/news/blogs-cisco-com-news-cisco-announces-its-intent-to-acquire-cloud-security-software-company)

- [Mandiant](https://www.mandiant.com) | [LinkedIn](https://www.linkedin.com/company/mandiant/) | [Crunchbase](https://www.crunchbase.com/organization/mandiant) --> [acquired by Google](https://cloud.google.com/blog/products/identity-security/google-completes-acquisition-of-mandiant)

- [Raftt](https://www.raftt.io/) | [LinkedIn](https://www.linkedin.com/company/raftt/) | [Crunchbase](https://www.crunchbase.com/organization/raftt) --> [acquired by Wiz](https://www.wiz.io/blog/wiz-acquires-raftt)

- [Robust Intelligence](https://www.robustintelligence.com/) | [LinkedIn](https://www.linkedin.com/company/robust-intelligence/) | [Crunchbase](https://www.crunchbase.com/organization/robust-intelligence) --> [acquired by Cisco](https://www.linkedin.com/company/robust-intelligence/)

- Sinefa | [LinkedIn](https://www.linkedin.com/company/sinefa/) | [Crunchbase](https://www.crunchbase.com/organization/sinefa) --> [acquired by Palo Alto Networks](https://www.marketscreener.com/quote/stock/PALO-ALTO-NETWORKS-INC-11067980/news/Palo-Alto-Networks-Inc-completed-the-acquisition-of-Sinefa-Inc-for-27-million-33606776/)

- [Spera](https://www.spera.security/) | [LinkedIn](https://www.linkedin.com/company/spera-security/) | [Crunchbase](https://www.crunchbase.com/organization/spera-fbce) --> [acquired by Okta](https://www.okta.com/blog/2023/12/okta-acquisition-advances-identity-powered-security/)

- [Zycada Networks](https://www.zycada.com/) | [LinkedIn](https://www.linkedin.com/company/zycada-networks/) | [Crunchbase](https://www.crunchbase.com/organization/zycada-networks) --> [acquired by Palo Alto Networks](https://www.linkedin.com/posts/subbuvaradarajan_palo-alto-networks-raises-the-bar-delivering-activity-7191854116598435841-v5Rz/)

### Acquisitions by Vendor

#### Palo Alto Networks

Ordered by date (descending)

- Talon, $825M - Dec 2023

- Dig Security, $350M - Dec 2023

- Zycada Networks, undisclosed - April 2023

- Cider Security, $198M - Dec 2022

- Expanse, $797M - Dec 2020

- Crypsis, $228M - Sept 2020

- Cloudgenix, $403M - April 2020

- Sinefa, $44M - Nov 2020

- Aporeto, $144M - Dec 2019

- Twistlock, $378M - July 2019

- Demisto, $474M - March 2019

- RedLock, $158M - Oct 2018

- Secdo, $83M - April 2018

- Evident.io, $293M - March 2018

- Cyvera, $178M - April 2014

- Bridgecrew, $157M - March 2021

- Aporeto, $144M - Dec 2019

- Lightcyber, $103M - Feb 2017

#### Cisco

- Deep Factor - August 2024

- Isovalent - December 2023 [blog post](https://blogs.cisco.com/news/defining-the-future-of-multicloud-networking-and-security-cisco-announces-intent-to-acquire-isovalent)

- Oort - July 2023 [blog](https://blogs.cisco.com/news/cisco-announces-intent-to-acquire-oort)

- Robust Intelligence - August 2024 [blog post](https://www.crunchbase.com/organization/robust-intelligence)

#### Datadog

includes only security-related acquisitions

Ordered by date (descending)

- Sqreen - February 2021 [press release](https://www.datadoghq.com/about/latest-news/press-releases/datadog-signs-definitive-agreement-to-acquire-sqreen/)

- Seekret - April 2022 [press release](https://www.datadoghq.com/about/latest-news/press-releases/datadog-acquires-seekret-to-make-api-observability-accessible/)

- Hdiv Security - May 2022 [press release](https://investors.datadoghq.com/news-releases/news-release-details/datadog-signs-definitive-agreement-acquire-hdiv-security)

#### Tenable

Ordered by date (descending)

- Ermetic, $265M - Sept 2023

- Bit Discovery, $44.5M - April 2022

- Cymptom, undisclosed - Feb 2022

- Accurics, $160M - Sept 2021

- FlawCheck, undisclosed - Oct 2016

#### Wiz

Ordered by date (descending)

- Gem Security, undisclosed - April 2024

- Rafft, undisclosed - December 2023

## Managed Service Providers

-  [Red Canary](https://redcanary.com/) | [LinkedIn](https://www.linkedin.com/company/redcanary/) | [Crunchbase](https://www.crunchbase.com/organization/red-canary)

## Cloud Platforms

Native security products offered by the major cloud platforms (AWS, GCP, Azure)

- [AWS Shared Responsibility Model](https://aws.amazon.com/compliance/shared-responsibility-model/)

- [GCP Shared responsibilities and shared fate on Google Cloud](https://cloud.google.com/architecture/framework/security/shared-responsibility-shared-fate)

- [Azure Shared Responsibility in the cloud](https://learn.microsoft.com/en-us/azure/security/fundamentals/shared-responsibility)

- [DigitalOcean Shared Responsibliity Model](https://www.digitalocean.com/security/shared-responsibility-model)

### GCP

- [Chronicle Security Operations](https://chronicle.security)

- [Chronicle SOAR](https://cloud.google.com/chronicle/docs/soar/overview-and-introduction/soar-overview)

- [Chronicle SIEM](https://cloud.google.com/chronicle/docs/overview)

### AWS

- [AWS Cloud Security](https://aws.amazon.com/security/)

- [Amazon Detective](https://aws.amazon.com/detective)

- [Amazon GuardDuty](https://aws.amazon.com/guardduty/)

- [Amazon Security Lake](https://aws.amazon.com/security-lake)

- [AWS Artifact](https://aws.amazon.com/artifact/)

- [AWS Audit Manager](https://aws.amazon.com/audit-manager/)

- [AWS Config](https://aws.amazon.com/config)

- [AWS Security Hub](https://aws.amazon.com/security-hub/)

- [AWS Trusted Advisor](https://aws.amazon.com/premiumsupport/technology/trusted-advisor/)

### Azure / Microsoft

- [Azure Security](https://azure.microsoft.com/en-us/explore/security)

- [Azure Policy](https://azure.microsoft.com/en-us/products/azure-policy/)

- [Microsoft Compliance](https://learn.microsoft.com/en-us/compliance/)

- [Microsoft Defender for Cloud](https://azure.microsoft.com/en-us/products/defender-for-cloud/)

- [Microsoft Sentinel](https://www.microsoft.com/de-de/security/business/siem-and-xdr/microsoft-sentinel)

# Open Source Projects

- [Altimeter](https://github.com/tableau/altimeter)

- [AWS Firewall Factory](https://github.com/globaldatanet/aws-firewall-factory)

- [BloodHound](https://github.com/BloodHoundAD/BloodHound)

- [Cartography](https://github.com/lyft/cartography)

- [Chainloop](https://github.com/chainloop-dev/chainloop)

- [Checkov](https://github.com/bridgecrewio/checkov)

- [Cilium](https://github.com/cilium/)

- [Cloudbeat](https://github.com/elastic/cloudbeat)

- [Cloudquery](https://github.com/cloudquery/cloudquery)

- [CloudSploit](https://github.com/aquasecurity/cloudsploit)

- [DefectDojo](https://github.com/DefectDojo/django-DefectDojo)

- [Falco](https://github.com/falcosecurity/falco)

- [Fix Inventory](https://github.com/someengineering/fixinventory)

- [Gapps](https://github.com/bmarsh9/gapps)

- [Greenbone OpenVAS Scanner](https://github.com/greenbone/openvas-scanner)

- [KubeArmor](https://github.com/kubearmor/KubeArmor)

- [KubeScape](https://github.com/kubescape/kubescape)

- [Magpie](https://github.com/openraven/magpie)

- [Prowler](https://github.com/prowler-cloud/prowler)

- [S3Scanner](https://github.com/sa7mon/S3Scanner)

- [Sadcloud](https://github.com/nccgroup/sadcloud)

- [ScoutSuite](https://github.com/nccgroup/ScoutSuite)

- [Steampipe](https://github.com/turbot/steampipe)

- [tfsec](https://github.com/aquasecurity/tfsec)

- [ThreatMapper](https://github.com/deepfence/threatmapper)

- [trivy](https://github.com/aquasecurity/trivy)

- [Wazuh](https://github.com/wazuh/wazuh)

- [ZeusCloud](https://github.com/Zeus-Labs/ZeusCloud)

# Security Categories / Glossary

- AI-SPM - AI Security Posture Management

- ASPM - Application Security Posture Management

- CAASM - Cyber Asset Attack Surface Management

- CASB - Cloud Access Security Brokers

- CCO - Corporate Compliance and Oversight

- CDR - Cloud Detection and Response

- CIEM - Cloud Infrastructure Entitlement Management

- CNAPP - Cloud-native Application Protection Platform

- CSPM - Cloud Security Posture Management

- CWPP - Cloud Workload Protection Platform

- CTEM - Continuous Threat Exposure Management 

- DSPM - Data Security Posture Management

- EDR - Endpoint Detection and Response 

- GRC - Governance, Risk and Compliance

- IGA - Identity Governance Administration

- ITDR - Identity Threat Detection and Response

- KSPM - Kubernetes Security Posture Management

- MDR - Managed Detection and Response

- PAM - Privileged Access Management

- SIEM - Security Information and Event Management

- SOAR - Security Orchestration, Automation and Response

- SOC - Security Operations Center

- XDR - Extended Detection and Response

- XSIAM - Extended Security Intelligence and Automation Management

# Security Resources

- Nextdoor CSPM Evaluation Matrix [GitHub](https://github.com/Nextdoor/cspm_evaluation_matrix)

- Simple CSPM - GCP CSPM using Google Sheets [GitHub](https://github.com/somethingnew2-0/SimpleCSPM)

- Prisma Cloud Channel Resource [GitHub](https://github.com/PaloAltoNetworks/prisma_channel_resources#prisma-cloud-channel-resources)

- What is eBPF? [eBPF Docs](https://ebpf.io/what-is-ebpf/)

- Building a Security Graph Application on Amazon Neptune [GitHub](https://github.com/aws/graph-notebook/blob/main/src/graph_notebook/notebooks/03-Sample-Applications/04-Security-Graphs/01-Building-a-Security-Graph-Application-with-openCypher.ipynb)

# Security Newsletters

- [CloudSecList](https://cloudseclist.com) by [Marco Lancini](https://www.linkedin.com/in/marcolancini/)

- [Frankly Speaking](https://franklyspeaking.substack.com) by [Frank Wang](https://www.linkedin.com/in/frankw1/)

- [Securing the Cloud](https://www.linkedin.com/newsletters/securing-the-cloud-7085768785009274880/) by [Brandon Carroll](https://www.linkedin.com/in/brandoncarroll/)

- [tl;dr sec](https://tldrsec.com) by [Clint Gibler](https://www.linkedin.com/in/clintgibler/)

- [Venture in Security](https://ventureinsecurity.net) by [Ross Haleliuk](https://www.linkedin.com/in/rosshaleliuk/)

# Security Podcasts

- [Brakeing Down Security](https://brakeingsecurity.com)

- [CISO Tradecraft](https://cisotradecraft.com)

- [CyberWire Daily](https://thecyberwire.com/podcasts/daily-podcast)

- [Darknet Diaries](https://darknetdiaries.com)

- [Google Cloud Security Podcast](https://cloud.withgoogle.com/cloudsecurity/podcast/)

- [Hacking Humans](https://thecyberwire.com/podcasts/hacking-humans)

- [Malicious Life](https://malicious.life/)

- [Risky Business](https://risky.biz/)

- [Security Now](https://twit.tv/shows/security-now)

- [Smashing Security](https://smashingsecurity.com)

- [Privacy, Security, & OSINT Show](https://inteltechniques.com/podcast.html)

- [Social-Engineer Podcast](https://www.social-engineer.org/category/podcast/)

- [Unsupervised Learning](https://omny.fm/shows/unsupervised-learning)

  

# Security Frameworks

- [CIS Benchmarks List](https://www.cisecurity.org/cis-benchmarks)

- [CIS AWS Benchmarks](https://www.cisecurity.org/benchmark/amazon_web_services)

- [CIS Google Cloud Computing Platform Benchmarks](https://www.cisecurity.org/benchmark/google_cloud_computing_platform)

- [CIS Microsoft Azure Benchmarks](https://www.cisecurity.org/benchmark/azure)

- [CIS Oracle Cloud Benchmark](/www.cisecurity.org/benchmark/oracle_cloud)

- [ISO 27001](https://www.iso.org/standard/27001)/[27002](https://www.iso.org/standard/75652.html)

- [NIST Security and Privacy Controls for Information Systems and Organizations](https://csrc.nist.gov/pubs/sp/800/53/r5/upd1/final)

- [NIS 2](https://digital-strategy.ec.europa.eu/en/policies/nis2-directive)

- [System and Organization Controls (SOC)](https://www.aicpa-cima.com/resources/landing/system-and-organization-controls-soc-suite-of-services)

# Cyber Insurance

- [Anzen](https://www.anzen.com/) | [LinkedIn](https://www.linkedin.com/company/goanzen/)

# Conferences

## Community

- [Chaos Communication Congress](https://events.ccc.de/en/congress/)

- [DEF CON](https://www.defcon.org/)

- [GrrCon](https://grrcon.com/)

- [Hackers on Planet Earth (HOPE)](https://hope.net/)

- [HushCon](https://hushcon.com/)

- [Nullcon](https://nullcon.net/)

- [OWASP](https://owasp.org/)

- [Security BSides](https://bsides.org/)

- [ShmooCon](https://shmoocon.org/)

- [THOTCON](https://thotcon.org/)

- [ToorCon](https://toorcon.net/)

- [Wild West Hackin' Fest](https://www.wildwesthackinfest.com/)

## Industry

- [AWS re:Invent](https://reinvent.awsevents.com/)

- [Billington Cybersecurity Summit](https://billingtoncybersummit.com/)

- [Black Hat](https://www.blackhat.com/)

- [Cyber Security & Cloud Expo](https://www.cybersecuritycloudexpo.com/)

- [Cybersec Europe](https://www.cyberseceurope.com/)

- [Cybersecurity Summit](https://cybersecuritysumm.it/)

- [CyberTech Global](https://www.cybertechconference.com/)

- [Deutscher IT Security Congress](https://www.pco-online.de/kongress2024)

- [fwd:cloudsec](https://fwdcloudsec.org)

- [FS-ISAC Summit](https://www.fsisac.com/events)

- [Gartner Security & Risk Management Summit](https://www.gartner.com/en/conferences/hub/security-conferences)

- [Infosecurity Europe](https://www.infosecurityeurope.com/)

- [Interop Tokyo](https://www.interop.jp/)

- [IOT Solutions World Congress](https://www.iotsworldcongress.com/)

- [ISACA North America Conference](https://www.isaca.org/training-and-events/conferences/isaca-north-america-conference)

- [it-sa](https://www.itsa365.de/en/it-sa-expo-congress/exhibition-info)

- [RSA Conference](https://www.rsaconference.com/)

- [SANS Cyber Threat Intelligence Summit](https://www.sans.org/event)

- [Sector](https://www.blackhat.com/sector/)